mytermplan.com Open in urlscan Pro
52.52.10.242 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mytermplan.com/
Submission: On August 12 via manual (August 12th 2022, 4:13:37 pm UTC) from US — Scanned from DE

Summary HTTP 55 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 27 IPs in 4 countries across 19 domains to perform 55 HTTP transactions. The main IP is 52.52.10.242, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is mytermplan.com.
TLS certificate: Issued by Amazon on April 18th 2022. Valid for: a year.

This is the only time mytermplan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.52.10.242 52.52.10.242	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3036::ac43:9e2a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2600:9000:215... 2600:9000:2156:6e00:12:aa6d:3c00:21	16509 (AMAZON-02) (AMAZON-02)
3	138.199.37.226 138.199.37.226	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	34.120.2.161 34.120.2.161	15169 (GOOGLE) (GOOGLE)
2	2600:9000:225... 2600:9000:225e:d800:14:6bfc:5740:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1 7	52.70.191.56 52.70.191.56	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:223... 2600:9000:223d:3400:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:26b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.222.236.43 52.222.236.43	16509 (AMAZON-02) (AMAZON-02)
2	3.5.76.165 3.5.76.165	16509 (AMAZON-02) (AMAZON-02)
1	18.66.139.28 18.66.139.28	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
8	34.204.233.42 34.204.233.42	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	54.216.81.154 54.216.81.154	16509 (AMAZON-02) (AMAZON-02)
1	54.76.240.228 54.76.240.228	16509 (AMAZON-02) (AMAZON-02)
1	54.245.68.207 54.245.68.207	16509 (AMAZON-02) (AMAZON-02)
1	52.222.206.97 52.222.206.97	16509 (AMAZON-02) (AMAZON-02)
1	23.23.142.3 23.23.142.3	14618 (AMAZON-AES) (AMAZON-AES)
55	27

1 52.52.10.242 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-52-10-242.us-west-1.compute.amazonaws.com

mytermplan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:9e2a (United States)

ASN13335 (CLOUDFLARENET, US)

rsms.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:2156:6e00:12:aa6d:3c00:21 (United States)

ASN16509 (AMAZON-02, US)

d3si1iee1g6i28.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 138.199.37.226 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-37-226.datapacket.com

familiar-essential.mytermplan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.2.161 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 161.2.120.34.bc.googleusercontent.com

www.abp4clk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225e:d800:14:6bfc:5740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.ywxi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.70.191.56 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-191-56.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223d:3400:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:26b6 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-43.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.5.76.165 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-28.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.204.233.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-233-42.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.216.81.154 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-81-154.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.240.228 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-240-228.eu-west-1.compute.amazonaws.com

ws41.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.245.68.207 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-245-68-207.us-west-2.compute.amazonaws.com

www.trustedsite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.206.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-97.fra56.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.23.142.3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-142-3.compute-1.amazonaws.com

deviceid.trueleadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	cloudfront.net d3si1iee1g6i28.cloudfront.net d2m2wsoho8qq12.cloudfront.net	1 MB
9	trustedform.com 1 redirects api.trustedform.com — Cisco Umbrella Rank: 17207 cdn.trustedform.com — Cisco Umbrella Rank: 18889	41 KB
8	leadid.com create.leadid.com — Cisco Umbrella Rank: 11587	5 KB
5	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 642 script.hotjar.com — Cisco Umbrella Rank: 770 vars.hotjar.com — Cisco Umbrella Rank: 803 in.hotjar.com — Cisco Umbrella Rank: 1526 ws41.hotjar.com — Cisco Umbrella Rank: 56421	69 KB
4	mytermplan.com mytermplan.com familiar-essential.mytermplan.com	31 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	388 B
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2742	363 B
2	amazonaws.com s3-us-west-2.amazonaws.com	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	111 KB
2	ywxi.net cdn.ywxi.net — Cisco Umbrella Rank: 9076	13 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	144 KB
1	trueleadid.com deviceid.trueleadid.com — Cisco Umbrella Rank: 11684	2 KB
1	trustedsite.com www.trustedsite.com — Cisco Umbrella Rank: 14533	944 B
1	gstatic.com fonts.gstatic.com	27 KB
1	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 17473	39 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	2 KB
1	abp4clk.com www.abp4clk.com — Cisco Umbrella Rank: 724087	18 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1278	42 KB
1	rsms.me rsms.me — Cisco Umbrella Rank: 13278	2 KB
55	19

	Domain	Requested by
9	d3si1iee1g6i28.cloudfront.net	mytermplan.com d3si1iee1g6i28.cloudfront.net cdn.trustedform.com
8	create.leadid.com	create.lidstatic.com deviceid.trueleadid.com
7	api.trustedform.com	1 redirects api.trustedform.com cdn.trustedform.com
3	familiar-essential.mytermplan.com	mytermplan.com
2	www.facebook.com	mytermplan.com
2	region1.google-analytics.com	www.googletagmanager.com
2	s3-us-west-2.amazonaws.com	cdn.ywxi.net
2	cdn.trustedform.com	mytermplan.com api.trustedform.com
2	connect.facebook.net	mytermplan.com connect.facebook.net
2	cdn.ywxi.net	mytermplan.com
2	www.googletagmanager.com	mytermplan.com www.googleoptimize.com
1	deviceid.trueleadid.com	d2m2wsoho8qq12.cloudfront.net
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	www.trustedsite.com	cdn.ywxi.net
1	ws41.hotjar.com	script.hotjar.com
1	in.hotjar.com	script.hotjar.com
1	fonts.gstatic.com	fonts.googleapis.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	create.lidstatic.com	mytermplan.com
1	static.hotjar.com	mytermplan.com
1	fonts.googleapis.com	d3si1iee1g6i28.cloudfront.net
1	www.abp4clk.com	mytermplan.com
1	www.googleoptimize.com	mytermplan.com
1	rsms.me	mytermplan.com
1	mytermplan.com
55	26

This site contains links to these domains. Also see Links.

Domain
app.termly.io
www.facebook.com
www.linkedin.com

Subject Issuer	Validity	Valid
mytermplan.com Amazon	`2022-04-18` - `2023-05-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
familiar-essential.mytermplan.com R3	`2022-07-20` - `2022-10-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
abp4clk.com Starfield Secure Certificate Authority - G2	`2022-05-20` - `2023-06-21`	a year	crt.sh
*.ywxi.net Amazon	`2022-07-05` - `2023-08-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-22` - `2022-08-20`	3 months	crt.sh
lidstatic.com Cloudflare Inc ECC CA-3	`2022-03-30` - `2023-03-30`	a year	crt.sh
*.s3-us-west-2.amazonaws.com Amazon	`2021-12-17` - `2022-11-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
create.leadid.com Amazon	`2021-10-22` - `2022-11-19`	a year	crt.sh
*.trustedsite.com Amazon	`2022-01-25` - `2023-02-23`	a year	crt.sh
deviceid.trueleadid.com Amazon	`2022-01-07` - `2023-02-05`	a year	crt.sh
*.trustedform.com Amazon	`2021-10-12` - `2022-11-09`	a year	crt.sh
cdn.trustedform.com Amazon	`2022-04-14` - `2023-05-13`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://mytermplan.com/
Frame ID: 9CD669E7D55CD820AAF18C2295A3C7A3
Requests: 52 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-1ada912494ba7fc7aca15fcef1c2a7ae.html
Frame ID: 122669E0186661D309EBE00ADDBF5458
Requests: 1 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=F92B85D6-FBBC-4700-12EB-209C974AFB9F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=AC452B9B-C22C-3B1E-8364-032105F2F6DC&lac=1C08D750-3A5B-6AE9-D82D-3EAD2E90EE45
Frame ID: 7807DD38A13D659A4632B415781B51A8
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=F92B85D6-FBBC-4700-12EB-209C974AFB9F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=AC452B9B-C22C-3B1E-8364-032105F2F6DC&lac=1C08D750-3A5B-6AE9-D82D-3EAD2E90EE45
Frame ID: 627D1DBD5D8230928B8E3459B975E8F0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

