cohortflow.com Open in urlscan Pro
3.226.231.47  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set confirmation Show response cohortflow.com/	6 KB 7 KB	477ms 174ms	Document text/html	3.226.231.47 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://cohortflow.com/confirmation Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.226.231.47 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-226-231-47.compute-1.amazonaws.com Software Cowboy / Resource Hash 62ef662fa591ca19d1c38ab95873183473c85387294d364e2b2a00b26cd337c7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Host cohortflow.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Server Cowboy Date Wed, 27 Jan 2021 20:38:40 GMT Connection keep-alive X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block X-Content-Type-Options nosniff X-Download-Options noopen X-Permitted-Cross-Domain-Policies none Referrer-Policy strict-origin-when-cross-origin Content-Type text/html; charset=utf-8 Etag W/"62ef662fa591ca19d1c38ab958731834" Cache-Control max-age=0, private, must-revalidate Set-Cookie __cohortpay_stat_session=yokwo9kssamen8gmzpalltpb97nay4; domain=.cohortflow.com; path=/; expires=Mon, 27 Jan 2031 20:38:40 GMT; secure _cohortflow_session=UjQzMUxpVTBORnQ0QU9ZMU9reGozQWlUdFBINzkzT3BxV25Ga0IyZHhrRVVGL1FyRUYzSVRqUE16MG5NOHJkOVdQM3JsWGtFWm5VaEhGT0w0T1BVM2h5dU1ITWRoNWE5S3VKMlM2WVJMbENrYkNhc1lWdnFFOWZGc0diRjEveThVOWFtMkQzR21RYlVvOXl6SklRSnRRPT0tLXR4cVlFQTZZbS9tU0g2Y0VJRXpyblE9PQ%3D%3D--d06ff8b11f26e3ef456994bf6279ec215a0472d1; path=/; secure; HttpOnly X-Request-Id 5d8dbb26-b117-4058-9511-7645d92381ee X-Runtime 0.036485 Strict-Transport-Security max-age=31536000; includeSubDomains Transfer-Encoding chunked Via 1.1 vegur
GET H2	200	active_admin-e5236ef9283b9081d7ee8eabe9bf7182f662a9d69deed6e919c366696a881276.css d3bhp4rs4jekp7.cloudfront.net/assets/	135 KB 25 KB	202ms 85ms	Stylesheet text/css	65.9.67.82 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3bhp4rs4jekp7.cloudfront.net/assets/active_admin-e5236ef9283b9081d7ee8eabe9bf7182f662a9d69deed6e919c366696a881276.css Requested by Host: cohortflow.com URL: https://cohortflow.com/confirmation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.67.82 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Cowboy / Resource Hash e5236ef9283b9081d7ee8eabe9bf7182f662a9d69deed6e919c366696a881276 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://cohortflow.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 28 Dec 2020 10:13:25 GMT content-encoding gzip last-modified Fri, 11 Sep 2020 05:49:43 GMT server Cowboy age 2629516 vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains content-type text/css via 1.1 vegur, 1.1 6b38a2e1db230db568190464ab7177db.cloudfront.net (CloudFront) cache-control public, max-age=31536000 x-cache Hit from cloudfront x-amz-cf-pop FRA56-C1 content-length 25482 x-amz-cf-id hfDtBmyFdPMaidduzVQJRgQ-FmAHKGg5laF2gaMKys1gFGVSR5qyGA==
GET H2	200	active_admin-02c0a303d58b2dcbca73fb4b24ea324e242f524e9451429f3239fa48558def3f.js Show response d3bhp4rs4jekp7.cloudfront.net/assets/	130 KB 44 KB	239ms 122ms	Script application/javascript	65.9.67.82 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3bhp4rs4jekp7.cloudfront.net/assets/active_admin-02c0a303d58b2dcbca73fb4b24ea324e242f524e9451429f3239fa48558def3f.js Requested by Host: cohortflow.com URL: https://cohortflow.com/confirmation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.67.82 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Cowboy / Resource Hash 02c0a303d58b2dcbca73fb4b24ea324e242f524e9451429f3239fa48558def3f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://cohortflow.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 18 Jan 2021 11:01:06 GMT content-encoding gzip last-modified Thu, 20 Aug 2020 05:34:02 GMT server Cowboy age 812254 vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript via 1.1 vegur, 1.1 6b38a2e1db230db568190464ab7177db.cloudfront.net (CloudFront) cache-control public, max-age=31536000 x-cache Hit from cloudfront x-amz-cf-pop FRA56-C1 content-length 44839 x-amz-cf-id 20TiPnOv3308Q5gF2W33_-Rqdi9EA3U57fOAhigs5za58d0yV3LYaw==
