patrongo.com Open in urlscan Pro
35.214.143.26 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://patrongoapp.app.link/invite/200bonusbezvkladu
Effective URL:
https://patrongo.com/invitation-link?_branch_match_id=1110440140493635184&utm_source=patron_app&utm_campaign=MGM&utm_...
Submission: On October 17 via manual (October 17th 2022, 6:23:13 am UTC) from CZ — Scanned from DE

Summary HTTP 52 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 19 IPs in 6 countries across 14 domains to perform 52 HTTP transactions. The main IP is 35.214.143.26, located in Groningen, Netherlands and belongs to GOOGLE, US. The main domain is patrongo.com.
TLS certificate: Issued by GTS CA 1D4 on October 8th 2022. Valid for: 3 months.

This is the only time patrongo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:205... 2600:9000:2057:ee00:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
16	35.214.143.26 35.214.143.26	15169 (GOOGLE) (GOOGLE)
2 2	2a02:598:c:18... 2a02:598:c:189::43	43037 (SEZNAM-) (SEZNAM-)
4	2a02:598:a::7... 2a02:598:a::79:234	43037 (SEZNAM-) (SEZNAM-)
2	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
1	13.225.78.63 13.225.78.63	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:205... 2600:9000:2057:7c00:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	108.157.4.38 108.157.4.38	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	18.66.147.62 18.66.147.62	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	54.229.245.170 54.229.245.170	16509 (AMAZON-02) (AMAZON-02)
8	2600:9000:21f... 2600:9000:21f3:d000:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
52	19

1 2600:9000:2057:ee00:19:9934:6a80:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

patrongoapp.app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 35.214.143.26 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 26.143.214.35.bc.googleusercontent.com

patrongo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:598:c:189::43 (Prague, Czech Republic) 2 redirects

ASN43037 (SEZNAM-, CZ)

c.imedia.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:598:a::79:234 (Prague, Czech Republic)

ASN43037 (SEZNAM-, CZ)

c.seznam.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-63.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2057:7c00:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-38.dus51.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-62.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.245.170 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-245-170.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:21f3:d000:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	patrongo.com patrongo.com	852 KB
8	branch.io api2.branch.io — Cisco Umbrella Rank: 616	6 KB
5	app.link 1 redirects patrongoapp.app.link app.link — Cisco Umbrella Rank: 1693	3 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 619 script.hotjar.com — Cisco Umbrella Rank: 789 vars.hotjar.com — Cisco Umbrella Rank: 916 in.hotjar.com — Cisco Umbrella Rank: 1656	70 KB
4	seznam.cz c.seznam.cz — Cisco Umbrella Rank: 60571	53 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32 region1.google-analytics.com — Cisco Umbrella Rank: 2668	20 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	222 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	111 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6045	655 B
2	google.com www.google.com — Cisco Umbrella Rank: 2	655 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 84 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	154 KB
2	imedia.cz 2 redirects c.imedia.cz — Cisco Umbrella Rank: 135545	141 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 131	15 KB
52	14

	Domain	Requested by
16	patrongo.com	patrongo.com
8	api2.branch.io	patrongo.com
4	app.link	patrongo.com
4	c.seznam.cz	patrongo.com
2	www.facebook.com
2	connect.facebook.net	patrongo.com connect.facebook.net
2	www.google.de	patrongo.com
2	www.google.com	patrongo.com
2	www.google-analytics.com	www.googletagmanager.com patrongo.com
2	www.googletagmanager.com	patrongo.com www.googletagmanager.com
2	c.imedia.cz	2 redirects
1	in.hotjar.com	script.hotjar.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	vars.hotjar.com	static.hotjar.com
1	region1.google-analytics.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	www.googleadservices.com	www.googletagmanager.com
1	static.hotjar.com	patrongo.com
1	patrongoapp.app.link	1 redirects
52	20

This site contains links to these domains. Also see Links.

Domain
patrongo.sk
www.facebook.com
www.instagram.com
www.linkedin.com

Subject Issuer	Validity	Valid
patrongo.com GTS CA 1D4	`2022-10-08` - `2023-01-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
c.seznam.cz R3	`2022-10-17` - `2023-01-15`	3 months	crt.sh
appipv4.link Amazon	`2022-05-25` - `2023-06-23`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.branch.io DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-26` - `2022-10-24`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://patrongo.com/invitation-link?_branch_match_id=1110440140493635184&utm_source=patron_app&utm_campaign=MGM&utm_medium=share&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXL0gsKcrPS89PLCjQA%2BGczLxs%2Fcy8ssySVH0jA4Ok%2FLzS4qTUqrLsnMSUUgBRnCTtNQAAAA%3D%3D
Frame ID: 978C35485434E43F091A50C2FFED3BBF
Requests: 52 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Frame ID: 7D49B9D4E7D63680FF49391B0BC8703A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Vylečte přebytečné výdaje

Page URL History Show full URLs

https://patrongoapp.app.link/invite/200bonusbezvkladu HTTP 307
https://patrongo.com/invitation-link?_branch_match_id=1110440140493635184&utm_source=patron_app&u... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

52
Requests

96 %
HTTPS

70 %
IPv6

14
Domains

20
Subdomains

19
IPs

6
Countries

1286 kB
Transfer

2445 kB
Size

16
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://patrongo.sk/
Title: SK

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Patron-GO-finan%C4%8Dn%C3%AD-antivirus-102227971596304
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/patrongo_com/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/financial-antivirus/
Title: LinkedIn

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://patrongoapp.app.link/invite/200bonusbezvkladu HTTP 307
https://patrongo.com/invitation-link?_branch_match_id=1110440140493635184&utm_source=patron_app&utm_campaign=MGM&utm_medium=share&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXL0gsKcrPS89PLCjQA%2BGczLxs%2Fcy8ssySVH0jA4Ok%2FLzS4qTUqrLsnMSUUgBRnCTtNQAAAA%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://c.imedia.cz/js/retargeting.js HTTP 301
https://c.seznam.cz/js/retargeting.js

Request Chain 36

https://c.imedia.cz/js/retargeting.js HTTP 301
https://c.seznam.cz/js/retargeting.js

52 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request invitation-link Show response
patrongo.com/
Redirect Chain

https://patrongoapp.app.link/invite/200bonusbezvkladu
https://patrongo.com/invitation-link?_branch_match_id=1110440140493635184&utm_source=patron_app&utm_campaign=MGM&utm_medium=share&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXL0gsKcrPS89PLCjQA%2BGczLxs...

