onboarding.hotshot.co Open in urlscan Pro
2a05:d014:275:cb01::c8  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response onboarding.hotshot.co/	31 KB 7 KB	163ms 9ms	Document text/html	2a05:d014:275:cb01::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://onboarding.hotshot.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb01::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash ad8525db37b2a7efd5ab64ec841597fbeb56b94f037ade250d878268587280b2 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes age 16823 cache-control public,max-age=0,must-revalidate cache-status "Netlify Edge"; hit content-encoding br content-length 6942 content-type text/html; charset=UTF-8 date Sun, 19 May 2024 20:42:43 GMT etag "84571aa26a684922fca9314e142ab7f7-ssl-df" server Netlify strict-transport-security max-age=31536000 vary Accept-Encoding x-nf-request-id 01HY99F9W3FR72XSS1J1V03DKY
GET H2	200	css2 fonts.googleapis.com/	11 KB 993 B	39ms 15ms	Stylesheet text/css	2a00:1450:4001:81c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Figtree:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap Requested by Host: onboarding.hotshot.co URL: https://onboarding.hotshot.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 5fdd14331e3f57b5806db46d871b0cd573d773833faf0021fa9332aeecd67ef0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://onboarding.hotshot.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Sun, 19 May 2024 20:42:43 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 19 May 2024 18:58:25 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 19 May 2024 20:42:43 GMT
GET H3	200	roboto-mono fonts.cdnfonts.com/css/	2 KB 742 B	54ms 26ms	Stylesheet text/css	172.67.184.158 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fonts.cdnfonts.com/css/roboto-mono Requested by Host: onboarding.hotshot.co URL: https://onboarding.hotshot.co/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.184.158 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a482660d45590969c223c64c654c9c3cac63f1fee4bdf1b5ca9bd425a6f14ded Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://onboarding.hotshot.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 19 May 2024 20:42:43 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 7252 cf-polished origSize=2482 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Sun, 19 May 2024 18:41:51 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LjZkh3NwTCUH5vvBfUkySaapqUDpjYOyB6EDtnXpTUPzXi6ETWxwMtfZkI0DaKsJI0W11pZuLEvguXYntXPwXu0h8nwgfi4RwLv5%2Bfg0qIzs2YSSGdJFS02BRHsiOI5PRiiWMdA%3D"}],"group":"cf-nel","max_age":604800} content-type text/css;charset=UTF-8 access-control-allow-origin * cache-control max-age=2678400 cf-ray 8866ea45ee9d9a33-FRA
GET H2	200	intro.CdPd4JuZ.css onboarding.hotshot.co/_astro/	76 KB 10 KB	119ms 118ms	Stylesheet text/css	2a05:d014:275:cb01::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://onboarding.hotshot.co/_astro/intro.CdPd4JuZ.css Requested by Host: onboarding.hotshot.co URL: https://onboarding.hotshot.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb01::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash b08da4ae187b6db43653553a60236638e2370c50ccadcb6ec3ae1060d89e1040 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://onboarding.hotshot.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01HY99F9WNY0SYAXDDBTR1GBEE date Sun, 19 May 2024 20:42:43 GMT content-encoding br strict-transport-security max-age=31536000 server Netlify age 0 cache-status "Netlify Edge"; fwd=miss etag "769ea61ac353b69981d5584c17591c3c-ssl-df" vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public,max-age=31536000,immutable accept-ranges bytes