GET H2	200	logo-07dd0c9802619a7642b6acb9ca2ff9454b1464bb88db0f34fb26fb5dec4f6468.png d3bhp4rs4jekp7.cloudfront.net/assets/	18 KB 18 KB	76ms 76ms	Image image/png	65.9.67.82 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d3bhp4rs4jekp7.cloudfront.net/assets/logo-07dd0c9802619a7642b6acb9ca2ff9454b1464bb88db0f34fb26fb5dec4f6468.png Requested by Host: cohortflow.com URL: https://cohortflow.com/confirmation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.67.82 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Cowboy / Resource Hash 07dd0c9802619a7642b6acb9ca2ff9454b1464bb88db0f34fb26fb5dec4f6468 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://cohortflow.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 18 Jan 2021 11:00:35 GMT via 1.1 vegur, 1.1 6b38a2e1db230db568190464ab7177db.cloudfront.net (CloudFront) last-modified Thu, 20 Aug 2020 05:28:31 GMT server Cowboy age 812286 strict-transport-security max-age=31536000; includeSubDomains x-cache Hit from cloudfront content-type image/png cache-control public, max-age=31536000 x-amz-cf-pop FRA56-C1 content-length 18002 x-amz-cf-id GyHNAQX-Og5Ev85TwPtL1FddZr2v-UYqVq0uuzZuHTPfIllja5N74A==
GET H/1.1	200 OK	stat.js Show response stat.cohortpay.com/	6 KB 6 KB	549ms 114ms	Script application/javascript	54.235.153.201 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://stat.cohortpay.com/stat.js Requested by Host: cohortflow.com URL: https://cohortflow.com/confirmation Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.235.153.201 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-235-153-201.compute-1.amazonaws.com Software Cowboy / Resource Hash e19f9de8a5fa94047208b7cf368edc101cf0a4d1988d6f9a6af75449696d3604 Request headers Referer https://cohortflow.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 27 Jan 2021 20:38:41 GMT Via 1.1 vegur Last-Modified Thu, 25 Apr 2019 22:15:24 GMT Server Cowboy Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 5649
GET H2	200	gtm.js Show response www.googletagmanager.com/	124 KB 36 KB	47ms 46ms	Script application/javascript	2a00:1450:4001:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-K3WS4TB Requested by Host: cohortflow.com URL: https://cohortflow.com/confirmation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 98dd04a9fa9a21268c52ef80154d575f64e9ff8fee7aa2e6f6930023b2ffb5cb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://cohortflow.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 27 Jan 2021 20:38:41 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36425 x-xss-protection 0 last-modified Wed, 27 Jan 2021 18:29:35 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 27 Jan 2021 20:38:41 GMT
GET H2	200	bold-3c231ff38be8cd1024415218d266ed15a06355ad7f0cea3a1b34b371f7e079b4.woff2 d3bhp4rs4jekp7.cloudfront.net/assets/bold/	30 KB 30 KB	201ms 76ms	Font application/font-woff2	65.9.67.82 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3bhp4rs4jekp7.cloudfront.net/assets/bold/bold-3c231ff38be8cd1024415218d266ed15a06355ad7f0cea3a1b34b371f7e079b4.woff2 Requested by Host: d3bhp4rs4jekp7.cloudfront.net URL: https://d3bhp4rs4jekp7.cloudfront.net/assets/active_admin-e5236ef9283b9081d7ee8eabe9bf7182f662a9d69deed6e919c366696a881276.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.67.82 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Cowboy / Resource Hash 3c231ff38be8cd1024415218d266ed15a06355ad7f0cea3a1b34b371f7e079b4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Origin https://cohortflow.com Referer https://d3bhp4rs4jekp7.cloudfront.net/assets/active_admin-e5236ef9283b9081d7ee8eabe9bf7182f662a9d69deed6e919c366696a881276.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 26 Jan 2021 12:47:43 GMT via 1.1 vegur, 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront) last-modified Thu, 20 Aug 2020 05:28:31 GMT server Cowboy age 114657 strict-transport-security max-age=31536000; includeSubDomains x-cache Hit from cloudfront content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 x-amz-cf-pop FRA56-C1 content-length 30228 x-amz-cf-id bxumW8llt9YkouM4e9ezQv9NvE0rLtO0NGh1XiLJZhpYPGQ4r3e1Dw==
