fitsport.hostly.app Open in urlscan Pro
137.184.65.98  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response fitsport.hostly.app/	7 KB 4 KB	567ms 136ms	Document text/html	137.184.65.98 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://fitsport.hostly.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 137.184.65.98 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Caddy Cowboy / Resource Hash 6f17c7ddbefb575ba2d6c49da99fa53215cd48d6d2877c4584cf7165c679495c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options ALLOW-FROM http://*.stumbleupon.com X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control no-cache, no-store, must-revalidate content-encoding gzip content-type text/html; charset=utf-8 date Sat, 08 Jun 2024 15:53:41 GMT nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} report-to {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717862022&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=3kwNw%2FcWxS6nDIIeYF2aWNdr8hGqJcZF0s4x7BTp%2B5o%3D"}]} reporting-endpoints heroku-nel=https://nel.heroku.com/reports?ts=1717862022&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=3kwNw%2FcWxS6nDIIeYF2aWNdr8hGqJcZF0s4x7BTp%2B5o%3D server Caddy Cowboy strict-transport-security max-age=31536000 vary Accept-Encoding, Origin via 1.1 vegur x-content-type-options nosniff x-frame-options ALLOW-FROM http://*.stumbleupon.com x-rack-cors miss; no-origin x-request-id 12629eb8-73e6-4c52-88e4-de742209e572 x-runtime 0.012783 x-xss-protection 1; mode=block
GET H/1.1	200 OK	client.js Show response strongrfastr-chat.herokuapp.com/faye/	38 KB 38 KB	489ms 120ms	Script text/javascript	54.224.34.30 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://strongrfastr-chat.herokuapp.com/faye/client.js Requested by Host: fitsport.hostly.app URL: https://fitsport.hostly.app/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.224.34.30 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-224-34-30.compute-1.amazonaws.com Software Cowboy / Resource Hash 6c1919e0a6e401642b4e7e552536629c3fe3988861b6da78b3d0d578f94caeaf Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fitsport.hostly.app/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sat, 08 Jun 2024 15:53:42 GMT Via 1.1 vegur Nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Server Cowboy Last-Modified Thu, 09 Nov 2023 17:36:18 GMT Etag 615af0f59f1e1ad9c99c90f24dc91ba58a166572 Report-To {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717862022&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=386Ybzyz8nDfAULKuMctoGUnbx4TuoTsDy%2FR%2BDT7boo%3D"}]} Content-Type text/javascript; charset=utf-8 Connection keep-alive Content-Length 38413 Reporting-Endpoints heroku-nel=https://nel.heroku.com/reports?ts=1717862022&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=386Ybzyz8nDfAULKuMctoGUnbx4TuoTsDy%2FR%2BDT7boo%3D
GET H2	200	2.76ea3282.chunk.css d9v9yzkvftlqc.cloudfront.net/static/css/	6 KB 2 KB	201ms 97ms	Stylesheet text/css	2600:9000:275b:8c00:14:ad57:9100:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d9v9yzkvftlqc.cloudfront.net/static/css/2.76ea3282.chunk.css Requested by Host: fitsport.hostly.app URL: https://fitsport.hostly.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:275b:8c00:14:ad57:9100:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a1b3fd4ae6620e27673514665455a84136bb466289d2b3230b14b4037faab4cd Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fitsport.hostly.app/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 10:44:10 GMT content-encoding gzip via 1.1 a5607d37f6322bee208b762f730550a0.cloudfront.net (CloudFront) last-modified Sat, 13 Apr 2024 00:01:09 GMT server AmazonS3 x-amz-cf-pop FRA60-P7 age 18573 x-amz-server-side-encryption AES256 etag W/"00fac4c8e044c52a360b990ced244c0b" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css; charset=utf-8 x-amz-cf-id vjlfWlKaK9U-9_kJG84sjq_yUimlDJPlu6myx31c7RzHp-VDWJ8SFA==