GET H2	200	hoisted.2Usf3jdp.js Show response onboarding.hotshot.co/_astro/	300 B 413 B	121ms 121ms	Script application/javascript	2a05:d014:275:cb01::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://onboarding.hotshot.co/_astro/hoisted.2Usf3jdp.js Requested by Host: onboarding.hotshot.co URL: https://onboarding.hotshot.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb01::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash c78874cb758ae9a61d3aca821d990e5e311bb6b22d251ab8271ebb62299c4aa6 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://onboarding.hotshot.co/ Origin https://onboarding.hotshot.co Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01HY99F9WNQ09C2AW68FGPM9Z0 date Sun, 19 May 2024 20:42:43 GMT strict-transport-security max-age=31536000 server Netlify age 0 cache-status "Netlify Edge"; fwd=miss etag "3ff05551137553103a3255a17f27fdf9-ssl" content-type application/javascript; charset=UTF-8 cache-control public,max-age=31536000,immutable accept-ranges bytes content-length 300
GET H2	200	logo.ClwdIwTi.svg onboarding.hotshot.co/_astro/	4 KB 888 B	171ms 170ms	Image image/svg+xml	2a05:d014:275:cb01::c8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://onboarding.hotshot.co/_astro/logo.ClwdIwTi.svg Requested by Host: onboarding.hotshot.co URL: https://onboarding.hotshot.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb01::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash ebd4dae5199201d1e5fad5a3870953e90600692aeec74282756e4e0def1d5de7 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://onboarding.hotshot.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01HY99F9WNX7G604PB9Y7Z5HGX date Sun, 19 May 2024 20:42:43 GMT content-encoding br strict-transport-security max-age=31536000 server Netlify age 0 cache-status "Netlify Edge"; fwd=miss etag "22d2b773a9c16680d430a5635817dad4-ssl-df" vary Accept-Encoding content-type image/svg+xml cache-control public,max-age=31536000,immutable accept-ranges bytes
GET H2	200	array.js Show response us.i.posthog.com/static/	128 KB 45 KB	419ms 211ms	Script text/javascript	34.206.99.183 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://us.i.posthog.com/static/array.js Requested by Host: onboarding.hotshot.co URL: https://onboarding.hotshot.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.206.99.183 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-206-99-183.compute-1.amazonaws.com Software envoy / Resource Hash 19ff077874b358d6f011c951d1c0dd5cff3a7aed8a993341ac469cfe59861e2a Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://onboarding.hotshot.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 19 May 2024 20:42:43 GMT content-encoding gzip x-content-type-options nosniff referrer-policy same-origin last-modified Sun, 19 May 2024 11:40:29 GMT server envoy cross-origin-opener-policy same-origin x-frame-options SAMEORIGIN vary Cookie, Accept-Encoding content-type text/javascript; charset="utf-8" access-control-allow-origin * cache-control max-age=60, public x-envoy-upstream-service-time 25
GET H2	200	gtm.js Show response www.googletagmanager.com/	237 KB 85 KB	89ms 59ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-TSB3GH3M Requested by Host: onboarding.hotshot.co URL: https://onboarding.hotshot.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ca0f15a333165c7afab64ae216b3e3f124bb6e9b47219d229ab559f2b3a6dcb9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://onboarding.hotshot.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 19 May 2024 20:42:43 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 86742 x-xss-protection 0 last-modified Sun, 19 May 2024 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 19 May 2024 20:42:43 GMT
GET H2	206	bear.webm onboarding.hotshot.co/videos/	74 KB 74 KB	221ms 220ms	Media video/webm	2a05:d014:275:cb01::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://onboarding.hotshot.co/videos/bear.webm Requested by Host: onboarding.hotshot.co URL: https://onboarding.hotshot.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb01::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 1d7c2e30d8cb7fc142ec27bb9e1083beb00e8e498a720e04287cefaadde0fbc7 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept-Encoding identity;q=1, *;q=0 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Referer https://onboarding.hotshot.co/ Range bytes=0- sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01HY99F9YHDCX36TXPRV29Y7JD date Sun, 19 May 2024 20:42:43 GMT strict-transport-security max-age=31536000 server Netlify age 0 cache-status "Netlify Edge"; fwd=miss etag "760b06b7645ee267d9572873cf255828-ssl" content-type video/webm Content-Range bytes 0-75434/75435 cache-control public,max-age=0,must-revalidate accept-ranges bytes Content-Length 75435