GET H2	200	regular-03ed9a483c6b95d23d715c8133e6ce5edba2615cf4869e21b5f977e171c43c0a.woff2 d3bhp4rs4jekp7.cloudfront.net/assets/regular/	30 KB 30 KB	201ms 76ms	Font application/font-woff2	65.9.67.82 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3bhp4rs4jekp7.cloudfront.net/assets/regular/regular-03ed9a483c6b95d23d715c8133e6ce5edba2615cf4869e21b5f977e171c43c0a.woff2 Requested by Host: d3bhp4rs4jekp7.cloudfront.net URL: https://d3bhp4rs4jekp7.cloudfront.net/assets/active_admin-e5236ef9283b9081d7ee8eabe9bf7182f662a9d69deed6e919c366696a881276.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.67.82 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Cowboy / Resource Hash 03ed9a483c6b95d23d715c8133e6ce5edba2615cf4869e21b5f977e171c43c0a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Origin https://cohortflow.com Referer https://d3bhp4rs4jekp7.cloudfront.net/assets/active_admin-e5236ef9283b9081d7ee8eabe9bf7182f662a9d69deed6e919c366696a881276.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 28 Dec 2020 10:13:25 GMT via 1.1 vegur, 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront) last-modified Thu, 20 Aug 2020 05:28:31 GMT server Cowboy age 2629515 strict-transport-security max-age=31536000; includeSubDomains x-cache Hit from cloudfront content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 x-amz-cf-pop FRA56-C1 content-length 30308 x-amz-cf-id CrL8Xa_JLhohVY5oT0xUT_zLQOEmar1ExQuio6i4tzWqg5P1A_yYfA==
GET H2	200	analytics.js Show response www.google-analytics.com/	46 KB 18 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:824::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-K3WS4TB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://cohortflow.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 23 Oct 2020 03:00:57 GMT server Golfe2 age 5077 date Wed, 27 Jan 2021 19:14:04 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18817 expires Wed, 27 Jan 2021 21:14:04 GMT
POST H3-Q050	200	collect Show response www.google-analytics.com/j/	1 B 386 B	68ms 13ms	XHR text/plain	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j87&a=523749740&t=pageview&_s=1&dl=https%3A%2F%2Fcohortflow.com%2Fconfirmation&ul=en-us&de=UTF-8&dt=Cohortflow&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=169328568&gjid=1380876174&cid=1836219573.1611779921&tid=UA-36259555-7&_gid=1147909099.1611779921&_r=1&gtm=2wg1k0K3WS4TB&z=230917982 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://cohortflow.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 27 Jan 2021 20:38:41 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://cohortflow.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	stat Show response stat.cohortpay.com/	2 B 164 B	471ms 470ms	Script text/javascript	54.235.153.201 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://stat.cohortpay.com/stat?s=yokwo9kssamen8gmzpalltpb97nay4&r=&_=1611779921761&d= Requested by Host: stat.cohortpay.com URL: https://stat.cohortpay.com/stat.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.235.153.201 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-235-153-201.compute-1.amazonaws.com Software Cowboy / Resource Hash 9a271f2a916b0b6ee6cecb2426f0b3206ef074578be55d9bc94f6f3fe3ab86aa Request headers Referer https://cohortflow.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 27 Jan 2021 20:38:42 GMT Via 1.1 vegur Server Cowboy Connection keep-alive Content-Length 2 Content-Type text/javascript