My Term Plan - Plant the Seeds of Protection

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

55
Requests

98 %
HTTPS

46 %
IPv6

19
Domains

26
Subdomains

27
IPs

4
Countries

2072 kB
Transfer

3912 kB
Size

16
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://app.termly.io/document/privacy-policy/4fdc80a7-e368-413b-82a5-bc5503e3f396
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://app.termly.io/document/terms-of-use-for-website/897844db-3cc8-4ebb-9ef6-50c0452b6339
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://app.termly.io/document/disclaimer/5174dc9e-79ca-40b2-9cff-a57fefe2292d
Title: Disclaimer

Search URL Search Domain Scan URL

URL: https://app.termly.io/notify/4fdc80a7-e368-413b-82a5-bc5503e3f396
Title: Do Not Sell My Info

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mytermplan

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/mytermplan

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16603208095920.7921511196100195 HTTP 301
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=trusted_form&l=16603208095920.7921511196100195

55 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
mytermplan.com/ 27 KB
27 KB 871ms
485ms Document
text/html 52.52.10.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mytermplan.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.52.10.242 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-52-10-242.us-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: cbdaca5ed5b5d0363f4ab77e09656664baa735631ca70d5de19f98486b6ed42c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, private
content-length: 27286
content-type: text/html; charset=UTF-8
date: Fri, 12 Aug 2022 16:13:22 GMT
server: awselb/2.0

GET
H2 200 inter.css
rsms.me/inter/ 5 KB
2 KB 69ms
20ms Stylesheet
text/css 2606:4700:3036::ac43:9e2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/inter.css
Requested by: Host: mytermplan.com
URL: https://mytermplan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9e2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c14569b287795db20f175729c90108f5e756049018e48f45d6f92c11c31be884

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytermplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-fastly-request-id: 234049953f90a2488fe0c93f0af78ed304d7c32a
date: Fri, 12 Aug 2022 16:13:22 GMT
via: 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 379
x-cache: HIT
x-cache-hits: 2
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19157-FRA
last-modified: Thu, 04 Aug 2022 16:06:36 GMT
server: cloudflare
x-github-request-id: E8C2:9144:56F040:5D0678:62EBEEE1
x-timer: S1659629790.009815,VS0,VE0
etag: W/"62ebee8c-1490"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jgki6GM9GzHWGkDoLYRuh7mCv%2FGCHQALaih%2B0WB5ua6uJ8iQC%2F0UNjG3bgQt1mb2JNq1%2F9p3PX4d%2F76HOyi93WCSGRRZNNWi1G6r54BgYmp3M%2FLL4eoCWSu7Xc1haDqoZfAp5SjR"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-proxy-cache: HIT
cf-ray: 739a7f79f8c69223-FRA
x-origin-cache: HIT
expires: Tue, 09 Aug 2022 22:54:40 GMT

GET
H2 200 app.css
d3si1iee1g6i28.cloudfront.net/5440cc01-c3f1-4d00-84b1-f87965bceed4/css/ 40 KB
8 KB 70ms
21ms Stylesheet
text/css 2600:9000:2156:6e00:12:aa6d:3c00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3si1iee1g6i28.cloudfront.net/5440cc01-c3f1-4d00-84b1-f87965bceed4/css/app.css
Requested by: Host: mytermplan.com
URL: https://mytermplan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6e00:12:aa6d:3c00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 466465617d2f5a0c5080bfdebd636bafd0c1d1868403c9f6ea066a0835b6c554

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytermplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 23:44:49 GMT
content-encoding: br
last-modified: Wed, 03 Aug 2022 21:05:05 GMT
server: AmazonS3
age: 750514
etag: W/"791567b36e81b02c8cd98ad5d040f021"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: vZitEpNbJbWll5yASBoEwU0SakmfVra59psfirsULRnRa1Zz2UZhlQ==
expires: Sat, 03 Sep 2022 21:05:02 GMT

GET
H2 200 script.js Show response
familiar-essential.mytermplan.com/ 6 KB
2 KB 500ms
428ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://familiar-essential.mytermplan.com/script.js
Requested by: Host: mytermplan.com
URL: https://mytermplan.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE-832 /
Resource Hash: 205c77c16b37bdc82a9714688d86381df1e4ff889360b581eaff151e42d0e1f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytermplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 16:13:23 GMT
content-encoding: br
cdn-edgestorageid: 832
x-amz-request-id: RNZD3X4YSEXR1BGV
cdn-cachedat: 08/12/2022 16:13:23
cdn-pullzone: 812869
x-amz-id-2: Dw11z+hBmXwAOC2ypTpim9Bo6IPaYif/dF2WURBQKwzPaevaMnnQmjB0mX11dcMQWswyd5tYCSQ=
server: BunnyCDN-DE-832
last-modified: Mon, 08 Aug 2022 21:30:04 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"89cd0c0281f0bca4a9782af393685fa8"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: MISS
cdn-uid: aa90c48b-f401-4fa1-aac1-c94c8f3ae560
cache-control: public, max-age=0
cdn-requestid: 6e76eb2fa1be0063477a66d3165e812b
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 202 KB
72 KB 204ms
124ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5JE9TYWZ47

Requested by

Host: mytermplan.com
URL: https://mytermplan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d36348f5b5c5a68676f26dd81687c4d330a916f3972d4466dd0b4ef9b853eb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytermplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 16:13:23 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73259
x-xss-protection: 0
expires: Fri, 12 Aug 2022 16:13:23 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 107 KB
42 KB 146ms
50ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-K7X5SFM

Requested by

Host: mytermplan.com
URL: https://mytermplan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ee052bff7a0f8a30f3531d5181eb420e6b02858554180fa96e95369245e565e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytermplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 16:13:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42205
x-xss-protection: 0
last-modified: Fri, 12 Aug 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Aug 2022 16:13:22 GMT

GET
H2 200 everflow.js Show response
www.abp4clk.com/scripts/sdk/ 58 KB
18 KB 288ms
142ms Script
text/javascript 34.120.2.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.abp4clk.com/scripts/sdk/everflow.js
Requested by: Host: mytermplan.com
URL: https://mytermplan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.2.161 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 161.2.120.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: b59e5aeeda81e37fefe6ae45ca9dfb38b63f604b5e63ab98d275cbaa675c4192

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytermplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 16:13:23 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: text/javascript
content-encoding: gzip
cache-control: max-age=14400
x-eflow-request-id: 35ae2c92-089a-45a7-853c-f23b74c0d13a
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 app.js Show response
d3si1iee1g6i28.cloudfront.net/5440cc01-c3f1-4d00-84b1-f87965bceed4/js/ 1013 KB
234 KB 29ms
23ms Script
application/javascript 2600:9000:2156:6e00:12:aa6d:3c00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3si1iee1g6i28.cloudfront.net/5440cc01-c3f1-4d00-84b1-f87965bceed4/js/app.js
Requested by: Host: mytermplan.com
URL: https://mytermplan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6e00:12:aa6d:3c00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0202c1424cdd09e5db918308e7ff8ae769c8ab5eb75e8d4a25af2a84f422f0d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytermplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 23:44:49 GMT
content-encoding: br
last-modified: Wed, 03 Aug 2022 21:05:05 GMT
server: AmazonS3
age: 750514
etag: W/"41a9eb26690bbc2262265b49b8cf0cf6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: oYiNbZE4FTtD-nTdEwcnHI6daYRhNiT4mxxiWd_cy95aguan7Sd5SQ==
expires: Sat, 03 Sep 2022 21:05:02 GMT