GET H2	200	main.6e932d97.chunk.css d9v9yzkvftlqc.cloudfront.net/static/css/	598 KB 80 KB	150ms 45ms	Stylesheet text/css	2600:9000:275b:8c00:14:ad57:9100:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d9v9yzkvftlqc.cloudfront.net/static/css/main.6e932d97.chunk.css Requested by Host: fitsport.hostly.app URL: https://fitsport.hostly.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:275b:8c00:14:ad57:9100:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 90ec9120246c1684a6142175adb5c13741655454bd18f7043e42aec8b5717bcf Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fitsport.hostly.app/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 10:40:20 GMT content-encoding gzip via 1.1 a5607d37f6322bee208b762f730550a0.cloudfront.net (CloudFront) last-modified Fri, 07 Jun 2024 10:05:02 GMT server AmazonS3 x-amz-cf-pop FRA60-P7 age 19269 x-amz-server-side-encryption AES256 etag W/"16e1f28a4a94cb224a1582ee69b4c1d1" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css; charset=utf-8 x-amz-cf-id sd-1HwX-LJSO-SS2ih210_QRqQt5vnwmWubMcDN6_VHo0chN4nws_g==
GET H2	200	/ Show response js.stripe.com/v3/	611 KB 168 KB	143ms 38ms	Script text/javascript	151.101.128.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/ Requested by Host: fitsport.hostly.app URL: https://fitsport.hostly.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash e6065dea915063a7c89f4592e32e0208701b281d55f3077e3bde07bcfd31b02b Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fitsport.hostly.app/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Sat, 08 Jun 2024 15:53:42 GMT via 1.1 varnish age 14 x-cache HIT content-length 171962 x-request-id 60c06542-7f72-4db2-ab22-7df5d9478689 x-served-by cache-fra-etou8220158-FRA last-modified Fri, 07 Jun 2024 20:39:24 GMT server Fastly etag "f29bbd0469f158a894e4f9c36caadf11" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=60 accept-ranges bytes timing-allow-origin * x-cache-hits 5
GET H2	200	2.e67ea8eb.chunk.js Show response d9v9yzkvftlqc.cloudfront.net/static/js/	1 MB 389 KB	614ms 510ms	Script application/javascript	2600:9000:275b:8c00:14:ad57:9100:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d9v9yzkvftlqc.cloudfront.net/static/js/2.e67ea8eb.chunk.js Requested by Host: fitsport.hostly.app URL: https://fitsport.hostly.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:275b:8c00:14:ad57:9100:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1364c43244ec626c378775630d5dd162eced5d8f72406f2b38898a6867e78272 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fitsport.hostly.app/ Origin https://fitsport.hostly.app Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 15:53:43 GMT content-encoding gzip via 1.1 256cd380c9790a2b71d68709829caa18.cloudfront.net (CloudFront) last-modified Fri, 07 Jun 2024 10:05:01 GMT server AmazonS3 x-amz-cf-pop FRA60-P7 etag W/"84e8f1f7d8e750ae423f5b6480ab8255" x-amz-server-side-encryption AES256 vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method access-control-allow-methods GET, HEAD content-type application/javascript; charset=utf-8 access-control-allow-origin * x-cache Miss from cloudfront x-amz-cf-id 6zZzfOD1S_T-44SmbdyirnUbVGvxfTYv_0SoOl2DbsFefdqirTqrHw==
GET H2	200	main.71cb0fe8.chunk.js Show response d9v9yzkvftlqc.cloudfront.net/static/js/	2 MB 573 KB	652ms 548ms	Script application/javascript	2600:9000:275b:8c00:14:ad57:9100:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d9v9yzkvftlqc.cloudfront.net/static/js/main.71cb0fe8.chunk.js Requested by Host: fitsport.hostly.app URL: https://fitsport.hostly.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:275b:8c00:14:ad57:9100:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 37084febab395c5ba0c4dac05dbd8e55c5c612cd6c06da6205b12ad96ec93b36 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fitsport.hostly.app/ Origin https://fitsport.hostly.app Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 15:53:43 GMT content-encoding gzip via 1.1 256cd380c9790a2b71d68709829caa18.cloudfront.net (CloudFront) last-modified Fri, 07 Jun 2024 10:05:02 GMT server AmazonS3 x-amz-cf-pop FRA60-P7 etag W/"9bee9bcee1cbe46d594177897c3292d4" x-amz-server-side-encryption AES256 vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method access-control-allow-methods GET, HEAD content-type application/javascript; charset=utf-8 access-control-allow-origin * x-cache Miss from cloudfront x-amz-cf-id 2CEUzfyYqaMGdNKypO4kGo9xicx64erh5jj47mmlM-WHFCQ8DVG3HA==