GET H2	200	inspectlet.js Show response cdn.inspectlet.com/	208 KB 69 KB	46ms 26ms	Script text/javascript	2606:4700:10::6816:39f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.inspectlet.com/inspectlet.js Requested by Host: cohortflow.com URL: https://cohortflow.com/confirmation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:39f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 38e7e40f686e91d031023a33128bc8688555e601828a1366fb30e14c434c24f6 Request headers Referer https://cohortflow.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers cf-ray 618547621e484a80-FRA date Wed, 27 Jan 2021 20:38:42 GMT via 1.1 vegur cf-cache-status HIT server cloudflare age 10 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript;charset=UTF-8 cache-control s-maxage=60, max-age=14400 content-encoding gzip cf-request-id 07e72af15000004a806d916000000001
POST H/1.1	200 OK	1394195428 Show response hn.inspectlet.com/ginit/	193 B 617 B	462ms 190ms	XHR application/json	3.213.190.117 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://hn.inspectlet.com/ginit/1394195428 Requested by Host: cdn.inspectlet.com URL: https://cdn.inspectlet.com/inspectlet.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.213.190.117 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-213-190-117.compute-1.amazonaws.com Software Cowboy / Express Resource Hash 60654b131e524e032fee72b377078597f3f368ee87479ca18a838f7b164deb84 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://cohortflow.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Wed, 27 Jan 2021 20:38:42 GMT Via 1.1 vegur Server Cowboy X-Powered-By Express Access-Control-Allow-Methods GET, POST Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://cohortflow.com Cache-Control no-cache Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 193
POST H/1.1	200 OK	getfid Show response hn.inspectlet.com/	18 B 380 B	404ms 139ms	XHR application/json	3.213.190.117 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://hn.inspectlet.com/getfid Requested by Host: cdn.inspectlet.com URL: https://cdn.inspectlet.com/inspectlet.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.213.190.117 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-213-190-117.compute-1.amazonaws.com Software Cowboy / Express Resource Hash 5389b398367f0773434e340b255bd46ed2ab7feb084d8f2466a60551b604580d Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://cohortflow.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Wed, 27 Jan 2021 20:38:43 GMT Via 1.1 vegur Server Cowboy X-Powered-By Express Access-Control-Allow-Methods GET, POST Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Cache-Control no-cache Connection keep-alive Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 18
GET H/1.1	200 OK	pdata hn.inspectlet.com/	35 B 215 B	114ms 114ms	Image image/gif	3.213.190.117 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://hn.inspectlet.com/pdata?d=mr,775,undefined,undefined,undefined,undefined)s,775,0,0)&w=1394195428&r=1777266847&sid=1399919440&pad=1&dn=dn&fadd=true&oid=65373283&lpt=0&rrtn=1611779923087 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.213.190.117 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-213-190-117.compute-1.amazonaws.com Software Cowboy / Express Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Referer https://cohortflow.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 27 Jan 2021 20:38:43 GMT Via 1.1 vegur Server Cowboy Cache-Control no-cache X-Powered-By Express Content-Length 35 Connection keep-alive
GET H/1.1	200 OK	fa hn.inspectlet.com/	35 B 215 B	120ms 115ms	Image image/gif	3.213.190.117 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://hn.inspectlet.com/fa?w=1394195428&r=1777266847&farc=1&isfpayload=eyJmb3JtaWQiOjE1NjE2MDUxNTksIm10Ijoic2VlbiIsInYiOjF9&isfnum=1&isftotal=1&rrtn=1611779923195 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.213.190.117 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-213-190-117.compute-1.amazonaws.com Software Cowboy / Express Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Referer https://cohortflow.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 27 Jan 2021 20:38:43 GMT Via 1.1 vegur Server Cowboy Cache-Control no-cache X-Powered-By Express Content-Length 35 Connection keep-alive