9 KB
4 KB

516ms
64ms

Document
text/html

35.214.143.26
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://patrongo.com/invitation-link?_branch_match_id=1110440140493635184&utm_source=patron_app&utm_campaign=MGM&utm_medium=share&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXL0gsKcrPS89PLCjQA%2BGczLxs%2Fcy8ssySVH0jA4Ok%2FLzS4qTUqrLsnMSUUgBRnCTtNQAAAA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.143.26 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 26.143.214.35.bc.googleusercontent.com
Software: Google Frontend / PHP/7.4.21
Resource Hash: 301f267a32be6c698a27845d896699a415ff2dd27b7df06a0ba55d4efdeadb16

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: max-age=0, must-revalidate, private
content-encoding: gzip
content-length: 3166
content-type: text/html; charset=UTF-8
date: Mon, 17 Oct 2022 06:23:07 GMT
expires: Mon, 17 Oct 2022 06:23:07 GMT
link: </build/runtime.d94b3b43.js>; rel="preload"; as="script",</build/0.437a06b0.js>; rel="preload"; as="script",</build/app.dc41a49a.js>; rel="preload"; as="script",</build/app.4d6477a9.css>; rel="preload"; as="style"
server: Google Frontend
vary: Accept-Encoding
via: 1.1 google
x-cloud-trace-context: 71f085ed68ed0f8673b829a8163e8116
x-powered-by: PHP/7.4.21

Redirect headers

date: Mon, 17 Oct 2022 06:23:07 GMT
last-modified: Mon, 17 Oct 2022 06:23:07 GMT
location: https://patrongo.com/invitation-link?_branch_match_id=1110440140493635184&utm_source=patron_app&utm_campaign=MGM&utm_medium=share&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXL0gsKcrPS89PLCjQA%2BGczLxs%2Fcy8ssySVH0jA4Ok%2FLzS4qTUqrLsnMSUUgBRnCTtNQAAAA%3D%3D
server: openresty
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-amz-cf-id: amHvCrziyqwvrhMsWZH3v9Ss-G0oW3ovXHNjQPXOxBK1I00f42pY0Q==
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront

GET
H2 200 runtime.d94b3b43.js Show response
patrongo.com/build/ 1 KB
845 B 58ms
57ms Script
application/javascript 35.214.143.26
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://patrongo.com/build/runtime.d94b3b43.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.143.26 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 26.143.214.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b4fa567cbf1260f3a3eb142e37b6201533a0112b85b8986d1c78d773a8e955ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patrongo.com/invitation-link?_branch_match_id=1110440140493635184&utm_source=patron_app&utm_campaign=MGM&utm_medium=share&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXL0gsKcrPS89PLCjQA%2BGczLxs%2Fcy8ssySVH0jA4Ok%2FLzS4qTUqrLsnMSUUgBRnCTtNQAAAA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:23:07 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Fri, 09 Sep 2022 11:42:37 GMT
server: Google Frontend
etag: "5e1-5e83d0ae54540-gzip"
vary: Accept-Encoding
content-type: application/javascript
x-cloud-trace-context: ca881ff2452c818c009544275a0acca7
cache-control: private
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 732

GET
H2 200 0.437a06b0.js Show response
patrongo.com/build/ 243 KB
81 KB 68ms
67ms Script
application/javascript 35.214.143.26
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://patrongo.com/build/0.437a06b0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.143.26 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 26.143.214.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: e6c9c0488539dfa8c7fffe8306ab9a8d639982e5975f08f06dcc77804ebb5f51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patrongo.com/invitation-link?_branch_match_id=1110440140493635184&utm_source=patron_app&utm_campaign=MGM&utm_medium=share&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXL0gsKcrPS89PLCjQA%2BGczLxs%2Fcy8ssySVH0jA4Ok%2FLzS4qTUqrLsnMSUUgBRnCTtNQAAAA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:23:07 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Fri, 09 Sep 2022 11:42:37 GMT
server: Google Frontend
etag: "3cdb9-5e83d0ae54540-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 app.dc41a49a.js Show response
patrongo.com/build/ 6 KB
3 KB 55ms
54ms Script
application/javascript 35.214.143.26
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://patrongo.com/build/app.dc41a49a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.143.26 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 26.143.214.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: af59d042e3fe3eb6be234fec5769d90a93f96e84553c49e04cd57dec8ae3b3be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patrongo.com/invitation-link?_branch_match_id=1110440140493635184&utm_source=patron_app&utm_campaign=MGM&utm_medium=share&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXL0gsKcrPS89PLCjQA%2BGczLxs%2Fcy8ssySVH0jA4Ok%2FLzS4qTUqrLsnMSUUgBRnCTtNQAAAA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:23:07 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Fri, 09 Sep 2022 11:42:37 GMT
server: Google Frontend
etag: "193c-5e83d0ae54540-gzip"
vary: Accept-Encoding
content-type: application/javascript
x-cloud-trace-context: b5d414b0880007cf9ffa97a692785ffd
cache-control: private
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2645

GET
H2 200 app.4d6477a9.css
patrongo.com/build/ 66 KB
12 KB 59ms
58ms Stylesheet
text/css 35.214.143.26
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://patrongo.com/build/app.4d6477a9.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.143.26 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 26.143.214.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: c13d8260479ee1c8374b731628d1806462164c4111f0d6649bcd60ff61094e66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patrongo.com/invitation-link?_branch_match_id=1110440140493635184&utm_source=patron_app&utm_campaign=MGM&utm_medium=share&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXL0gsKcrPS89PLCjQA%2BGczLxs%2Fcy8ssySVH0jA4Ok%2FLzS4qTUqrLsnMSUUgBRnCTtNQAAAA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:23:07 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Fri, 09 Sep 2022 11:42:37 GMT
server: Google Frontend
etag: "1093b-5e83d0ae54540-gzip"
vary: Accept-Encoding
content-type: text/css
x-cloud-trace-context: 6e50ee4b10929cc26c6e25e60fe36df5
cache-control: private
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11793

GET
H2

200

retargeting.js Show response
c.seznam.cz/js/
Redirect Chain

https://c.imedia.cz/js/retargeting.js
https://c.seznam.cz/js/retargeting.js

83 KB
26 KB

208ms
104ms

Script
application/javascript

2a02:598:a::79:234
SEZNAM-

General

Check archive.org

Show headers Download Go to

Full URL

https://c.seznam.cz/js/retargeting.js

Requested by

Host: patrongo.com
URL: https://patrongo.com/invitation-link?_branch_match_id=1110440140493635184&utm_source=patron_app&utm_campaign=MGM&utm_medium=share&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXL0gsKcrPS89PLCjQA%2BGczLxs%2Fcy8ssySVH0jA4Ok%2FLzS4qTUqrLsnMSUUgBRnCTtNQAAAA%3D%3D