GET H2	206	brownie.webm onboarding.hotshot.co/videos/	31 KB 31 KB	169ms 169ms	Media video/webm	2a05:d014:275:cb01::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://onboarding.hotshot.co/videos/brownie.webm Requested by Host: onboarding.hotshot.co URL: https://onboarding.hotshot.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb01::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 8f4827428ccbf543bc2239ab4212fdcbd85f70bef0e9c6124d78fa8f0949df31 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept-Encoding identity;q=1, *;q=0 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Referer https://onboarding.hotshot.co/ Range bytes=0- sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01HY99F9YH5PYT6KP6KQNH62ZS date Sun, 19 May 2024 20:42:43 GMT strict-transport-security max-age=31536000 server Netlify age 0 cache-status "Netlify Edge"; fwd=miss etag "3d85a448046e3963ad744edcdc2b6b8a-ssl" content-type video/webm Content-Range bytes 0-31762/31763 cache-control public,max-age=0,must-revalidate accept-ranges bytes Content-Length 31763
GET H2	206	lamb.webm onboarding.hotshot.co/videos/	53 KB 53 KB	187ms 186ms	Media video/webm	2a05:d014:275:cb01::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://onboarding.hotshot.co/videos/lamb.webm Requested by Host: onboarding.hotshot.co URL: https://onboarding.hotshot.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb01::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 2934a6af58da7d7f57d5ff6e8f70fb748c81135549bf4feb8644317fe3e86c38 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept-Encoding identity;q=1, *;q=0 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Referer https://onboarding.hotshot.co/ Range bytes=0- sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01HY99F9YHVB6KR7BXXV94Y36K date Sun, 19 May 2024 20:42:43 GMT strict-transport-security max-age=31536000 server Netlify age 0 cache-status "Netlify Edge"; fwd=miss etag "653de71759174dcbf4b085d298e69104-ssl" content-type video/webm Content-Range bytes 0-54408/54409 cache-control public,max-age=0,must-revalidate accept-ranges bytes Content-Length 54409
GET H2	206	dragon.webm onboarding.hotshot.co/videos/	16 KB 16 KB	168ms 168ms	Media video/webm	2a05:d014:275:cb01::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://onboarding.hotshot.co/videos/dragon.webm Requested by Host: onboarding.hotshot.co URL: https://onboarding.hotshot.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb01::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 476459b8a14f81bf30e3759a67b199564a7e36f33f79812a83ec5a8feaae4a63 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept-Encoding identity;q=1, *;q=0 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Referer https://onboarding.hotshot.co/ Range bytes=0- sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01HY99F9YJQAVP6TJBT9VY4TYH date Sun, 19 May 2024 20:42:43 GMT strict-transport-security max-age=31536000 server Netlify age 0 cache-status "Netlify Edge"; fwd=miss etag "a4bae9c4a21e8e1bd31538e8b50d4813-ssl" content-type video/webm Content-Range bytes 0-16550/16551 cache-control public,max-age=0,must-revalidate accept-ranges bytes Content-Length 16551
GET H2	206	scenery.webm onboarding.hotshot.co/videos/	33 KB 34 KB	179ms 178ms	Media video/webm	2a05:d014:275:cb01::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://onboarding.hotshot.co/videos/scenery.webm Requested by Host: onboarding.hotshot.co URL: https://onboarding.hotshot.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb01::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash eeac773bd695913030a69c0dd12a62cff82cf96bfead605bc081ee7ff8c87d49 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept-Encoding identity;q=1, *;q=0 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Referer https://onboarding.hotshot.co/ Range bytes=0- sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01HY99F9YJYAKGHZNZF0E545T9 date Sun, 19 May 2024 20:42:43 GMT strict-transport-security max-age=31536000 server Netlify age 0 cache-status "Netlify Edge"; fwd=miss etag "4f094c754a165381612de2c54eea2fd3-ssl" content-type video/webm Content-Range bytes 0-34183/34184 cache-control public,max-age=0,must-revalidate accept-ranges bytes Content-Length 34184