GET
H2 200 1.js Show response
cdn.ywxi.net/js/ 19 KB
5 KB 93ms
8ms Script
text/javascript 2600:9000:225e:d800:14:6bfc:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ywxi.net/js/1.js

Requested by

Host: mytermplan.com
URL: https://mytermplan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:d800:14:6bfc:5740:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

ee01d40bfdd77aba5652b3ff93095712b618a6a2cc2637828bd875979cfe9cb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytermplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 15:50:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1401
content-security-policy-report-only: report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
x-cache: Hit from cloudfront
content-length: 4567
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
referrer-policy: strict-origin-when-cross-origin
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: ZXwVivG4uOosaKJxH4YkwNZu0X_EzwHFD8ciTh5v6WGDEfXj3Km2mQ==
expires: Fri, 12 Aug 2022 16:50:03 GMT

GET
H2 200 css2
fonts.googleapis.com/ 26 KB
2 KB 145ms
47ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lora:wght@400;500;600;700&family=Mulish:wght@200;300;400;500;600;700;800;900&family=Ubuntu:wght@300;400;500;700&display=swap

Requested by

Host: d3si1iee1g6i28.cloudfront.net
URL: https://d3si1iee1g6i28.cloudfront.net/5440cc01-c3f1-4d00-84b1-f87965bceed4/css/app.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98c1e5f6c27d53f0d7c1515dda6e4ae5d48f913e74e081b61bdff063030e62df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d3si1iee1g6i28.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 12 Aug 2022 16:13:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 12 Aug 2022 16:13:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Aug 2022 16:13:23 GMT

GET
H2 200 hotjar-2914580.js Show response
static.hotjar.com/c/ 4 KB
2 KB 91ms
37ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2914580.js?sv=6

Requested by

Host: mytermplan.com
URL: https://mytermplan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

01e10eb2816424af4cd71acd6dcb3d2facfe346d8b58f7641a532ff25324a6a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytermplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 16:13:23 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA56-P2
etag: W/eced09adcc715652eb0398575777204a
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-amz-cf-id: k1rBX_0TcAZlfHmi9CJsE5dt3tuKtFiSZqtk8YCtkVq9noSzMSd6gA==
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 74ms
20ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: mytermplan.com
URL: https://mytermplan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4ff1b9b91db584b19d20b4d02af9ff7673add161ce3f9ceae9391b3a84fddab1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytermplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26515
x-xss-protection: 0
pragma: public
x-fb-debug: YUd/Gp0d5k0CZ5Yjhj4/hDZ7KnaRTAUfzkKH+bYtjY9Onwn0zkXYtmmEOZ1Mta68rz7Os9H+1OCfxXgvHIFJFA==
x-fb-trip-id: 720026100
x-frame-options: DENY
date: Fri, 12 Aug 2022 16:13:23 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 202 KB
72 KB 121ms
59ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5JE9TYWZ47&l=dataLayer&cx=c

Requested by

Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-K7X5SFM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3e36af9ebbbc02b7bfd3c2306accb77f7c2d373748fc88425703680852d5c448

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytermplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 16:13:23 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73402
x-xss-protection: 0
expires: Fri, 12 Aug 2022 16:13:23 GMT

GET
H2

200

bootstrap.js Show response
cdn.trustedform.com/
Redirect Chain

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16603208095920.7921511196100195
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=trusted_form&l=16603208095920.7921511196100195

8 KB
4 KB

393ms
219ms

Script
application/javascript

2600:9000:223d:3400:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=trusted_form&l=16603208095920.7921511196100195
Requested by: Host: mytermplan.com
URL: https://mytermplan.com/
Protocol: H2
Server: 2600:9000:223d:3400:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c98c65185f0c687986fab5e2b66b56d7f89b896d1aa7dae48ccb466ee58ef46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytermplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 16:13:24 GMT
content-encoding: gzip
last-modified: Tue, 10 May 2022 15:11:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
etag: W/"af2c721f28d4f08f6dd1e2d1538d6d5e"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront)
x-amz-version-id: M4BYxzuwDsSLMzNpxHSURX978fUhoR5T
x-amz-cf-id: kU7kFCIz7Hmt_Ej7usgy7hlZLDdiwezcQKU4x4ypnaUPXJJKxxao_g==

Redirect headers

location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=trusted_form&l=16603208095920.7921511196100195
date: Fri, 12 Aug 2022 16:13:23 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2 200 ac452b9b-c22c-3b1e-8364-032105f2f6dc.js Show response
create.lidstatic.com/campaign/ 123 KB
39 KB 449ms
411ms Script
text/javascript 2606:4700:10::6816:26b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/ac452b9b-c22c-3b1e-8364-032105f2f6dc.js?snippet_version=2
Requested by: Host: mytermplan.com
URL: https://mytermplan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:26b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 389a21f9fbc323bee7576ca975e9c755231a71659205635fe49ed854b3956eb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytermplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 16:13:23 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Fri, 12 Nov 2021 01:05:07 GMT
server: cloudflare
x-amz-request-id: 7K57W08M7EM5K0HR
etag: W/"b652cd222e7d7b3ee624304126127749"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1800
x-amz-replication-status: COMPLETED
cf-ray: 739a7f7c1b2fbba9-FRA
x-amz-version-id: OfZ8.3VcKJpZSKvFZUs28IXQBNYeTmYU
x-amz-id-2: YItGavoSFXboihlRKapPMWGuH8VPkcSdz1Rnv64cYriMkXWV2IAn3UEvfJJHJ3hrNytdN61KJiM=

GET
H2 200 modules.8b83be320cd47888a36c.js Show response
script.hotjar.com/ 249 KB
64 KB 39ms
10ms Script
application/javascript 52.222.236.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.8b83be320cd47888a36c.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2914580.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-43.fra56.r.cloudfront.net

Software

Resource Hash

3395548d12c45b3163fe2231ff03b0ced049771aeae73bacb45b2726e2f61010

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytermplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 10:54:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19157
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
content-length: 65169
access-control-allow-origin: *
last-modified: Fri, 12 Aug 2022 10:53:25 GMT
etag: "aa31991b0402338880bb68565eec8d76"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 3vPrP_QlsFnfpafxrdlQiXST6EPDbvLIfwmv6yd8ewh2yoerklEwEA==

GET
H2 200 1088754038346051 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 210ms
209ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1088754038346051?v=2.9.75&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