GET H/1.1	200 OK	fa hn.inspectlet.com/	35 B 215 B	242ms 121ms	Image image/gif	3.213.190.117 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://hn.inspectlet.com/fa?w=1394195428&r=1777266847&farc=2&isfpayload=W3siZm9ybWlkIjoxNTYxNjA1MTU5LCJtdCI6InNlZW4iLCJpaWQiOiJbXCJpZFwiLFwidXNlcl9lbWFpbFwiXSIsImlwb3MiOjE2LCJ2IjoiMCJ9XQ==&isfnum=1&isftotal=1&rrtn=1611779923196 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.213.190.117 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-213-190-117.compute-1.amazonaws.com Software Cowboy / Express Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Referer https://cohortflow.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 27 Jan 2021 20:38:43 GMT Via 1.1 vegur Server Cowboy Cache-Control no-cache X-Powered-By Express Content-Length 35 Connection keep-alive

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| errorContent function| handleJavacriptLoadError function| clearFormErrors function| applyFormErrors function| addObjectToSelect function| showRemoteAddForm function| $ function| jQuery object| jQuery1124043423984163641083 function| _ object| dataLayer object| cohortpay_stats object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData string| cohortpay_stats_session_id object| __insp number| __inspld undefined| root object| Base64i function| $i function| __insp_ object| __inspcr object| __inspm object| __inspq function| setZeroTimeout object| __inspels object| jQuery1124031997317847114526 string| property

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.cohortflow.com/	1970-01-19 15:42:59	Name: _gat_UA-36259555-7 Value: 1
			.cohortflow.com/	1970-01-19 15:44:26	Name: _gid Value: GA1.2.1147909099.1611779921
			.cohortflow.com/	1970-01-20 09:14:11	Name: _ga Value: GA1.2.1836219573.1611779921
			cohortflow.com/	1970-01-23 07:19:03	Name: __cohortpay_stat_m Value:
			cohortflow.com/	1969-12-31 23:59:59	Name: _cohortflow_session Value: UjQzMUxpVTBORnQ0QU9ZMU9reGozQWlUdFBINzkzT3BxV25Ga0IyZHhrRVVGL1FyRUYzSVRqUE16MG5NOHJkOVdQM3JsWGtFWm5VaEhGT0w0T1BVM2h5dU1ITWRoNWE5S3VKMlM2WVJMbENrYkNhc1lWdnFFOWZGc0diRjEveThVOWFtMkQzR21RYlVvOXl6SklRSnRRPT0tLXR4cVlFQTZZbS9tU0g2Y0VJRXpyblE9PQ%3D%3D--d06ff8b11f26e3ef456994bf6279ec215a0472d1
			.cohortflow.com/	1970-01-23 07:21:52	Name: __cohortpay_stat_session Value: yokwo9kssamen8gmzpalltpb97nay4

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.inspectlet.com
cohortflow.com
d3bhp4rs4jekp7.cloudfront.net
hn.inspectlet.com
stat.cohortpay.com
www.google-analytics.com
www.googletagmanager.com
2606:4700:10::6816:39f5
2a00:1450:4001:80e::2008
2a00:1450:4001:824::200e
2a00:1450:4001:827::200e
3.213.190.117
3.226.231.47
54.235.153.201
65.9.67.82
02c0a303d58b2dcbca73fb4b24ea324e242f524e9451429f3239fa48558def3f
03ed9a483c6b95d23d715c8133e6ce5edba2615cf4869e21b5f977e171c43c0a
07dd0c9802619a7642b6acb9ca2ff9454b1464bb88db0f34fb26fb5dec4f6468
38e7e40f686e91d031023a33128bc8688555e601828a1366fb30e14c434c24f6
3c231ff38be8cd1024415218d266ed15a06355ad7f0cea3a1b34b371f7e079b4
5389b398367f0773434e340b255bd46ed2ab7feb084d8f2466a60551b604580d
60654b131e524e032fee72b377078597f3f368ee87479ca18a838f7b164deb84
62ef662fa591ca19d1c38ab95873183473c85387294d364e2b2a00b26cd337c7
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
98dd04a9fa9a21268c52ef80154d575f64e9ff8fee7aa2e6f6930023b2ffb5cb
9a271f2a916b0b6ee6cecb2426f0b3206ef074578be55d9bc94f6f3fe3ab86aa
e19f9de8a5fa94047208b7cf368edc101cf0a4d1988d6f9a6af75449696d3604
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e5236ef9283b9081d7ee8eabe9bf7182f662a9d69deed6e919c366696a881276