GET H2	206	babyshark.webm onboarding.hotshot.co/videos/	77 KB 77 KB	117ms 116ms	Media video/webm	2a05:d014:275:cb01::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://onboarding.hotshot.co/videos/babyshark.webm Requested by Host: onboarding.hotshot.co URL: https://onboarding.hotshot.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb01::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 10dc94322698bebd752006ad4d01347418ac76ed4c73e03d691305ebb38746e3 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept-Encoding identity;q=1, *;q=0 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Referer https://onboarding.hotshot.co/ Range bytes=0- sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01HY99F9YK91CNS26CRM32FCGE date Sun, 19 May 2024 20:42:43 GMT strict-transport-security max-age=31536000 server Netlify age 0 cache-status "Netlify Edge"; fwd=miss etag "3c6e2068a259a6b524692df701e408d5-ssl" content-type video/webm Content-Range bytes 0-79137/79138 cache-control public,max-age=0,must-revalidate accept-ranges bytes Content-Length 79138
GET H2	206	completed.webm onboarding.hotshot.co/videos/	87 KB 87 KB	125ms 125ms	Media video/webm	2a05:d014:275:cb01::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://onboarding.hotshot.co/videos/completed.webm Requested by Host: onboarding.hotshot.co URL: https://onboarding.hotshot.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb01::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash ea16368b1830cd26147bf8d3ac52375f532a84f12f1da2e546397fc037b9472e Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept-Encoding identity;q=1, *;q=0 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Referer https://onboarding.hotshot.co/ Range bytes=0- sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01HY99F9YKPQEGE061BDQ88B63 date Sun, 19 May 2024 20:42:43 GMT strict-transport-security max-age=31536000 server Netlify age 0 cache-status "Netlify Edge"; fwd=miss etag "a758617cea6e37325d6f8e07985b0ec5-ssl" content-type video/webm Content-Range bytes 0-88784/88785 cache-control public,max-age=0,must-revalidate accept-ranges bytes Content-Length 88785
GET H2	200	_Xms-HUzqDCFdgfMm4S9DQ.woff2 fonts.gstatic.com/s/figtree/v5/	20 KB 20 KB	36ms 10ms	Font font/woff2	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/figtree/v5/_Xms-HUzqDCFdgfMm4S9DQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Figtree:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash aafc56842faa29d254e8317348063a257c11c5d2369d36d5a437e36c398bbe99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://fonts.googleapis.com/ Origin https://onboarding.hotshot.co Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 18 May 2024 23:45:03 GMT x-content-type-options nosniff age 75460 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20080 x-xss-protection 0 last-modified Thu, 20 Jul 2023 20:53:10 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 18 May 2025 23:45:03 GMT
GET H2	200	hoisted.BMqMAa2A.js Show response onboarding.hotshot.co/_astro/	13 KB 4 KB	128ms 128ms	Script application/javascript	2a05:d014:275:cb01::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://onboarding.hotshot.co/_astro/hoisted.BMqMAa2A.js Requested by Host: onboarding.hotshot.co URL: https://onboarding.hotshot.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb01::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 198a82527ba39a5f080b8a98edd3a6a79c2bb1e362189b8aa7e0917b24888719 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://onboarding.hotshot.co/_astro/hoisted.2Usf3jdp.js Origin https://onboarding.hotshot.co Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01HY99FA1M2Q1Z7BR0MNJN1HJJ date Sun, 19 May 2024 20:42:43 GMT content-encoding br strict-transport-security max-age=31536000 server Netlify age 0 cache-status "Netlify Edge"; fwd=miss etag "b86dfe87310a5dcb1fd33c69734da5c6-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=31536000,immutable accept-ranges bytes