632f8ad2385a054015f1b0c3e77db64f3b540fe7e76075b55d714c68bc23e41f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytermplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: /xdXsIK3FM+2ZfbpTRCcwp3udUlc19fT52fHUkC7ou/dsFZZWQHm0LQSzNVkX9ingV8AgstY/ZAAhG7CRNM3uw==
x-fb-trip-id: 720026100
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 12 Aug 2022 16:13:23 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1660320803470
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK client.json Show response
s3-us-west-2.amazonaws.com/mfesecure-public/host/mytermplan.com/ 221 B
999 B 756ms
240ms XHR
application/json 3.5.76.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/mfesecure-public/host/mytermplan.com/client.json?source=jsmain
Requested by: Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.76.165 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 72d6e2d471513737dc4f8cdcbab65748167793c113ec1915044e2d29ec3f19b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytermplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 12 Aug 2022 16:13:24 GMT
Content-Encoding: gzip
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: RNZ8F61MFWZRPQY4
x-amz-replication-status: COMPLETED
Content-Length: 177
x-amz-id-2: 0jfn4jqO7RRWb2K3/ul0+c5N5MVwJmA+q/CgOFPgKuha5vRiILyRyG6LyhpSe6/uVb+3pAb6OrMl3HaPmNRP6w==
Last-Modified: Tue, 26 Jul 2022 17:04:20 GMT
Server: AmazonS3
ETag: "e59f1a5e4c16c5d3bf798d7f4e637205"
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: GET, HEAD
x-amz-version-id: iv4Jt5DzgVU8xNMhpbZnwUsAXVD.xA1J
Access-Control-Allow-Origin: https://mytermplan.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Cache-Control: public, max-age=60
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Type: application/json

GET
H/1.1 200
OK client.json Show response
s3-us-west-2.amazonaws.com/mfesecure-public/host/mytermplan.com/ 221 B
999 B 757ms
240ms XHR
application/json 3.5.76.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/mfesecure-public/host/mytermplan.com/client.json?source=jsinline
Requested by: Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.76.165 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 72d6e2d471513737dc4f8cdcbab65748167793c113ec1915044e2d29ec3f19b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytermplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 12 Aug 2022 16:13:24 GMT
Content-Encoding: gzip
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: RNZ2MSS0H004WF10
x-amz-replication-status: COMPLETED
Content-Length: 177
x-amz-id-2: bp2G10wwzbYc5b9OR2d71jbFhuV9ksoWXNJarNhgXkXAXg1vmYYSEpyIP62l9Lb/VMWjq9xjoD8giDbKC7H9bQ==
Last-Modified: Tue, 26 Jul 2022 17:04:20 GMT
Server: AmazonS3
ETag: "e59f1a5e4c16c5d3bf798d7f4e637205"
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: GET, HEAD
x-amz-version-id: iv4Jt5DzgVU8xNMhpbZnwUsAXVD.xA1J
Access-Control-Allow-Origin: https://mytermplan.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Cache-Control: public, max-age=60
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Type: application/json

GET
H2 200 box-1ada912494ba7fc7aca15fcef1c2a7ae.html Show response
vars.hotjar.com/ Frame 1226 2 KB
1 KB 52ms
7ms Document
text/html 18.66.139.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-1ada912494ba7fc7aca15fcef1c2a7ae.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2914580.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.28 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-28.fra60.r.cloudfront.net

Software

Resource Hash

90438997aa817bad94f49d367b04dbaaaa387493ef5a1f5b5d5f7b953b76c1ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://mytermplan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2619617
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 13 Jul 2022 08:33:06 GMT
etag: "0b3d3f4206ab84d8861a8cc4b2ddbe66"
last-modified: Wed, 13 Jul 2022 08:32:20 GMT
strict-transport-security: max-age=86400; includeSubDomains
vary: Accept-Encoding
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-id: GBZvHoozmc8-zg261bmn6RDOhyRfQkvITHc1OBUEteloCt7nDaxdxg==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 27 KB
27 KB 132ms
38ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lora:wght@400;500;600;700&family=Mulish:wght@200;300;400;500;600;700;800;900&family=Ubuntu:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mytermplan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 22:12:37 GMT
x-content-type-options: nosniff
age: 324046
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 22:12:37 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
346 B 219ms
43ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5JE9TYWZ47&gtm=2oe880&_p=487433896&cid=1188269354.1660320810&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660320810&sct=1&seg=0&dl=https%3A%2F%2Fmytermplan.com%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5JE9TYWZ47&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytermplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 16:13:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mytermplan.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mtp-tree.png
d3si1iee1g6i28.cloudfront.net/5440cc01-c3f1-4d00-84b1-f87965bceed4/images/ 8 KB
8 KB 654ms
654ms Image
image/png 2600:9000:2156:6e00:12:aa6d:3c00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3si1iee1g6i28.cloudfront.net/5440cc01-c3f1-4d00-84b1-f87965bceed4/images/mtp-tree.png?4614ea35e55513e7ece96ef5ad2a0ee2
Requested by: Host: mytermplan.com
URL: https://mytermplan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6e00:12:aa6d:3c00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 920c1b269c5c05fa2bc01dc648f78a521dd4cc27468a9b44821d4a16f7c2cb17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytermplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 16:13:25 GMT
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
last-modified: Wed, 03 Aug 2022 21:05:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "b068e447da4b387ee3fd88afe440bf5e"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 7845
x-amz-cf-id: rWplZKRS5kBRDTy_vms-uHt-TiyrD7xDo8assxP-RL4wE7U_MJBnYQ==
expires: Mon, 22 Aug 2022 14:52:42 GMT

GET
H2 200 mtp-document.jpg
d3si1iee1g6i28.cloudfront.net/5440cc01-c3f1-4d00-84b1-f87965bceed4/images/ 216 KB
217 KB 684ms
684ms Image
image/jpeg 2600:9000:2156:6e00:12:aa6d:3c00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3si1iee1g6i28.cloudfront.net/5440cc01-c3f1-4d00-84b1-f87965bceed4/images/mtp-document.jpg?4952a99bf12fae5142a63e58252d63d3
Requested by: Host: mytermplan.com
URL: https://mytermplan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6e00:12:aa6d:3c00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b7d85501d2ff8e3fa6f1bddbf5acf75909340b0d2f02e1b7b0e48fe2da6a6118

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytermplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 16:13:25 GMT
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
last-modified: Wed, 03 Aug 2022 21:05:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "f2eb05a65380ba5ef0f61d2a0f90f126"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 221535
x-amz-cf-id: J5MjsJ-9eg9F33538X0sqpoj1SnrcjZ6G1Pt5DVtnt0YT6D2GETRQQ==
expires: Mon, 22 Aug 2022 14:52:42 GMT

GET
H2 200 mtp-support.jpg
d3si1iee1g6i28.cloudfront.net/5440cc01-c3f1-4d00-84b1-f87965bceed4/images/ 292 KB
293 KB 691ms
691ms Image
image/jpeg 2600:9000:2156:6e00:12:aa6d:3c00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3si1iee1g6i28.cloudfront.net/5440cc01-c3f1-4d00-84b1-f87965bceed4/images/mtp-support.jpg?029a9edaeae1a8e8acaf02cf776ca231
Requested by: Host: mytermplan.com
URL: https://mytermplan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6e00:12:aa6d:3c00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6d86bc060dfd7688a7d87d7a72a909e86caa73e74e19cc73e5deb2faf71ff2f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytermplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 16:13:25 GMT
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
last-modified: Wed, 03 Aug 2022 21:05:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "7b9568ea4f6b30ae6f8dbe1bee22a080"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 298768
x-amz-cf-id: ynDScC0RzJAkcAQFdwHXbna6VJEQtlHXT2O3KogeesRQlsJD7yKu8w==
expires: Mon, 22 Aug 2022 14:52:42 GMT