GET H2	200	mixpanel-2-latest.min.js Show response cdn.mxpnl.com/libs/	55 KB 19 KB	135ms 39ms	Script text/javascript	2600:1901:0:bc29:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js Requested by Host: fitsport.hostly.app URL: https://fitsport.hostly.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:bc29:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash 395e1e13608ef6f630c22329001b619f5434fc1eb6567e8d31f600b0fc3c5cc6 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fitsport.hostly.app/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 15:51:59 GMT content-encoding gzip age 103 x-guploader-uploadid ABPtcPq72wVUWJi98ryw-aUO0rhKDQvvM5jUgGwbHEKkbQJrP0Llsv3Jg8jkRG_Zbnm0X16EsMo x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18820 last-modified Fri, 07 Jun 2024 18:57:45 GMT server UploadServer etag "0f8e1f29672ad8af54e7b02671b3de79" vary Accept-Encoding x-goog-generation 1717786665797756 x-goog-hash crc32c=gzfIUg==, md5=D44fKWcq2K9U57AmcbPeeQ== access-control-allow-origin * content-type text/javascript cache-control public,max-age=600 x-goog-stored-content-length 18820 accept-ranges bytes expires Sat, 08 Jun 2024 16:01:59 GMT
OPTIONS H2	200	translation11.json d9v9yzkvftlqc.cloudfront.net/locales/en/ Frame	0 0	421ms 420ms	Preflight	2600:9000:275b:8c00:14:ad57:9100:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d9v9yzkvftlqc.cloudfront.net/locales/en/translation11.json Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:275b:8c00:14:ad57:9100:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash Request headers Accept */* Access-Control-Request-Headers x-requested-with Access-Control-Request-Method GET Origin https://fitsport.hostly.app Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers access-control-allow-headers x-requested-with access-control-allow-methods GET, HEAD access-control-allow-origin * content-length 0 date Sat, 08 Jun 2024 15:53:44 GMT server AmazonS3 vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method via 1.1 256cd380c9790a2b71d68709829caa18.cloudfront.net (CloudFront) x-amz-cf-id JZ1VyLuwjfxI_kQat4KI4w1EHTmmG8Sqtr2ZGjXguLlj7x0-iL-Atw== x-amz-cf-pop FRA60-P7 x-cache Miss from cloudfront
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	219 KB 59 KB	127ms 40ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: d9v9yzkvftlqc.cloudfront.net URL: https://d9v9yzkvftlqc.cloudfront.net/static/js/main.71cb0fe8.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fitsport.hostly.app/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sat, 08 Jun 2024 15:53:43 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 57975 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1297, tbw=2796, tp=-1, tpl=-1, uplat=0, ullat=-1 pragma public x-fb-debug rKPECE/WqZbzL8z01ur3g39udB2ZNOl4WQnNnXWh5+1eW79TyH1GDTkdzq6Lj6PxNcmyEUbu7grXcuRJVgKOyw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	200	register_timezone Show response fitsport.hostly.app/en/api/v1/	2 B 634 B	133ms 132ms	Fetch application/json	137.184.65.98 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://fitsport.hostly.app/en/api/v1/register_timezone Requested by Host: d9v9yzkvftlqc.cloudfront.net URL: https://d9v9yzkvftlqc.cloudfront.net/static/js/main.71cb0fe8.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 137.184.65.98 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Caddy, Cowboy / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options ALLOW-FROM http://*.stumbleupon.com X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://fitsport.hostly.app/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type multipart/form-data; boundary=----WebKitFormBoundarypzcy3BuDBl4rVegl Response headers x-rack-cors hit date Sat, 08 Jun 2024 15:53:42 GMT content-encoding gzip via 1.1 vegur strict-transport-security max-age=31536000 nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} x-content-type-options nosniff x-xss-protection 1; mode=block reporting-endpoints