GET H2	200	js Show response www.googletagmanager.com/gtag/	302 KB 100 KB	44ms 44ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-TEHJT5SHY5&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSB3GH3M Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 8fb141a65f0cae13973ab199d289740e18b02f2bc52df3a56532f21a889c75d5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://onboarding.hotshot.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 19 May 2024 20:42:43 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 102384 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 19 May 2024 20:42:43 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 258 B	113ms 17ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-TEHJT5SHY5&gtm=45je45f0v9184339489z89184320482za200&_p=1716151363528&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=895687881.1716151364&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1716151363&sct=1&seg=0&dl=https%3A%2F%2Fonboarding.hotshot.co%2F&dt=Hotshot%20-%20AI%20Video%20Generator%2C%20Text%20to%20Video&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=510 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-TEHJT5SHY5&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://onboarding.hotshot.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 19 May 2024 20:42:43 GMT server Golfe2 content-type text/plain access-control-allow-origin https://onboarding.hotshot.co cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	/ Show response us.i.posthog.com/decide/	501 B 675 B	101ms 101ms	XHR application/json	34.206.99.183 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://us.i.posthog.com/decide/?v=3&ip=1&_=1716151364028&ver=1.131.2&compression=base64 Requested by Host: us.i.posthog.com URL: https://us.i.posthog.com/static/array.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.206.99.183 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-206-99-183.compute-1.amazonaws.com Software envoy / Resource Hash 3c1c761e98b641cfa1228fda8675bb5f84d800a3d1c6715ebbc6a4896d35dd20 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://onboarding.hotshot.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Sun, 19 May 2024 20:42:44 GMT content-encoding gzip x-content-type-options nosniff referrer-policy same-origin server envoy cross-origin-opener-policy same-origin vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin https://onboarding.hotshot.co access-control-allow-credentials true x-envoy-upstream-service-time 9 access-control-allow-headers X-Requested-With,Content-Type
POST H2	200	/ Show response us.i.posthog.com/e/	13 B 415 B	100ms 99ms	XHR application/json	34.206.99.183 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://us.i.posthog.com/e/?ip=1&_=1716151364042&ver=1.131.2&compression=base64 Requested by Host: us.i.posthog.com URL: https://us.i.posthog.com/static/array.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.206.99.183 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-206-99-183.compute-1.amazonaws.com Software envoy / Resource Hash 7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://onboarding.hotshot.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Sun, 19 May 2024 20:42:44 GMT content-encoding gzip x-content-type-options nosniff referrer-policy same-origin server envoy cross-origin-opener-policy same-origin vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin https://onboarding.hotshot.co access-control-allow-credentials true x-envoy-upstream-service-time 8 access-control-allow-headers X-Requested-With,Content-Type