Protocol

Server

2a02:598:a::79:234 Prague, Czech Republic, ASN43037 (SEZNAM-, CZ),

Reverse DNS

Software

envoy /

Resource Hash

7bd7b1b1eb4c575e334e3f041d9b088f8c019101d14299da27e4416811477f92

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patrongo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:23:08 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000
slo-domain: sklik-ap-static
p3p: CP="NON DSP COR TAI NOR UNI", policyref="/w3c/p3p.xml"
x-envoy-upstream-service-time: 11
slo-app: sklik-ap-static
last-modified: Mon, 10 Oct 2022 08:11:17 GMT
server: envoy
etag: W/"6343d3a5-14d8d"
slo-class: critical
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600,public
access-control-allow-credentials: true
access-control-allow-headers: content-type,x-openrtb-version,x-sklik-trace
expires: Mon, 17 Oct 2022 07:23:08 GMT

Redirect headers

location: https://c.seznam.cz/js/retargeting.js
date: Mon, 17 Oct 2022 06:23:07 GMT
server: envoy

GET
H2 200 patron-go.79375a4b.svg
patrongo.com/build/images/ 3 KB
3 KB 53ms
53ms Image
image/svg+xml 35.214.143.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://patrongo.com/build/images/patron-go.79375a4b.svg
Requested by: Host: patrongo.com
URL: https://patrongo.com/invitation-link?_branch_match_id=1110440140493635184&utm_source=patron_app&utm_campaign=MGM&utm_medium=share&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXL0gsKcrPS89PLCjQA%2BGczLxs%2Fcy8ssySVH0jA4Ok%2FLzS4qTUqrLsnMSUUgBRnCTtNQAAAA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.143.26 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 26.143.214.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 7d252640cc66cdfd63ad759fde7e5e68e95182c782e14221257c808eaa10d82d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patrongo.com/invitation-link?_branch_match_id=1110440140493635184&utm_source=patron_app&utm_campaign=MGM&utm_medium=share&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXL0gsKcrPS89PLCjQA%2BGczLxs%2Fcy8ssySVH0jA4Ok%2FLzS4qTUqrLsnMSUUgBRnCTtNQAAAA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:23:07 GMT
via: 1.1 google
last-modified: Fri, 09 Sep 2022 11:42:37 GMT
server: Google Frontend
etag: "b61-5e83d0ae54540"
content-type: image/svg+xml
x-cloud-trace-context: 2fcc314c71bc219c111ba5cf0178f22e
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2913

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 227 KB
79 KB 145ms
60ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P8Z6V5K

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

09168934b163974da0077b146bf594554c23803f3f94945358e20bb01bb60cdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patrongo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:23:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80016
x-xss-protection: 0
last-modified: Mon, 17 Oct 2022 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 17 Oct 2022 06:23:08 GMT

GET
H2 200 hotjar-2284800.js Show response
static.hotjar.com/c/ 4 KB
2 KB 178ms
78ms Script
application/javascript 13.225.78.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2284800.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-63.fra2.r.cloudfront.net

Software

Resource Hash

c7a4c8909c6b6a974cbc5d84b1ef30ead88a76822d4a8e1a9f9ef6943607d9d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patrongo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:23:08 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 0d94766f433ae64cf30c40acb74fc43e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/3a50a5a4052c260cc1b34e1f37ed4957
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: Z6LDjaywHGHFLA2P62cTuBeeMRKZ6_GDGPIelw_KreX6iZ20f-VCuA==

GET
H2 200 retargeting
c.seznam.cz/ 43 B
344 B 44ms
44ms Image
image/gif 2a02:598:a::79:234
SEZNAM-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.seznam.cz/retargeting?id=124636&url=https%3A%2F%2Fpatrongo.com%2Finvitation-link%3F_branch_match_id%3D1110440140493635184%26utm_source%3Dpatron_app%26utm_campaign%3DMGM%26utm_medium%3Dshare%26_branch_referrer%3DH4sIAAAAAAAAA8soKSkottLXL0gsKcrPS89PLCjQA%252BGczLxs%252Fcy8ssySVH0jA4Ok%252FLzS4qTUqrLsnMSUUgBRnCTtNQAAAA%253D%253D&consent=-1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:598:a::79:234 Prague, Czech Republic, ASN43037 (SEZNAM-, CZ),

Reverse DNS

Software

envoy /

Resource Hash

3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patrongo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:23:08 GMT
content-encoding: deflate
strict-transport-security: max-age=63072000
server: envoy
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
p3p: CP="NON DSP COR TAI NOR UNI", policyref="/w3c/p3p.xml"
cache-control: private, max-age=0, no-cache, no-store
x-envoy-upstream-service-time: 2
access-control-allow-credentials: true
access-control-allow-headers: content-type,x-openrtb-version,x-sklik-trace
content-length: 38
x-szn-hostname: rtghitserver-744947f47-jddrk
x-request-id: 050afc00-ed08-4a56-af6a-1fc84e3a0786

GET
H2 200 icon-arrow.a0035e73.svg
patrongo.com/build/images/ 1 KB
1 KB 54ms
53ms Image
image/svg+xml 35.214.143.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://patrongo.com/build/images/icon-arrow.a0035e73.svg
Requested by: Host: patrongo.com
URL: https://patrongo.com/build/app.4d6477a9.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.143.26 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 26.143.214.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: c57bdeecf57cdcf7ba1285d9c7de47605bd2d1efa5580b53ca979664bc41ff21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patrongo.com/build/app.4d6477a9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:23:08 GMT
via: 1.1 google
last-modified: Fri, 09 Sep 2022 11:42:37 GMT
server: Google Frontend
etag: "484-5e83d0ae54540"
content-type: image/svg+xml
x-cloud-trace-context: af957d313361af54ec8b54dc4c75800f
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1156

GET
H2 200 windmill-b.90426384.png
patrongo.com/build/images/ 101 KB
101 KB 56ms
56ms Image
image/png 35.214.143.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://patrongo.com/build/images/windmill-b.90426384.png
Requested by: Host: patrongo.com
URL: https://patrongo.com/build/app.4d6477a9.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.143.26 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 26.143.214.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 658978040226bacbfa7084da83e790603a612248b3443946d4955b40401cb61c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patrongo.com/build/app.4d6477a9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:23:08 GMT
via: 1.1 google
last-modified: Fri, 09 Sep 2022 11:42:37 GMT
server: Google Frontend
etag: "19279-5e83d0ae54540"
content-type: image/png
x-cloud-trace-context: 16de5ed1823da57d29384fe44f0f93a3
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103033
expires: Wed, 16 Nov 2022 06:23:08 GMT