heroku-nel=https://nel.heroku.com/reports?ts=1717862023&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=Z6fa0C05VUBSpwp%2FLFfU8Y3rtcvY8SpISS1hJhUCG7Y%3D x-request-id e1043904-14a1-48e4-bbee-1e7793435db1 x-runtime 0.008798 server Caddy, Cowboy access-control-max-age 7200 access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin * report-to {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717862023&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=Z6fa0C05VUBSpwp%2FLFfU8Y3rtcvY8SpISS1hJhUCG7Y%3D"}]} access-control-expose-headers cache-control no-cache, no-store, must-revalidate vary Accept-Encoding, Origin x-frame-options ALLOW-FROM http://*.stumbleupon.com
GET H2	200	user.json Show response fitsport.hostly.app/en/api/v1/	446 B 351 B	148ms 148ms	Fetch application/json	137.184.65.98 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://fitsport.hostly.app/en/api/v1/user.json?cur_date=2024-06-08&last_user_update=null&api_version=230 Requested by Host: d9v9yzkvftlqc.cloudfront.net URL: https://d9v9yzkvftlqc.cloudfront.net/static/js/main.71cb0fe8.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 137.184.65.98 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Caddy, Cowboy / Resource Hash 7027559fd028da76f69604843628def318676a4503f35c9db22395b7d65b9794 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options ALLOW-FROM http://*.stumbleupon.com X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fitsport.hostly.app/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-rack-cors miss; no-origin date Sat, 08 Jun 2024 15:53:42 GMT content-encoding gzip via 1.1 vegur strict-transport-security max-age=31536000 nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} x-content-type-options nosniff x-xss-protection 1; mode=block reporting-endpoints heroku-nel=https://nel.heroku.com/reports?ts=1717862023&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=Z6fa0C05VUBSpwp%2FLFfU8Y3rtcvY8SpISS1hJhUCG7Y%3D x-request-id 9584bc0e-765e-47b9-8602-e0bb7aa28a6a x-runtime 0.007971 server Caddy, Cowboy vary Accept-Encoding, Origin report-to {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717862023&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=Z6fa0C05VUBSpwp%2FLFfU8Y3rtcvY8SpISS1hJhUCG7Y%3D"}]} content-type application/json; charset=utf-8 x-frame-options ALLOW-FROM http://*.stumbleupon.com cache-control no-cache, no-store, must-revalidate
GET H2	200	translation11.json Show response d9v9yzkvftlqc.cloudfront.net/locales/en/	144 KB 41 KB	433ms 433ms	XHR application/json	2600:9000:275b:8c00:14:ad57:9100:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d9v9yzkvftlqc.cloudfront.net/locales/en/translation11.json Requested by Host: d9v9yzkvftlqc.cloudfront.net URL: https://d9v9yzkvftlqc.cloudfront.net/static/js/2.e67ea8eb.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:275b:8c00:14:ad57:9100:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c8303d52fd5d976dcfc83aa18bc5475a0af1fae2ff2968c0d31c286180d2bb94 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fitsport.hostly.app/ X-Requested-With XMLHttpRequest Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 15:53:45 GMT content-encoding gzip via 1.1 256cd380c9790a2b71d68709829caa18.cloudfront.net (CloudFront) last-modified Fri, 07 Jun 2024 09:11:43 GMT server AmazonS3 x-amz-cf-pop FRA60-P7 x-amz-server-side-encryption AES256 etag W/"e2a14848dfcc8f19b31a472f750d1117" vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method access-control-allow-methods GET, HEAD content-type application/json; charset=utf-8 access-control-allow-origin * x-cache RefreshHit from cloudfront x-amz-cf-id 14tqHv6KitGck_LYeTfja1gJs2Mmp3wMeCacu_LxW11lz_Av7Mlmug==