GET H2	200	favicon.DIpvo2WN.png onboarding.hotshot.co/_astro/	8 KB 8 KB	115ms 115ms	Other image/png	2a05:d014:275:cb01::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://onboarding.hotshot.co/_astro/favicon.DIpvo2WN.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb01::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash ce9c6bf30b933d0839d22feefe45713f0fc43cc0bfc91b85d31eb65f54703dbe Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://onboarding.hotshot.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01HY99FAEGTGA74VFZNVHZ1V2K date Sun, 19 May 2024 20:42:44 GMT strict-transport-security max-age=31536000 server Netlify age 0 cache-status "Netlify Edge"; fwd=miss etag "f203fa0d933dababf662f9f9a2e18950-ssl" content-type image/png cache-control public,max-age=31536000,immutable accept-ranges bytes content-length 8519
GET H2	200	favicon.DIpvo2WN.png onboarding.hotshot.co/_astro/	8 KB 0	0ms 0ms	Other image/png	2a05:d014:275:cb01::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://onboarding.hotshot.co/_astro/favicon.DIpvo2WN.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb01::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash ce9c6bf30b933d0839d22feefe45713f0fc43cc0bfc91b85d31eb65f54703dbe Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://onboarding.hotshot.co/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01HY99FAEGTGA74VFZNVHZ1V2K date Sun, 19 May 2024 20:42:44 GMT server Netlify age 0 cache-status "Netlify Edge"; fwd=miss etag "f203fa0d933dababf662f9f9a2e18950-ssl" content-type image/png cache-control public,max-age=31536000,immutable accept-ranges bytes content-length 8519

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| posthog object| dataLayer boolean| basic_script object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.hotshot.co/	1970-01-20 22:52:07	Name: _gcl_au Value: 1.1.501039320.1716151364
			.hotshot.co/	1970-01-21 06:18:31	Name: _ga_TEHJT5SHY5 Value: GS1.1.1716151363.1.0.1716151363.0.0.0
			.hotshot.co/	1970-01-21 06:18:31	Name: _ga Value: GA1.1.895687881.1716151364
			.hotshot.co/	1970-01-21 05:28:07	Name: ph_phc_rZqeLv5uXPcEpRKIXZ5Wart59RqwYcVeHFz5xNXtc9R_posthog Value: %7B%22distinct_id%22%3A%22018f9297-a9bb-7874-ad75-cce219560737%22%2C%22%24sesid%22%3A%5B1716151364040%2C%22018f9297-a9c8-7675-83fe-1d9d1974d37a%22%2C1716151364040%5D%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.cdnfonts.com
fonts.googleapis.com
fonts.gstatic.com
onboarding.hotshot.co
region1.google-analytics.com
us.i.posthog.com
www.googletagmanager.com
172.67.184.158
2001:4860:4802:32::36
2a00:1450:4001:806::2008
2a00:1450:4001:81c::200a
2a00:1450:4001:82f::2003
2a05:d014:275:cb01::c8
34.206.99.183
10dc94322698bebd752006ad4d01347418ac76ed4c73e03d691305ebb38746e3
198a82527ba39a5f080b8a98edd3a6a79c2bb1e362189b8aa7e0917b24888719
19ff077874b358d6f011c951d1c0dd5cff3a7aed8a993341ac469cfe59861e2a
1d7c2e30d8cb7fc142ec27bb9e1083beb00e8e498a720e04287cefaadde0fbc7
2934a6af58da7d7f57d5ff6e8f70fb748c81135549bf4feb8644317fe3e86c38
3c1c761e98b641cfa1228fda8675bb5f84d800a3d1c6715ebbc6a4896d35dd20
476459b8a14f81bf30e3759a67b199564a7e36f33f79812a83ec5a8feaae4a63
5fdd14331e3f57b5806db46d871b0cd573d773833faf0021fa9332aeecd67ef0
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
8f4827428ccbf543bc2239ab4212fdcbd85f70bef0e9c6124d78fa8f0949df31
8fb141a65f0cae13973ab199d289740e18b02f2bc52df3a56532f21a889c75d5
a482660d45590969c223c64c654c9c3cac63f1fee4bdf1b5ca9bd425a6f14ded
aafc56842faa29d254e8317348063a257c11c5d2369d36d5a437e36c398bbe99
ad8525db37b2a7efd5ab64ec841597fbeb56b94f037ade250d878268587280b2
b08da4ae187b6db43653553a60236638e2370c50ccadcb6ec3ae1060d89e1040
c78874cb758ae9a61d3aca821d990e5e311bb6b22d251ab8271ebb62299c4aa6
ca0f15a333165c7afab64ae216b3e3f124bb6e9b47219d229ab559f2b3a6dcb9
ce9c6bf30b933d0839d22feefe45713f0fc43cc0bfc91b85d31eb65f54703dbe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea16368b1830cd26147bf8d3ac52375f532a84f12f1da2e546397fc037b9472e
ebd4dae5199201d1e5fad5a3870953e90600692aeec74282756e4e0def1d5de7
eeac773bd695913030a69c0dd12a62cff82cf96bfead605bc081ee7ff8c87d49