GET
H2 200 icon-prize.10b69d88.svg
patrongo.com/build/images/ 813 B
920 B 50ms
50ms Image
image/svg+xml 35.214.143.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://patrongo.com/build/images/icon-prize.10b69d88.svg
Requested by: Host: patrongo.com
URL: https://patrongo.com/build/app.4d6477a9.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.143.26 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 26.143.214.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 582da1c54e3970e66c00212d3f83987bc4cd14a1a3bc6389c75cb9630569bbe7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patrongo.com/build/app.4d6477a9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:23:08 GMT
via: 1.1 google
last-modified: Fri, 09 Sep 2022 11:42:37 GMT
server: Google Frontend
etag: "32d-5e83d0ae54540"
content-type: image/svg+xml
x-cloud-trace-context: a2d35e7a905df48497e5faf8499820fc
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 813

GET
H2 200 messinasans-regular-webfont.3a4b55d3.woff2
patrongo.com/build/fonts/ 16 KB
16 KB 51ms
51ms Font
font/woff2 35.214.143.26
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://patrongo.com/build/fonts/messinasans-regular-webfont.3a4b55d3.woff2
Requested by: Host: patrongo.com
URL: https://patrongo.com/build/app.4d6477a9.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.143.26 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 26.143.214.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: bd808da8e5194893f9ce7ee3d008e667cadaa1e6caea18666fe01d0e274796ec

Request headers

Referer: https://patrongo.com/build/app.4d6477a9.css
Origin: https://patrongo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:23:08 GMT
via: 1.1 google
last-modified: Fri, 09 Sep 2022 11:42:37 GMT
server: Google Frontend
etag: "3f60-5e83d0ae54540"
content-type: font/woff2
x-cloud-trace-context: 7ea2ff2b55ba702434abc65a5e075e23
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16224

GET
H2 200 messinasans-semibold-webfont.7447b533.woff2
patrongo.com/build/fonts/ 15 KB
15 KB 77ms
77ms Font
font/woff2 35.214.143.26
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://patrongo.com/build/fonts/messinasans-semibold-webfont.7447b533.woff2
Requested by: Host: patrongo.com
URL: https://patrongo.com/build/app.4d6477a9.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.143.26 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 26.143.214.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 9cdb9fe56c5d34b2f49bca1a44cf0fcbdd930ba3bbf58a9f8e1b5d25024937a3

Request headers

Referer: https://patrongo.com/build/app.4d6477a9.css
Origin: https://patrongo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:23:08 GMT
via: 1.1 google
last-modified: Fri, 09 Sep 2022 11:42:37 GMT
server: Google Frontend
etag: "3d74-5e83d0ae54540"
content-type: font/woff2
x-cloud-trace-context: 0a462187e8a6545704c4116fb95fea9e
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15732

GET
H2 200 chapter-4.dc118ef9.png
patrongo.com/build/images/ 605 KB
607 KB 62ms
61ms Image
image/png 35.214.143.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://patrongo.com/build/images/chapter-4.dc118ef9.png
Requested by: Host: patrongo.com
URL: https://patrongo.com/build/app.4d6477a9.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.143.26 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 26.143.214.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 4e46f22604c80c793c7120aed8e2d1d30d399d30124fcd98db376ea0facbe9ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patrongo.com/build/app.4d6477a9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:23:08 GMT
via: 1.1 google
last-modified: Fri, 09 Sep 2022 11:42:37 GMT
server: Google Frontend
etag: "975ca-5e83d0ae54540"
content-type: image/png
x-cloud-trace-context: a79899db213140c8fbd51d3ac2cda795
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 619978
expires: Wed, 16 Nov 2022 06:23:08 GMT

GET
H2 200 icon-virusfree.2bdf72aa.svg
patrongo.com/build/images/ 3 KB
3 KB 55ms
54ms Image
image/svg+xml 35.214.143.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://patrongo.com/build/images/icon-virusfree.2bdf72aa.svg
Requested by: Host: patrongo.com
URL: https://patrongo.com/build/app.4d6477a9.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.143.26 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 26.143.214.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 219fb70d5fb9245cef6470b63d1af5480d0bbb9b14c22d44f9691499bbb152fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patrongo.com/build/app.4d6477a9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:23:08 GMT
via: 1.1 google
last-modified: Fri, 09 Sep 2022 11:42:37 GMT
server: Google Frontend
etag: "a5b-5e83d0ae54540"
content-type: image/svg+xml
x-cloud-trace-context: aaca57970c52518d549a16c61cb89dd1
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2651

GET
H2 200 icon-dark-fb.27466719.svg
patrongo.com/build/images/ 2 KB
2 KB 60ms
59ms Image
image/svg+xml 35.214.143.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://patrongo.com/build/images/icon-dark-fb.27466719.svg
Requested by: Host: patrongo.com
URL: https://patrongo.com/build/app.4d6477a9.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.143.26 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 26.143.214.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 15ac2eb915b76232c5bb9070335ea869e4b242477aae9cf6f3a531b03294ec52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patrongo.com/build/app.4d6477a9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:23:08 GMT
via: 1.1 google
last-modified: Fri, 09 Sep 2022 11:42:37 GMT
server: Google Frontend
etag: "68b-5e83d0ae54540"
content-type: image/svg+xml
x-cloud-trace-context: 1aef5d372a14e7472d2e03d03e36ed9b
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1675

GET
H2 200 icon-dark-instagram.28db8aaa.svg
patrongo.com/build/images/ 1 KB
1 KB 57ms
56ms Image
image/svg+xml 35.214.143.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://patrongo.com/build/images/icon-dark-instagram.28db8aaa.svg
Requested by: Host: patrongo.com
URL: https://patrongo.com/build/app.4d6477a9.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.143.26 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 26.143.214.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: ae89c83f8cde6275f9754e3bb76e8dc071ca63d08194e77e5fc7a34efbf852b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patrongo.com/build/app.4d6477a9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:23:08 GMT
via: 1.1 google
last-modified: Fri, 09 Sep 2022 11:42:37 GMT
server: Google Frontend
etag: "430-5e83d0ae54540"
content-type: image/svg+xml
x-cloud-trace-context: 2f659acfd2c2b482fe7ecaf0aa14ca1d
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1072