GET
H2 200 mtp-splash.jpg
d3si1iee1g6i28.cloudfront.net/5440cc01-c3f1-4d00-84b1-f87965bceed4/images/ 234 KB
234 KB 691ms
691ms Image
image/jpeg 2600:9000:2156:6e00:12:aa6d:3c00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3si1iee1g6i28.cloudfront.net/5440cc01-c3f1-4d00-84b1-f87965bceed4/images/mtp-splash.jpg?7741e993b0742c30ee35d8c5be10c38a
Requested by: Host: d3si1iee1g6i28.cloudfront.net
URL: https://d3si1iee1g6i28.cloudfront.net/5440cc01-c3f1-4d00-84b1-f87965bceed4/css/app.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6e00:12:aa6d:3c00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4688c3489791b0259e34a820539ab27863f2c7cad9105283364c9021ee2983d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d3si1iee1g6i28.cloudfront.net/5440cc01-c3f1-4d00-84b1-f87965bceed4/css/app.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 16:13:25 GMT
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
last-modified: Wed, 03 Aug 2022 21:05:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "5aed16ed03538f5abf91cc6be56add34"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 239284
x-amz-cf-id: sds3iq6dm2OUZnIzrlcr9e3EmQ3LvahKcVG8JQ6luozWV5K9m1sWyQ==
expires: Mon, 22 Aug 2022 14:52:42 GMT

GET
H2 200 /
familiar-essential.mytermplan.com/ 43 B
425 B 14ms
13ms Image
image/gif 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://familiar-essential.mytermplan.com/?v=eyJoIjoiaHR0cHM6Ly9teXRlcm1wbGFuLmNvbSIsInAiOiIvIiwiciI6IiIsInNpZCI6IllGSkNXTVRaIiwicXMiOnt9LCJjaWQiOjgyNTcwNTA2fQ%3D%3D
Requested by: Host: mytermplan.com
URL: https://mytermplan.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE-832 /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytermplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 16:13:23 GMT
cdn-edgestorageid: 832
cdn-cachedat: 08/12/2022 16:13:23
cdn-pullzone: 812869
content-length: 43
server: BunnyCDN-DE-832
pragma: no-cache
cdn-proxyver: 1.02
cdn-requestpullcode: 200
tk: N
content-type: text/plain; charset=utf-8, image/gif
cdn-cache: MISS
cdn-uid: aa90c48b-f401-4fa1-aac1-c94c8f3ae560
cache-control: public, max-age=0
cdn-requestid: 6065ad00f333d33bd3ae59c242c3cdcc
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 /
familiar-essential.mytermplan.com/ 43 B
425 B 224ms
224ms Image
image/gif 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://familiar-essential.mytermplan.com/?v=eyJoIjoiaHR0cHM6Ly9teXRlcm1wbGFuLmNvbSIsInAiOiIvIiwiciI6IiIsInNpZCI6IllGSkNXTVRaIiwicXMiOnt9LCJjaWQiOjkxODA3NTkyfQ%3D%3D
Requested by: Host: mytermplan.com
URL: https://mytermplan.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE-832 /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytermplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 16:13:24 GMT
cdn-edgestorageid: 832
cdn-cachedat: 08/12/2022 16:13:24
cdn-pullzone: 812869
content-length: 43
server: BunnyCDN-DE-832
pragma: no-cache
cdn-proxyver: 1.02
cdn-requestpullcode: 200
tk: N
content-type: text/plain; charset=utf-8, image/gif
cdn-cache: MISS
cdn-uid: aa90c48b-f401-4fa1-aac1-c94c8f3ae560
cache-control: public, max-age=0
cdn-requestid: 7b32af6c4faf185b52b0fcf0e78c089c
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 200 GenerateToken Show response
create.leadid.com/2.11.9/ 36 B
659 B 350ms
137ms XHR
text/plain 34.204.233.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/GenerateToken?msn=1&pid=c91341fb-997b-4c06-a96f-0d49047766cd&_=191461319

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/ac452b9b-c22c-3b1e-8364-032105f2f6dc.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.204.233.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-233-42.compute-1.amazonaws.com

Software

nginx /

Resource Hash

3bd5704d1143897349d69e73dc8e4fc2421cd50e0ca1060456d91e13489a96a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://mytermplan.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 12 Aug 2022 16:13:24 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 37ms
9ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1088754038346051&ev=PageView&dl=https%3A%2F%2Fmytermplan.com%2F&rl=&if=false&ts=1660320810233&sw=1600&sh=1200&v=2.9.75&r=stable&ec=0&o=30&fbp=fb.1.1660320810231.1424367365&it=1660320809692&coo=false&rqm=GET

Requested by

Host: mytermplan.com
URL: https://mytermplan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytermplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 16:13:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 12 Aug 2022 16:13:23 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2914580/ 147 B
322 B 105ms
36ms XHR
application/json 54.216.81.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2914580/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8b83be320cd47888a36c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.216.81.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-81-154.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a82fc6cdeed37975df9de2eb175b204a15a04b4d7d7ac579a2beb538d18bbca9

Request headers

Referer: https://mytermplan.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 12 Aug 2022 16:13:23 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

POST
H2 200 content Show response
ws41.hotjar.com/api/v2/sites/2914580/recordings/ 66 B
260 B 251ms
94ms XHR
application/json 54.76.240.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws41.hotjar.com/api/v2/sites/2914580/recordings/content
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8b83be320cd47888a36c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.240.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-240-228.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 97c77640d1f0a522152aa8c728d14751ae78a3cd3e960483f8e35eeafa6944aa

Request headers

Referer: https://mytermplan.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 12 Aug 2022 16:13:24 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 ajax Show response
www.trustedsite.com/rpc/ 6 B
944 B 552ms
171ms Script
text/javascript 54.245.68.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trustedsite.com/rpc/ajax?do=tmjs-visit&host=mytermplan.com&rand=1660320810452

Requested by

Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.245.68.207 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-245-68-207.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

a4aa9f775af34f63386d8b4d8a14fce2225c317c3f93cbafdeb5a8524eb542a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytermplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 16:13:24 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-security-policy-report-only: report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
content-length: 26
x-content-type-options: nosniff

GET
H2 200 205.svg
cdn.ywxi.net/meter/mytermplan.com/ 20 KB
8 KB 159ms
159ms Image
image/svg+xml 2600:9000:225e:d800:14:6bfc:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.ywxi.net/meter/mytermplan.com/205.svg?ts=1658855059195&l=en-US

Requested by

Host: mytermplan.com
URL: https://mytermplan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:d800:14:6bfc:5740:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

1a0989896f2933670321396aa9d0581db5ec8bdf3327691ca35f9c4bfa98c8fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytermplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 16:13:24 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
server: Apache
x-amz-cf-pop: FRA60-P4
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
content-type: image/svg+xml
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
cache-control: public
content-security-policy-report-only: report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
content-length: 7400
x-content-type-options: nosniff
x-amz-cf-id: yXfWNqgQ9XxP1iLC6I7A9TZPmwGJAdgSIE2snD-eHOlqIEW9Vz65Ag==
expires: Fri, 12 Aug 2022 17:13:23 GMT

GET
H/1.1 200
OK iframe.html Show response
d2m2wsoho8qq12.cloudfront.net/ Frame 7807 3 KB
2 KB 55ms
8ms Document
text/html 52.222.206.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=F92B85D6-FBBC-4700-12EB-209C974AFB9F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=AC452B9B-C22C-3B1E-8364-032105F2F6DC&lac=1C08D750-3A5B-6AE9-D82D-3EAD2E90EE45