GET H2	200	medium_thumb_cabd7e5e76a2fda56ffef8adcd181bb2-1716508260 d2jbk7d41q2u2w.cloudfront.net/uploads/trainer/logo/2214452/	26 KB 27 KB	577ms 477ms	Image image/png	2600:9000:223f:d600:d:20e0:b200:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2jbk7d41q2u2w.cloudfront.net/uploads/trainer/logo/2214452/medium_thumb_cabd7e5e76a2fda56ffef8adcd181bb2-1716508260 Requested by Host: fitsport.hostly.app URL: https://fitsport.hostly.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:d600:d:20e0:b200:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2249c0e0289f4e4ff3cc955a157febaba9eaa27e30c20a5ad61e8a7111c294d1 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fitsport.hostly.app/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 15:53:44 GMT via 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront) last-modified Thu, 23 May 2024 23:51:26 GMT server AmazonS3 x-amz-cf-pop FRA56-P5 etag "cabd7e5e76a2fda56ffef8adcd181bb2" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/png accept-ranges bytes content-length 26908 x-amz-cf-id MI1bJyBxkhOHc13d7SDLprwHakaw-nad0UjR0IU4nb8RLTDD-jdswA==
POST H2	200	register_mixpanel_id Show response fitsport.hostly.app/en/api/v1/	2 B 223 B	192ms 192ms	Fetch application/json	137.184.65.98 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://fitsport.hostly.app/en/api/v1/register_mixpanel_id Requested by Host: d9v9yzkvftlqc.cloudfront.net URL: https://d9v9yzkvftlqc.cloudfront.net/static/js/main.71cb0fe8.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 137.184.65.98 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Caddy, Cowboy / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options ALLOW-FROM http://*.stumbleupon.com X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://fitsport.hostly.app/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type multipart/form-data; boundary=----WebKitFormBoundary0lBhZQK8awEi32uB Response headers x-rack-cors hit date Sat, 08 Jun 2024 15:53:43 GMT content-encoding gzip via 1.1 vegur strict-transport-security max-age=31536000 nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} x-content-type-options nosniff x-xss-protection 1; mode=block reporting-endpoints heroku-nel=https://nel.heroku.com/reports?ts=1717862023&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=Z6fa0C05VUBSpwp%2FLFfU8Y3rtcvY8SpISS1hJhUCG7Y%3D x-request-id 756f8d7b-289b-4b28-bd6d-fdd6efe289d6 x-runtime 0.009064 server Caddy, Cowboy access-control-max-age 7200 access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin * report-to {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717862023&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=Z6fa0C05VUBSpwp%2FLFfU8Y3rtcvY8SpISS1hJhUCG7Y%3D"}]} access-control-expose-headers cache-control no-cache, no-store, must-revalidate vary Accept-Encoding, Origin x-frame-options ALLOW-FROM http://*.stumbleupon.com
GET H2	200	m-outer-3437aaddcdf6922d623e172c2d6f9278.html js.stripe.com/v3/ Frame D646	0 0	115ms 39ms	Document text/html	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://fitsport.hostly.app/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes access-control-allow-origin * age 2721152 cache-control max-age=31536000 content-encoding br content-length 154 content-security-policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Sat, 08 Jun 2024 15:53:43 GMT etag "3437aaddcdf6922d623e172c2d6f9278" last-modified Fri, 11 Nov 2022 20:25:37 GMT server Fastly strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 varnish x-cache HIT x-cache-hits 79975 x-content-type-options nosniff x-request-id c729eeb0-a41e-4e91-9409-3b6115f19080 x-served-by cache-fra-etou8220069-FRA
GET H2	200	155151481796910 Show response connect.facebook.net/signals/config/	59 KB 12 KB	82ms 81ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/155151481796910?v=2.9.157&r=stable&domain=fitsport.hostly.app&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 2a7e480b0df7e4f6d07822fa63622fd6fef295517057a5f7cc56fda7db849f1e Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fitsport.hostly.app/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sat, 08 Jun 2024 15:53:43 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=38, rtx=0, c=63, mss=1297, tbw=63527, tp=-1, tpl=-1, uplat=42, ullat=0 pragma public x-fb-debug T3aXKiLNMvke0+YPZU6w4/Nm0kX7FsZtnCt1P6OECyekxzSDbYTRKt8/7PtCRryxp0Bmso3LbXnge6iw+lNPfg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 274 B	147ms 40ms	Image text/plain	2a03:2880:f177:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=155151481796910&ev=PageView&dl=https%3A%2F%2Ffitsport.hostly.app%2F&rl=&if=false&ts=1717862023800&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717862023799.726078108175849318&ler=empty&cdl=API_unavailable&it=1717862023706&coo=false&rqm=GET Requested by Host: fitsport.hostly.app URL: https://fitsport.hostly.