GET
H2 200 icon-dark-linkedin.8e8363b2.svg
patrongo.com/build/images/ 2 KB
2 KB 60ms
60ms Image
image/svg+xml 35.214.143.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://patrongo.com/build/images/icon-dark-linkedin.8e8363b2.svg
Requested by: Host: patrongo.com
URL: https://patrongo.com/build/app.4d6477a9.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.143.26 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 26.143.214.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: d18ee8c698b7c38a860c2f32defaef3a1f31b5991c7aa88252514d481bdfc121

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patrongo.com/build/app.4d6477a9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:23:08 GMT
via: 1.1 google
last-modified: Fri, 09 Sep 2022 11:42:37 GMT
server: Google Frontend
etag: "897-5e83d0ae54540"
content-type: image/svg+xml
x-cloud-trace-context: 741ceaf92bcbcf255f48da6a36d88c31
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2199

GET
H2 200 _r Show response
app.link/ 91 B
597 B 305ms
192ms Script
text/javascript 2600:9000:2057:7c00:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.59.0&branch_key=key_live_nl4drrPrHxq43igneRLIwpepsCkUZ2mr&callback=branch_callback__0

Requested by

Host: patrongo.com
URL: https://patrongo.com/build/0.437a06b0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:7c00:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

896f82bc72901bfa4df0a16e06a2b21071bcd8c2ac15c5e7e34329594ebb86b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patrongo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:23:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA6-C1
etag: W/"5b-MlCsqi/tXWTuISv/MAagpBDz5XA"
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 91
x-amz-cf-id: uEE2mDsn4CF9hqmOz1RTUCFylRH9XfNriXwvH9Y7AM-noImPC1x0cA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 138ms
37ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8Z6V5K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patrongo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 17 Oct 2022 05:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4031
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 17 Oct 2022 07:15:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
75 KB 57ms
57ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-V2QRH7TP8K&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8Z6V5K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

606aa2bda3c8f27e74725e3886c323ebb3c03625a9692da65eabfec1b13d69ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patrongo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:23:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76703
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 17 Oct 2022 06:23:08 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 154ms
59ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8Z6V5K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patrongo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:23:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15192
x-xss-protection: 0
server: cafe
etag: 699633608045481581
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 17 Oct 2022 06:23:08 GMT

GET
H2 200 modules.bcd9ade6b0bb9bdd0789.js Show response
script.hotjar.com/ 254 KB
65 KB 154ms
47ms Script
application/javascript 108.157.4.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.bcd9ade6b0bb9bdd0789.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2284800.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-38.dus51.r.cloudfront.net

Software

Resource Hash

e65151d8b191ecdee650118921d3b09ec652545f0c3c1836b0d690a327385da0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patrongo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 12:28:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 e60c6ee10489538b535a3fc65e54d028.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
age: 496502
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 66262
last-modified: Tue, 11 Oct 2022 12:27:49 GMT
etag: "c874db56accb04836744269ac062cb73"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: n6psxt1nzWd9VBjKm6TXn6N9UOfGbgSg0nCUVpD9utT9QUMEXVvESA==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
335 B 142ms
48ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-V2QRH7TP8K&gtm=2oeaa0&_p=1071825987&cid=1106930771.1665987788&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1665987788&sct=1&seg=0&dl=https%3A%2F%2Fpatrongo.com%2Finvitation-link%3F_branch_match_id%3D1110440140493635184%26utm_source%3Dpatron_app%26utm_campaign%3DMGM%26utm_medium%3Dshare%26_branch_referrer%3DH4sIAAAAAAAAA8soKSkottLXL0gsKcrPS89PLCjQA%252BGczLxs%252Fcy8ssySVH0jA4Ok%252FLzS4qTUqrLsnMSUUgBRnCTtNQAAAA%253D%253D&dt=Vyle%C4%8Dte%20p%C5%99ebyte%C4%8Dn%C3%A9%20v%C3%BDdaje&en=page_view&_fv=1&_nsi=1&_ss=1&up.uid=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V2QRH7TP8K&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patrongo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:23:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://patrongo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-69edcc3187336f9b0a3fbb4c73be9fe6.html Show response
vars.hotjar.com/ Frame 7D49 2 KB
1 KB 122ms
37ms Document
text/html 18.66.147.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2284800.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-62.fra60.r.cloudfront.net

Software

Resource Hash

867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://patrongo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1112100
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 09:28:08 GMT
etag: "f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified: Tue, 04 Oct 2022 07:09:34 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
x-amz-cf-id: k1sI_VWW7zw0IupZMJKt4sSPiEc4fRIffWpwYBrju_6qKfyhlD_Sxg==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 155ms
47ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-184081948-2&cid=1106930771.1665987788&jid=1196452557&gjid=1058692556&_gid=350785115.1665987788&_u=YCDAgEABAAAAAEAAI~&z=929255326

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://patrongo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 17 Oct 2022 06:23:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://patrongo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 115ms
38ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1071825987&t=pageview&_s=1&dl=https%3A%2F%2Fpatrongo.com%2Finvitation-link%3F_branch_match_id%3D1110440140493635184%26utm_source%3Dpatron_app%26utm_campaign%3DMGM%26utm_medium%3Dshare%26_branch_referrer%3DH4sIAAAAAAAAA8soKSkottLXL0gsKcrPS89PLCjQA%252BGczLxs%252Fcy8ssySVH0jA4Ok%252FLzS4qTUqrLsnMSUUgBRnCTtNQAAAA%253D%253D&ul=en-us&de=UTF-8&dt=Vyle%C4%8Dte%20p%C5%99ebyte%C4%8Dn%C3%A9%20v%C3%BDdaje&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAAAAAI~&jid=1196452557&gjid=1058692556&cid=1106930771.1665987788&tid=UA-184081948-2&_gid=350785115.1665987788&gtm=2wgaa0P8Z6V5K&z=1979937547

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patrongo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Oct 2022 11:56:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66402
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/436860609/ 3 KB
2 KB 141ms
55ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/436860609/?random=1665987788398&cv=9&fst=1665987788398&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaa0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fpatrongo.com%2Finvitation-link%3F_branch_match_id%3D1110440140493635184%26utm_source%3Dpatron_app%26utm_campaign%3DMGM%26utm_medium%3Dshare%26_branch_referrer%3DH4sIAAAAAAAAA8soKSkottLXL0gsKcrPS89PLCjQA%252BGczLxs%252Fcy8ssySVH0jA4Ok%252FLzS4qTUqrLsnMSUUgBRnCTtNQAAAA%253D%253D&tiba=Vyle%C4%8Dte%20p%C5%99ebyte%C4%8Dn%C3%A9%20v%C3%BDdaje&auid=286385244.1665987788&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f70afee5521b389c4c702e3aebd36c16d582d58892bee337ba2a3fa75f05a0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patrongo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:23:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1216
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2284800/ 148 B
322 B 186ms
61ms XHR
application/json 54.229.245.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2284800/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.bcd9ade6b0bb9bdd0789.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.245.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-245-170.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a9106f8201be70decee33d6db0ed15214e640fb5760a3ee0492dcfb6ca7b8ad0