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/ac452b9b-c22c-3b1e-8364-032105f2f6dc.js?snippet_version=2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.206.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-206-97.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://mytermplan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 66000
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 11 Aug 2022 21:53:31 GMT
ETag: W/"6298d697-dbb"
Last-Modified: Thu, 02 Jun 2022 15:26:15 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
X-Amz-Cf-Id: YKS6JCa0ucCPgg9Gy1pQpnuWDI58bFPBM-KIxlYzYl5zl3_qMaNvDQ==
X-Amz-Cf-Pop: FRA56-P3
X-Cache: Hit from cloudfront

POST
H2 200 SaveDom Show response
create.leadid.com/2.11.9/ 0
621 B 117ms
117ms XHR
text/plain 34.204.233.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDom?msn=2&pid=c91341fb-997b-4c06-a96f-0d49047766cd&token=F92B85D6-FBBC-4700-12EB-209C974AFB9F&_=191461320

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/ac452b9b-c22c-3b1e-8364-032105f2f6dc.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.204.233.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-233-42.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://mytermplan.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 12 Aug 2022 16:13:24 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.9/ 0
622 B 101ms
101ms XHR
text/plain 34.204.233.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/InitFormData?msn=3&pid=c91341fb-997b-4c06-a96f-0d49047766cd&token=F92B85D6-FBBC-4700-12EB-209C974AFB9F&_=191461321

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/ac452b9b-c22c-3b1e-8364-032105f2f6dc.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.204.233.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-233-42.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://mytermplan.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 12 Aug 2022 16:13:24 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 iframe.html Show response
deviceid.trueleadid.com/ Frame 627D 4 KB
2 KB 311ms
100ms Document
text/html 23.23.142.3
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deviceid.trueleadid.com/iframe.html?token=F92B85D6-FBBC-4700-12EB-209C974AFB9F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=AC452B9B-C22C-3B1E-8364-032105F2F6DC&lac=1C08D750-3A5B-6AE9-D82D-3EAD2E90EE45
Requested by: Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=F92B85D6-FBBC-4700-12EB-209C974AFB9F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=AC452B9B-C22C-3B1E-8364-032105F2F6DC&lac=1C08D750-3A5B-6AE9-D82D-3EAD2E90EE45
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.142.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-142-3.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400 public
content-encoding: gzip
content-type: text/html
date: Fri, 12 Aug 2022 16:13:24 GMT
etag: W/"62a74f42-1049"
expires: Sat, 13 Aug 2022 16:13:24 GMT
last-modified: Mon, 13 Jun 2022 14:52:50 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server: nginx

GET
H2 200 SaveDeviceId.js Show response
create.leadid.com/2.11.9/ Frame 627D 0
626 B 295ms
103ms Script
text/javascript 34.204.233.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDeviceId.js?lac=1C08D750-3A5B-6AE9-D82D-3EAD2E90EE45&lck=AC452B9B-C22C-3B1E-8364-032105F2F6DC&methods=48&token=F92B85D6-FBBC-4700-12EB-209C974AFB9F&uuid=4247a053cfa2465abcde05e990195c56

Requested by

Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=F92B85D6-FBBC-4700-12EB-209C974AFB9F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=AC452B9B-C22C-3B1E-8364-032105F2F6DC&lac=1C08D750-3A5B-6AE9-D82D-3EAD2E90EE45

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.204.233.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-233-42.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deviceid.trueleadid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 16:13:24 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.11.9/ 0
622 B 391ms
103ms XHR
text/plain 34.204.233.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=4&pid=c91341fb-997b-4c06-a96f-0d49047766cd&token=F92B85D6-FBBC-4700-12EB-209C974AFB9F&_=191461322

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/ac452b9b-c22c-3b1e-8364-032105f2f6dc.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.204.233.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-233-42.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://mytermplan.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 12 Aug 2022 16:13:24 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 201 certs Show response
api.trustedform.com/ 475 B
686 B 302ms
101ms XHR
application/json 52.70.191.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16603208095920.7921511196100195
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.191.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-191-56.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: ef7df21aea60561b7a3966d64cdef9dd8cc2ecc09b9ef91c576aa19231e2af48

Request headers

Referer: https://mytermplan.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Aug 2022 16:13:25 GMT
server: Cowboy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 475

GET
H2 200 trustedform-1.8.26.js Show response
cdn.trustedform.com/ 97 KB
36 KB 9ms
8ms Script
application/javascript 2600:9000:223d:3400:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16603208095920.7921511196100195
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:3400:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 33da22f0d9d8386d0028f02a1f0052807daae08d3d6f14eb47e7262735d9b98b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytermplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: YhD1w8vOtRO5jDnJaxxF8bLdiuVEBdVt
content-encoding: gzip
last-modified: Tue, 10 May 2022 15:11:25 GMT
server: AmazonS3
age: 22
etag: W/"d9aa7fe810084b856ea5e1fed26caefa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront)
date: Fri, 12 Aug 2022 16:13:05 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: 63WClth2S73i4dbS2K-mAHs6a7LOcTKnq_UuWBzAd6iPmKBBaCMZKA==

POST
H2 204 snapshot Show response
api.trustedform.com/certs/f887f4fb8975d2bf5a30f73ba568c25d08c9f8c7/ 0
159 B 201ms
201ms XHR
text/plain 52.70.191.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/f887f4fb8975d2bf5a30f73ba568c25d08c9f8c7/snapshot
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.191.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-191-56.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mytermplan.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 12 Aug 2022 16:13:25 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: Cowboy
access-control-expose-headers

GET
H2 200 mtp-tree.png
d3si1iee1g6i28.cloudfront.net/5440cc01-c3f1-4d00-84b1-f87965bceed4/images/ 8 KB
8 KB 13ms
12ms Image
image/png 2600:9000:2156:6e00:12:aa6d:3c00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3si1iee1g6i28.cloudfront.net/5440cc01-c3f1-4d00-84b1-f87965bceed4/images/mtp-tree.png?4614ea35e55513e7ece96ef5ad2a0ee2
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6e00:12:aa6d:3c00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 920c1b269c5c05fa2bc01dc648f78a521dd4cc27468a9b44821d4a16f7c2cb17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytermplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 16:13:25 GMT
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
last-modified: Wed, 03 Aug 2022 21:05:06 GMT
server: AmazonS3
age: 1
etag: "b068e447da4b387ee3fd88afe440bf5e"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 7845
x-amz-cf-id: j077D5tek9b5sS5SeyJAKxzHjowkshHm0d5KA5jVPBu3KvctYClgJg==
expires: Mon, 22 Aug 2022 14:52:42 GMT

GET
H2 200 mtp-document.jpg
d3si1iee1g6i28.cloudfront.net/5440cc01-c3f1-4d00-84b1-f87965bceed4/images/ 216 KB
217 KB 29ms
28ms Image
image/jpeg 2600:9000:2156:6e00:12:aa6d:3c00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3si1iee1g6i28.cloudfront.net/5440cc01-c3f1-4d00-84b1-f87965bceed4/images/mtp-document.jpg?4952a99bf12fae5142a63e58252d63d3
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6e00:12:aa6d:3c00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b7d85501d2ff8e3fa6f1bddbf5acf75909340b0d2f02e1b7b0e48fe2da6a6118

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytermplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 16:13:25 GMT
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
last-modified: Wed, 03 Aug 2022 21:05:06 GMT
server: AmazonS3
age: 1
etag: "f2eb05a65380ba5ef0f61d2a0f90f126"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 221535
x-amz-cf-id: 8n-_gVj4Bd-cb1fEHHcllBnZeei9tk5CKOsc6p24yIBO3Z0vlNC15g==
expires: Mon, 22 Aug 2022 14:52:42 GMT