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fitsport.hostly.app/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2827, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Sat, 08 Jun 2024 15:53:43 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 475 B	352ms 245ms	Image image/png	2a03:2880:f177:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=155151481796910&ev=PageView&dl=https%3A%2F%2Ffitsport.hostly.app%2F&rl=&if=false&ts=1717862023800&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717862023799.726078108175849318&ler=empty&cdl=API_unavailable&it=1717862023706&coo=false&rqm=FGET Requested by Host: fitsport.hostly.app URL: https://fitsport.hostly.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fitsport.hostly.app/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x1d34aacc34707296","source_keys":["1","2"]},{"key_piece":"0x28b5d6c00937fdd2","source_keys":["1","2"]}],"aggregatable_values":{"1":1}} content-encoding zstd x-content-type-options nosniff content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; strict-transport-security max-age=15552000; preload document-policy force-load-at-top date Sat, 08 Jun 2024 15:53:44 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=44, rtx=0, c=10, mss=1297, tbw=6874, tp=-1, tpl=-1, uplat=203, ullat=0 pragma no-cache x-fb-debug KOuKXRfTz3FeKn6MXFT8ibM6HBjH6es8bilQh40KHIKVAkfSESlgWVo8wFqu9MeMRpw2GoU3leGzgr18wQFxIg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 32 B	146ms 40ms	Image text/plain	2a03:2880:f177:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=155151481796910&ev=VirtualPageView&dl=https%3A%2F%2Ffitsport.hostly.app%2F&rl=&if=false&ts=1717862023801&cd[path]=%2Fapp%2F&sw=1600&sh=1200&v=2.9.157&r=stable&ec=1&o=4126&fbp=fb.1.1717862023799.726078108175849318&ler=empty&cdl=API_unavailable&it=1717862023706&coo=false&rqm=GET Requested by Host: fitsport.hostly.app URL: https://fitsport.hostly.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fitsport.hostly.app/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2827, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Sat, 08 Jun 2024 15:53:43 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 4 KB	349ms 243ms	Image image/png	2a03:2880:f177:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=155151481796910&ev=VirtualPageView&dl=https%3A%2F%2Ffitsport.hostly.app%2F&rl=&if=false&ts=1717862023801&cd[path]=%2Fapp%2F&sw=1600&sh=1200&v=2.9.157&r=stable&ec=1&o=4126&fbp=fb.1.1717862023799.726078108175849318&ler=empty&cdl=API_unavailable&it=1717862023706&coo=false&rqm=FGET Requested by Host: fitsport.hostly.app URL: https://fitsport.hostly.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fitsport.hostly.app/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x13ae85582bd4567e","source_keys":["1","2"]},{"key_piece":"0x3f1ef29b00f57526","source_keys":["1","2"]}],"aggregatable_values":{"1":1}} content-encoding zstd x-content-type-options nosniff content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; strict-transport-security max-age=15552000; preload document-policy force-load-at-top date Sat, 08 Jun 2024 15:53:44 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=44, rtx=0, c=10, mss=1297, tbw=3177, tp=-1, tpl=-1, uplat=202, ullat=0 pragma no-cache x-fb-debug YJJdHchB90Y96fXYI41OGZqE4fZUdfY/emm8dDOdkEdH2Sh8XQXYsMQwfr+gPmiTCR6gJUJ736erxAESfFZkKQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	medium_thumb_0de2584748c81e8c7fdc6769e4dae2b7-1716508260 d2jbk7d41q2u2w.cloudfront.net/uploads/trainer/app_icon/2214452/	105 KB 105 KB	513ms 513ms	Other image/png	2600:9000:223f:d600:d:20e0:b200:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2jbk7d41q2u2w.cloudfront.net/uploads/trainer/app_icon/2214452/medium_thumb_0de2584748c81e8c7fdc6769e4dae2b7-1716508260 