Request headers

Referer: https://patrongo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Mon, 17 Oct 2022 06:23:08 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

POST
H2 200 open Show response
api2.branch.io/v1/ 1 KB
1018 B 333ms
238ms XHR
application/json 2600:9000:21f3:d000:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/open

Requested by

Host: patrongo.com
URL: https://patrongo.com/build/0.437a06b0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:d000:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

71928eea1d18dc9311ae39900455160b118f3895c9c767b750315bc5f057ccbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://patrongo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 17 Oct 2022 06:23:08 GMT
content-encoding: gzip
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: 039cfc51bf6b4161bbacefa5f9997316-2022101706
content-length: 624
x-amz-cf-id: Jlf2MTKUJq5Kohyxmi75yUUJsqYSsycksiRwHtcHgeaZka4ABggUmA==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 139ms
54ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-184081948-2&cid=1106930771.1665987788&jid=1196452557&_u=YCDAgEABAAAAAEAAI~&z=1414975416

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patrongo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:23:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 151ms
50ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-184081948-2&cid=1106930771.1665987788&jid=1196452557&_u=YCDAgEABAAAAAEAAI~&z=1414975416

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patrongo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:23:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/436860609/ 42 B
548 B 137ms
52ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/436860609/?random=1665987788398&cv=9&fst=1665986400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaa0&sendb=1&frm=0&url=https%3A%2F%2Fpatrongo.com%2Finvitation-link%3F_branch_match_id%3D1110440140493635184%26utm_source%3Dpatron_app%26utm_campaign%3DMGM%26utm_medium%3Dshare%26_branch_referrer%3DH4sIAAAAAAAAA8soKSkottLXL0gsKcrPS89PLCjQA%252BGczLxs%252Fcy8ssySVH0jA4Ok%252FLzS4qTUqrLsnMSUUgBRnCTtNQAAAA%253D%253D&tiba=Vyle%C4%8Dte%20p%C5%99ebyte%C4%8Dn%C3%A9%20v%C3%BDdaje&async=1&fmt=3&is_vtc=1&random=2790853999&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patrongo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:23:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/436860609/ 42 B
154 B 151ms
51ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/436860609/?random=1665987788398&cv=9&fst=1665986400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaa0&sendb=1&frm=0&url=https%3A%2F%2Fpatrongo.com%2Finvitation-link%3F_branch_match_id%3D1110440140493635184%26utm_source%3Dpatron_app%26utm_campaign%3DMGM%26utm_medium%3Dshare%26_branch_referrer%3DH4sIAAAAAAAAA8soKSkottLXL0gsKcrPS89PLCjQA%252BGczLxs%252Fcy8ssySVH0jA4Ok%252FLzS4qTUqrLsnMSUUgBRnCTtNQAAAA%253D%253D&tiba=Vyle%C4%8Dte%20p%C5%99ebyte%C4%8Dn%C3%A9%20v%C3%BDdaje&async=1&fmt=3&is_vtc=1&random=2790853999&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patrongo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 06:23:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 102 KB
27 KB 127ms
40ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

df95c359e3559c219087fcb7d390b577cbd6577c0338d18644bd275149c62a86

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patrongo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 17 Oct 2022 06:23:08 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 27029
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: YV6tfKW1uKYy8wH2wEi6gjbu7Ct4WzG8eFa95cR86McuSzzIAqiwcrYZ27l+VOQnCmVAFMvEfTNSFKZqQCvnpQ==
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

retargeting.js Show response
c.seznam.cz/js/
Redirect Chain

https://c.imedia.cz/js/retargeting.js
https://c.seznam.cz/js/retargeting.js

83 KB
26 KB

49ms
49ms

Script
application/javascript

2a02:598:a::79:234
SEZNAM-

General

Check archive.org

Show headers Download Go to

Full URL

https://c.seznam.cz/js/retargeting.js

Protocol

Server

2a02:598:a::79:234 Prague, Czech Republic, ASN43037 (SEZNAM-, CZ),

Reverse DNS

Software

envoy /

Resource Hash

7bd7b1b1eb4c575e334e3f041d9b088f8c019101d14299da27e4416811477f92

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patrongo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:23:08 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000
slo-domain: sklik-ap-static
p3p: CP="NON DSP COR TAI NOR UNI", policyref="/w3c/p3p.xml"
x-envoy-upstream-service-time: 8
slo-app: sklik-ap-static
last-modified: Mon, 10 Oct 2022 08:11:17 GMT
server: envoy
etag: W/"6343d3a5-14d8d"
slo-class: critical
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600,public
access-control-allow-credentials: true
access-control-allow-headers: content-type,x-openrtb-version,x-sklik-trace
expires: Mon, 17 Oct 2022 07:23:08 GMT

Redirect headers

location: https://c.seznam.cz/js/retargeting.js
date: Mon, 17 Oct 2022 06:23:08 GMT
server: envoy

GET
H2 200 retargeting
c.seznam.cz/ 43 B
280 B 44ms
43ms Image
image/gif 2a02:598:a::79:234
SEZNAM-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.seznam.cz/retargeting?id=130109&url=https%3A%2F%2Fpatrongo.com%2Finvitation-link%3F_branch_match_id%3D1110440140493635184%26utm_source%3Dpatron_app%26utm_campaign%3DMGM%26utm_medium%3Dshare%26_branch_referrer%3DH4sIAAAAAAAAA8soKSkottLXL0gsKcrPS89PLCjQA%252BGczLxs%252Fcy8ssySVH0jA4Ok%252FLzS4qTUqrLsnMSUUgBRnCTtNQAAAA%253D%253D&consent=-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:598:a::79:234 Prague, Czech Republic, ASN43037 (SEZNAM-, CZ),

Reverse DNS

Software

envoy /

Resource Hash

3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patrongo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:23:08 GMT
content-encoding: deflate
strict-transport-security: max-age=63072000
server: envoy
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
p3p: CP="NON DSP COR TAI NOR UNI", policyref="/w3c/p3p.xml"
cache-control: private, max-age=0, no-cache, no-store
x-envoy-upstream-service-time: 2
access-control-allow-credentials: true
access-control-allow-headers: content-type,x-openrtb-version,x-sklik-trace
content-length: 38
x-szn-hostname: rtghitserver-6f56d68cf4-6mlnc
x-request-id: 9a2d0115-71c4-413e-b507-48379954b7c5