GET
H2 200 mtp-support.jpg
d3si1iee1g6i28.cloudfront.net/5440cc01-c3f1-4d00-84b1-f87965bceed4/images/ 292 KB
292 KB 12ms
12ms Image
image/jpeg 2600:9000:2156:6e00:12:aa6d:3c00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3si1iee1g6i28.cloudfront.net/5440cc01-c3f1-4d00-84b1-f87965bceed4/images/mtp-support.jpg?029a9edaeae1a8e8acaf02cf776ca231
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6e00:12:aa6d:3c00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6d86bc060dfd7688a7d87d7a72a909e86caa73e74e19cc73e5deb2faf71ff2f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytermplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 16:13:25 GMT
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
last-modified: Wed, 03 Aug 2022 21:05:06 GMT
server: AmazonS3
age: 1
etag: "7b9568ea4f6b30ae6f8dbe1bee22a080"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 298768
x-amz-cf-id: JfmRqNCBmWEpToQmdxAO9R-c7OWTSUw9v-F_HUrIHL2Rlc61JxDBCg==
expires: Mon, 22 Aug 2022 14:52:42 GMT

POST
H2 204 fingerprints Show response
api.trustedform.com/certs/f887f4fb8975d2bf5a30f73ba568c25d08c9f8c7/ 0
159 B 194ms
194ms XHR
text/plain 52.70.191.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/f887f4fb8975d2bf5a30f73ba568c25d08c9f8c7/fingerprints
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.191.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-191-56.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mytermplan.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 12 Aug 2022 16:13:25 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: Cowboy
access-control-expose-headers

GET
DATA 200
OK truncated
/ 10 KB
10 KB Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 17ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1088754038346051&ev=Microdata&dl=https%3A%2F%2Fmytermplan.com%2F&rl=&if=false&ts=1660320811745&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22My%20Term%20Plan%20-%20Plant%20the%20Seeds%20of%20Protection%22%2C%22meta%3Adescription%22%3A%22Home%20meta%20description%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.75&r=stable&ec=1&o=30&fbp=fb.1.1660320810231.1424367365&it=1660320809692&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytermplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 16:13:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 12 Aug 2022 16:13:25 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.9/ 0
621 B 100ms
100ms XHR
text/plain 34.204.233.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/InitFormData?msn=5&pid=c91341fb-997b-4c06-a96f-0d49047766cd&token=F92B85D6-FBBC-4700-12EB-209C974AFB9F&_=191461323

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/ac452b9b-c22c-3b1e-8364-032105f2f6dc.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.204.233.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-233-42.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://mytermplan.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 12 Aug 2022 16:13:25 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.11.9/ 0
621 B 101ms
100ms XHR
text/plain 34.204.233.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=6&pid=c91341fb-997b-4c06-a96f-0d49047766cd&token=F92B85D6-FBBC-4700-12EB-209C974AFB9F&_=191461324

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/ac452b9b-c22c-3b1e-8364-032105f2f6dc.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.204.233.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-233-42.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://mytermplan.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 12 Aug 2022 16:13:25 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 events Show response
api.trustedform.com/certs/f887f4fb8975d2bf5a30f73ba568c25d08c9f8c7/ 0
159 B 102ms
101ms XHR
text/plain 52.70.191.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/f887f4fb8975d2bf5a30f73ba568c25d08c9f8c7/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.191.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-191-56.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mytermplan.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 12 Aug 2022 16:13:26 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: Cowboy
access-control-expose-headers

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 108ms
39ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5JE9TYWZ47&gtm=2oe880&_p=487433896&cid=1188269354.1660320810&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=2&sid=1660320810&sct=1&seg=0&dl=https%3A%2F%2Fmytermplan.com%2F&dt=&en=scroll&epn.percent_scrolled=90&_et=26
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5JE9TYWZ47&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mytermplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 16:13:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mytermplan.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 events Show response
api.trustedform.com/certs/f887f4fb8975d2bf5a30f73ba568c25d08c9f8c7/ 0
159 B 102ms
101ms XHR
text/plain 52.70.191.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/f887f4fb8975d2bf5a30f73ba568c25d08c9f8c7/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.191.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-191-56.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mytermplan.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 12 Aug 2022 16:13:29 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: Cowboy
access-control-expose-headers

POST
H2 200 Snap Show response
create.leadid.com/2.11.9/ 0
622 B 387ms
292ms XHR
text/plain 34.204.233.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=7&pid=c91341fb-997b-4c06-a96f-0d49047766cd&token=F92B85D6-FBBC-4700-12EB-209C974AFB9F&_=191461325

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/ac452b9b-c22c-3b1e-8364-032105f2f6dc.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.204.233.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-233-42.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://mytermplan.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 12 Aug 2022 16:13:30 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 events Show response
api.trustedform.com/certs/f887f4fb8975d2bf5a30f73ba568c25d08c9f8c7/ 0
159 B 101ms
101ms XHR
text/plain 52.70.191.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/f887f4fb8975d2bf5a30f73ba568c25d08c9f8c7/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.191.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-191-56.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mytermplan.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 12 Aug 2022 16:13:30 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: Cowboy
access-control-expose-headers