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:d600:d:20e0:b200:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c7eeae02997ec18a17f546068aa025ba7ad3fec78da89c783be461e4b9e612f1 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fitsport.hostly.app/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 15:53:45 GMT via 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront) last-modified Thu, 23 May 2024 23:51:27 GMT server AmazonS3 x-amz-cf-pop FRA56-P5 etag "10caf8bf36b6c29307aa5aa037803a41" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/png accept-ranges bytes content-length 107439 x-amz-cf-id HTKgYs-8Cw9Jq0KqgkjLXbxSQ6SDu5c-EeLCeg8-g4DWFaI9CLkBLg==

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| appPlatform string| appVersion string| reactApiUrl string| basename string| isPrimaryDomain string| allowDirectSignup string| appBrandName string| hideGetAppPrompt string| appLogoUrl string| skipTracking string| mixpanelDeviceId string| mixpanelToken string| nativePackagePrefix string| iosPackageName string| androidPackageName string| iosAppId string| excludeProgressPhoto object| mixpanel object| webpackChunkStripeJSouter function| noop function| Stripe object| webpackJsonpsf-react object| Faye function| setImmediate function| clearImmediate object| FontAwesomeConfig object| ___FONT_AWESOME___ object| regeneratorRuntime function| User function| Recipe object| __core-js_shared__ object| Waves object| reduxStore string| webPaymentMethod function| fbq function| _fbq

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			fitsport.hostly.app/	1969-12-31 23:59:59	Name: start_type Value: normal
			fitsport.hostly.app/	1969-12-31 23:59:59	Name: misc_ab_test_version Value: b
			fitsport.hostly.app/	1969-12-31 23:59:59	Name: timezone_offset Value: -120
			fitsport.hostly.app/	1969-12-31 23:59:59	Name: autoplay_video Value: false
			fitsport.hostly.app/	1969-12-31 23:59:59	Name: browser.timezone Value: Europe%2FBerlin
			fitsport.hostly.app/	1969-12-31 23:59:59	Name: mixpanel_id Value: 18ff88e415279d-00636259c19b3e-26001c51-1d4c00-18ff88e415279d
			.hostly.app/	1970-01-20 23:20:38	Name: _fbp Value: fb.1.1717862023799.726078108175849318
			m.stripe.com/	1970-01-21 06:47:02	Name: m Value: 1ed2ad54-9e6c-4585-a388-bcad8bf48b99e74a5e
			.fitsport.hostly.app/	1970-01-21 05:56:38	Name: __stripe_mid Value: 114596ae-22c0-4135-8ac0-bd13b97e92062a2b2f
			.fitsport.hostly.app/	1970-01-20 21:11:03	Name: __stripe_sid Value: f274030b-7d59-47b9-b350-5c9c71af31c8c603a3

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://fitsport.hostly.app/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM http://*.stumbleupon.com
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.mxpnl.com
connect.facebook.net
d2jbk7d41q2u2w.cloudfront.net
d9v9yzkvftlqc.cloudfront.net
fitsport.hostly.app
js.stripe.com
strongrfastr-chat.herokuapp.com
www.facebook.com
137.184.65.98
151.101.0.176
151.101.128.176
2600:1901:0:bc29::
2600:9000:223f:d600:d:20e0:b200:21
2600:9000:275b:8c00:14:ad57:9100:21
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
54.224.34.30
1364c43244ec626c378775630d5dd162eced5d8f72406f2b38898a6867e78272
2249c0e0289f4e4ff3cc955a157febaba9eaa27e30c20a5ad61e8a7111c294d1
2a7e480b0df7e4f6d07822fa63622fd6fef295517057a5f7cc56fda7db849f1e
37084febab395c5ba0c4dac05dbd8e55c5c612cd6c06da6205b12ad96ec93b36
395e1e13608ef6f630c22329001b619f5434fc1eb6567e8d31f600b0fc3c5cc6
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
6c1919e0a6e401642b4e7e552536629c3fe3988861b6da78b3d0d578f94caeaf
6f17c7ddbefb575ba2d6c49da99fa53215cd48d6d2877c4584cf7165c679495c
7027559fd028da76f69604843628def318676a4503f35c9db22395b7d65b9794
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
90ec9120246c1684a6142175adb5c13741655454bd18f7043e42aec8b5717bcf
a1b3fd4ae6620e27673514665455a84136bb466289d2b3230b14b4037faab4cd
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
c7eeae02997ec18a17f546068aa025ba7ad3fec78da89c783be461e4b9e612f1
c8303d52fd5d976dcfc83aa18bc5475a0af1fae2ff2968c0d31c286180d2bb94
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6065dea915063a7c89f4592e32e0208701b281d55f3077e3bde07bcfd31b02b