GET
H2 200 _r Show response
app.link/ 91 B
598 B 342ms
341ms Script
text/javascript 2600:9000:2057:7c00:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.59.0&_t=1110440140493635184&branch_key=key_live_nl4drrPrHxq43igneRLIwpepsCkUZ2mr&callback=branch_callback__1

Requested by

Host: patrongo.com
URL: https://patrongo.com/build/0.437a06b0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:7c00:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

f6140f52ea0b54fd7d9095b32d53ee14cbd1143479dcdf267c6bc9162d8dcaf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patrongo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:23:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA6-C1
etag: W/"5b-MrYBc15ZxYVWOSs/kVyz5CZA+yE"
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 91
x-amz-cf-id: Pp43RADN_5btjBszLxCDyyV3OFQnfPSFpDRtskHBfrLHOnx0avROLw==

GET
H3 200 1448499148835094 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 214ms
173ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1448499148835094?v=2.9.85&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cc0a03e14a626b9c2aced93702882de09fb11ce81da078fb2cdc73680fbf88c4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patrongo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 17 Oct 2022 06:23:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: tg0TpQoOJfqf0Ng0DBRBgp1FfjjB3jzUGRhFmwCqnzZBKQqpTVU6w3wKPUeoBjmu3YaWqaN820LFBG1XWefUoA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 open Show response
api2.branch.io/v1/ 1 KB
1021 B 222ms
221ms XHR
application/json 2600:9000:21f3:d000:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/open

Requested by

Host: patrongo.com
URL: https://patrongo.com/build/0.437a06b0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:d000:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

9b0a69391cfd43de9dee15f4dc9f34181f3ceadf5ef89f6f1726372c76928f24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://patrongo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 17 Oct 2022 06:23:09 GMT
content-encoding: gzip
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: 34fce45ecefa4d48bf2750bd276679f8-2022101706
content-length: 626
x-amz-cf-id: rZaV3eoyjIajOjF4XUkZ9rVfCSzF6H0yf62nNKKJMTi6i7y02iREag==

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 127ms
38ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1448499148835094&ev=PageView&dl=https%3A%2F%2Fpatrongo.com%2Finvitation-link%3F_branch_match_id%3D1110440140493635184%26utm_source%3Dpatron_app%26utm_campaign%3DMGM%26utm_medium%3Dshare%26_branch_referrer%3DH4sIAAAAAAAAA8soKSkottLXL0gsKcrPS89PLCjQA%252BGczLxs%252Fcy8ssySVH0jA4Ok%252FLzS4qTUqrLsnMSUUgBRnCTtNQAAAA%253D%253D&rl=&if=false&ts=1665987789231&sw=1600&sh=1200&v=2.9.85&r=stable&ec=0&o=30&fbp=fb.1.1665987789230.2077386209&it=1665987788895&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patrongo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 17 Oct 2022 06:23:09 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 _r Show response
app.link/ 91 B
596 B 192ms
192ms Script
text/javascript 2600:9000:2057:7c00:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.59.0&_t=1110440140493635184&branch_key=key_live_nl4drrPrHxq43igneRLIwpepsCkUZ2mr&callback=branch_callback__2

Requested by

Host: patrongo.com
URL: https://patrongo.com/build/0.437a06b0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:7c00:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

5a64cdf2bb7d6399c7dcd35fd40cb08e2c7af7ac22318c5bc295066c60451e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patrongo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:23:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA6-C1
etag: W/"5b-/O8jFLFfUxYZ37idOCwFtrVwoyw"
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 91
x-amz-cf-id: oERYESbIE19RjnA6RZGLl-w9tMDTLWZ5zjy2ov5uidclKKIBtdf2aw==

POST
H2 200 open Show response
api2.branch.io/v1/ 1 KB
1021 B 216ms
216ms XHR
application/json 2600:9000:21f3:d000:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/open

Requested by

Host: patrongo.com
URL: https://patrongo.com/build/0.437a06b0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:d000:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

77549d0b2c228af6292735560409b4684ac71eefe6c4e9980310271a42138623

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://patrongo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 17 Oct 2022 06:23:09 GMT
content-encoding: gzip
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: 759e63d86a464211b8b0fd0a6f7067b0-2022101706
content-length: 627
x-amz-cf-id: 1lCTBYgcGfexa_Q9r-IRgo-uZbUhC0MgjGqmU1RKRtUdQ_noj9HZJQ==

GET
H2 200 _r Show response
app.link/ 91 B
596 B 342ms
342ms Script
text/javascript 2600:9000:2057:7c00:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.59.0&_t=1110440140493635184&branch_key=key_live_nl4drrPrHxq43igneRLIwpepsCkUZ2mr&callback=branch_callback__3

Requested by

Host: patrongo.com
URL: https://patrongo.com/build/0.437a06b0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:7c00:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

60d59a74a15e883b32643a9e6a1049d041d21d044b87d2dbc24389d5039f54cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patrongo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:23:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA6-C1
etag: W/"5b-AjsxjIHPs6zFAlWOmkVr9ZVQHFs"
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 91
x-amz-cf-id: _QgzScpVASy-0HMSMRrTk-_Me3lrFZeEXgoKelegc3qEKWgTJtfKWg==

POST
H2 200 open Show response
api2.branch.io/v1/ 1 KB
1 KB 203ms
203ms XHR
application/json 2600:9000:21f3:d000:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/open

Requested by

Host: patrongo.com
URL: https://patrongo.com/build/0.437a06b0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:d000:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

1272f6164316b7f6fac271cdb5bb73c5895b32dc4bc2d4a9727af334d6008866

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://patrongo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 17 Oct 2022 06:23:10 GMT
content-encoding: gzip
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: 9367646b84fd495ba46d172f6eadba32-2022101706
content-length: 630
x-amz-cf-id: KU3Js_eGIAaqKfejCmy7K9ZzgIgsuQHxEpQU630PZLD2MN0e43ACFw==