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
mytermplan.com/	1970-01-20 05:12:08	Name: crowdfront_session Value: eyJpdiI6IkNSQUhGWExOTlc1ZndMZzhmWmJ3bHc9PSIsInZhbHVlIjoiU3NjazYrTkdRTDQwekNUUEVjekdId1JNR1QvYURsTVczTWszTTVvZmd6TnJNa2I2YlNpa0dCc25vY3R5RkdGakxxYnk5c1NKU2JHZ3hYNzgxQnJiTXJRdHpSOUIyRGxST1pmcnRhN25FNkVFVUZ1dHhnMWtETXl4V2RqdkkvUG0iLCJtYWMiOiIzM2YyYzdjODk0MGMxZTcwYzQ4Y2MyMjAyYzRhMWRiZmFkMTY1OTY2MDhmODQ1YjUzZTE4MmE4YmViNWQ2YWYwIiwidGFnIjoiIn0%3D
mytermplan.com/	1970-01-20 05:12:08	Name: XSRF-TOKEN Value: eyJpdiI6IkNJM0FXZStkamZyR2VNMGhvYkhQbXc9PSIsInZhbHVlIjoiemQvRGpuWHVjY1ZLYXVzUENySElpaEZMdXZWdW9BUVA0b0lDdmordFljaFM0SmdCejAzZDlYa0FtZHBCMTV1V2g0TmtSUW9MVlNrcEFvdVd1cGhwZ2t0MWNFRFNFRXBuRHJKWjgyU1ZISnMxQ0lkSDBLYXJadTdRTGt5R1BWY24iLCJtYWMiOiIzYzUzZjE3YjNkZTdlNGE2NDY1OGJiZjRjNTQxMDQxZWQyNmUwNTA1OTk1OGJjY2ZlMjJlZjU0ZTBhMGY1YzBhIiwidGFnIjoiIn0%3D
.mytermplan.com/	1970-01-20 14:48:00	Name: _ga_5JE9TYWZ47 Value: GS1.1.1660320810.1.0.1660320810.0
.mytermplan.com/	1970-01-20 14:48:00	Name: _ga Value: GA1.1.1188269354.1660320810
.mytermplan.com/	1970-01-20 07:21:36	Name: _fbp Value: fb.1.1660320810231.1424367365
.mytermplan.com/	1970-01-20 13:57:36	Name: _hjSessionUser_2914580 Value: eyJpZCI6IjE2MmVhNTk1LWRiYzgtNTA1ZS1hNjVlLTEwZDk1NjczYTVmMCIsImNyZWF0ZWQiOjE2NjAzMjA4MDk3NzAsImV4aXN0aW5nIjpmYWxzZX0=
.mytermplan.com/	1970-01-20 05:12:02	Name: _hjFirstSeen Value: 1
mytermplan.com/	1970-01-20 05:12:00	Name: _hjIncludedInSessionSample Value: 1
.mytermplan.com/	1970-01-20 05:12:02	Name: _hjSession_2914580 Value: eyJpZCI6IjJjOTBjMmMzLTYzNWEtNDJiYS04YTI3LWYzNDU2NDc4ZWIwZCIsImNyZWF0ZWQiOjE2NjAzMjA4MTAyMzUsImluU2FtcGxlIjp0cnVlfQ==
mytermplan.com/	1970-01-20 05:12:00	Name: _hjIncludedInPageviewSample Value: 1
.mytermplan.com/	1970-01-20 05:12:02	Name: _hjAbsoluteSessionInProgress Value: 0
mytermplan.com/	1970-01-20 05:13:27	Name: trustedsite_visit Value: 1
mytermplan.com/	1970-01-20 05:12:01	Name: trustedsite_tm_float_seen Value: 1
mytermplan.com/	1970-01-20 05:12:01	Name: leadid_token-1C08D750-3A5B-6AE9-D82D-3EAD2E90EE45-AC452B9B-C22C-3B1E-8364-032105F2F6DC Value: F92B85D6-FBBC-4700-12EB-209C974AFB9F
.deviceid.trueleadid.com/	1970-01-20 14:48:00	Name: uuid Value: 4247a053cfa2465abcde05e990195c56
www.trustedsite.com/	1970-01-20 05:22:05	Name: AWSALBCORS Value: n2hJhSFfBbu6B5DybGiWLLnFmn10c3Oeuo61YiP1IBFGfNATYYKcC4/OGx7MvZ8D9I7Txb/TsfTsHOtN/LYg/zWGYaWsj1WGcTiZh4P8eCANLLZ02SEGZjxq5faE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.trustedform.com
cdn.trustedform.com
cdn.ywxi.net
connect.facebook.net
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
d3si1iee1g6i28.cloudfront.net
deviceid.trueleadid.com
familiar-essential.mytermplan.com
fonts.googleapis.com
fonts.gstatic.com
in.hotjar.com
mytermplan.com
region1.google-analytics.com
rsms.me
s3-us-west-2.amazonaws.com
script.hotjar.com
static.hotjar.com
vars.hotjar.com
ws41.hotjar.com
www.abp4clk.com
www.facebook.com
www.googleoptimize.com
www.googletagmanager.com
www.trustedsite.com
138.199.37.226
18.66.139.28
18.66.97.10
2001:4860:4802:34::36
23.23.142.3
2600:9000:2156:6e00:12:aa6d:3c00:21
2600:9000:223d:3400:1c:7f1a:6680:93a1
2600:9000:225e:d800:14:6bfc:5740:93a1
2606:4700:10::6816:26b6
2606:4700:3036::ac43:9e2a
2a00:1450:4001:80b::2008
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
2a00:1450:4001:828::200e
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f12d:83:face:b00c:0:25de
3.5.76.165
34.120.2.161
34.204.233.42
52.222.206.97
52.222.236.43
52.52.10.242
52.70.191.56
54.216.81.154
54.245.68.207
54.76.240.228
01e10eb2816424af4cd71acd6dcb3d2facfe346d8b58f7641a532ff25324a6a0
0202c1424cdd09e5db918308e7ff8ae769c8ab5eb75e8d4a25af2a84f422f0d4
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1a0989896f2933670321396aa9d0581db5ec8bdf3327691ca35f9c4bfa98c8fd
1d36348f5b5c5a68676f26dd81687c4d330a916f3972d4466dd0b4ef9b853eb8
205c77c16b37bdc82a9714688d86381df1e4ff889360b581eaff151e42d0e1f1
3395548d12c45b3163fe2231ff03b0ced049771aeae73bacb45b2726e2f61010
33da22f0d9d8386d0028f02a1f0052807daae08d3d6f14eb47e7262735d9b98b
389a21f9fbc323bee7576ca975e9c755231a71659205635fe49ed854b3956eb6
3bd5704d1143897349d69e73dc8e4fc2421cd50e0ca1060456d91e13489a96a3
3c98c65185f0c687986fab5e2b66b56d7f89b896d1aa7dae48ccb466ee58ef46
3e36af9ebbbc02b7bfd3c2306accb77f7c2d373748fc88425703680852d5c448
466465617d2f5a0c5080bfdebd636bafd0c1d1868403c9f6ea066a0835b6c554
4688c3489791b0259e34a820539ab27863f2c7cad9105283364c9021ee2983d4
4ff1b9b91db584b19d20b4d02af9ff7673add161ce3f9ceae9391b3a84fddab1
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
632f8ad2385a054015f1b0c3e77db64f3b540fe7e76075b55d714c68bc23e41f
6d86bc060dfd7688a7d87d7a72a909e86caa73e74e19cc73e5deb2faf71ff2f4
72d6e2d471513737dc4f8cdcbab65748167793c113ec1915044e2d29ec3f19b6
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
90438997aa817bad94f49d367b04dbaaaa387493ef5a1f5b5d5f7b953b76c1ac
920c1b269c5c05fa2bc01dc648f78a521dd4cc27468a9b44821d4a16f7c2cb17
97c77640d1f0a522152aa8c728d14751ae78a3cd3e960483f8e35eeafa6944aa
98c1e5f6c27d53f0d7c1515dda6e4ae5d48f913e74e081b61bdff063030e62df
a4aa9f775af34f63386d8b4d8a14fce2225c317c3f93cbafdeb5a8524eb542a1
a82fc6cdeed37975df9de2eb175b204a15a04b4d7d7ac579a2beb538d18bbca9
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b59e5aeeda81e37fefe6ae45ca9dfb38b63f604b5e63ab98d275cbaa675c4192
b7d85501d2ff8e3fa6f1bddbf5acf75909340b0d2f02e1b7b0e48fe2da6a6118
c14569b287795db20f175729c90108f5e756049018e48f45d6f92c11c31be884
cbdaca5ed5b5d0363f4ab77e09656664baa735631ca70d5de19f98486b6ed42c
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee01d40bfdd77aba5652b3ff93095712b618a6a2cc2637828bd875979cfe9cb8
ee052bff7a0f8a30f3531d5181eb420e6b02858554180fa96e95369245e565e2
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
ef7df21aea60561b7a3966d64cdef9dd8cc2ecc09b9ef91c576aa19231e2af48

mytermplan.com Open in urlscan Pro 52.52.10.242 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

55 Requests

98 %HTTPS

46 %IPv6

19 Domains

26 Subdomains

27 IPs

4 Countries

2072 kBTransfer

3912 kBSize

16 Cookies

6 Outgoing links

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mytermplan.com Open in urlscan Pro
52.52.10.242 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

98 %
HTTPS

46 %
IPv6

19
Domains

26
Subdomains

27
IPs

4
Countries

2072 kB
Transfer

3912 kB
Size

16
Cookies

55 HTTP transactions
1 data transactions