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 78ms
37ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1448499148835094&ev=Microdata&dl=https%3A%2F%2Fpatrongo.com%2Finvitation-link%3F_branch_match_id%3D1110440140493635184%26utm_source%3Dpatron_app%26utm_campaign%3DMGM%26utm_medium%3Dshare%26_branch_referrer%3DH4sIAAAAAAAAA8soKSkottLXL0gsKcrPS89PLCjQA%252BGczLxs%252Fcy8ssySVH0jA4Ok%252FLzS4qTUqrLsnMSUUgBRnCTtNQAAAA%253D%253D&rl=&if=false&ts=1665987790734&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Vyle%C4%8Dte%20p%C5%99ebyte%C4%8Dn%C3%A9%20v%C3%BDdaje%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.85&r=stable&ec=1&o=30&fbp=fb.1.1665987789230.2077386209&it=1665987788895&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patrongo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 17 Oct 2022 06:23:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H2 200 pageview Show response
api2.branch.io/v1/ 29 B
431 B 201ms
201ms XHR
application/json 2600:9000:21f3:d000:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/pageview

Requested by

Host: patrongo.com
URL: https://patrongo.com/build/0.437a06b0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:d000:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://patrongo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 17 Oct 2022 06:23:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Express
etag: W/"1d-0Z1F50chJJpy5srE0HvlOYosSzw"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: a34b753d3c004a0584a795eb1140966c-2022101706
content-length: 29
x-amz-cf-id: znBL57HGy6VTzrqdv5rIclvpkw0f6N-asdmoLDBo0VnoGDmH1cCoBA==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 29 B
434 B 203ms
202ms XHR
application/json 2600:9000:21f3:d000:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/pageview

Requested by

Host: patrongo.com
URL: https://patrongo.com/build/0.437a06b0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:d000:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://patrongo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 17 Oct 2022 06:23:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Express
etag: W/"1d-0Z1F50chJJpy5srE0HvlOYosSzw"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: 430a44bff2854410a28d07d7704c1866-2022101706
content-length: 29
x-amz-cf-id: DZvpMDp0DPFNbLymd7yMNzeGpzXCuqywHVyaZVEVdSHOY5MIVKyfhA==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 29 B
433 B 356ms
356ms XHR
application/json 2600:9000:21f3:d000:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/pageview

Requested by

Host: patrongo.com
URL: https://patrongo.com/build/0.437a06b0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:d000:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://patrongo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 17 Oct 2022 06:23:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Express
etag: W/"1d-0Z1F50chJJpy5srE0HvlOYosSzw"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: 25dee3b0a63f480f801e8caddb8530f8-2022101706
content-length: 29
x-amz-cf-id: fx9cDVQsmkA7Nq56yGwJvFrE6vKw3KvBF5-fx-fbSGhVg5AYxM9kbg==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 29 B
432 B 384ms
384ms XHR
application/json 2600:9000:21f3:d000:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/pageview

Requested by

Host: patrongo.com
URL: https://patrongo.com/build/0.437a06b0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:d000:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://patrongo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 17 Oct 2022 06:23:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Express
etag: W/"1d-0Z1F50chJJpy5srE0HvlOYosSzw"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: 215c1717eda94ccc8c9794576beee9b0-2022101706
content-length: 29
x-amz-cf-id: D_CmFuHIw3tEzB-sSFvA2iz6ZRadeGSY1HIIMLHjwCtAJlTg6Du-nw==

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ef43bb44162c85a732d2d4b77118849112e33d6917cc59aa8fe5f9807e4b4f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.app.link/	1970-01-20 15:32:03	Name: _s Value: 3%2BlJ1j1mfS75e7qX0fBE54wLLID7yx%2BJCRRlCHrI%2FnKZGKA8DmEeEQCo4DuK%2Fdyg
.patrongo.com/	1970-01-20 08:56:03	Name: _gcl_au Value: 1.1.286385244.1665987788
.patrongo.com/	1969-12-31 23:59:59	Name: __gtm_campaign_url Value: https%3A%2F%2Fpatrongo.com%2Finvitation-link%3F_branch_match_id%3D1110440140493635184%26utm_source%3Dpatron_app%26utm_campaign%3DMGM%26utm_medium%3Dshare%26_branch_referrer%3DH4sIAAAAAAAAA8soKSkottLXL0gsKcrPS89PLCjQA%252BGczLxs%252Fcy8ssySVH0jA4Ok%252FLzS4qTUqrLsnMSUUgBRnCTtNQAAAA%253D%253D
.patrongo.com/	1970-01-20 16:22:27	Name: _ga_V2QRH7TP8K Value: GS1.1.1665987788.1.0.1665987788.0.0.0
.patrongo.com/	1970-01-20 16:22:27	Name: _ga Value: GA1.2.1106930771.1665987788
.patrongo.com/	1970-01-20 06:47:54	Name: _gid Value: GA1.2.350785115.1665987788
.patrongo.com/	1970-01-20 06:46:27	Name: _dc_gtm_UA-184081948-2 Value: 1
.patrongo.com/	1970-01-20 15:32:03	Name: _hjSessionUser_2284800 Value: eyJpZCI6ImIzNzA3MTI0LWE5OTMtNWQwNi04YjAxLTdhYjBkZGVhMTgwMiIsImNyZWF0ZWQiOjE2NjU5ODc3ODg1MDcsImV4aXN0aW5nIjpmYWxzZX0=
.patrongo.com/	1970-01-20 06:46:29	Name: _hjFirstSeen Value: 1
patrongo.com/	1970-01-20 06:46:27	Name: _hjIncludedInSessionSample Value: 0
.patrongo.com/	1970-01-20 06:46:29	Name: _hjSession_2284800 Value: eyJpZCI6ImE4MGE3ZGEwLTQ2MTctNDgwYy05NDQ0LTVmYzE3MzgzNzU3YiIsImNyZWF0ZWQiOjE2NjU5ODc3ODg1MjMsImluU2FtcGxlIjpmYWxzZX0=
patrongo.com/	1970-01-20 06:46:27	Name: _hjIncludedInPageviewSample Value: 1
.patrongo.com/	1970-01-20 06:46:29	Name: _hjAbsoluteSessionInProgress Value: 0
.doubleclick.net/	1970-01-20 06:46:28	Name: test_cookie Value: CheckForPermission
.seznam.cz/	1970-01-20 07:29:39	Name: sid Value: id=10872693340506174480\|t=1665987788.142\|te=1665987788.829\|c=6AA64515DADCD7B4B04076CCABD10FC7
.patrongo.com/	1970-01-20 08:56:03	Name: _fbp Value: fb.1.1665987789230.2077386209

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2.branch.io
app.link
c.imedia.cz
c.seznam.cz
connect.facebook.net
googleads.g.doubleclick.net
in.hotjar.com
patrongo.com
patrongoapp.app.link
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
108.157.4.38
13.225.78.63
142.250.186.98
18.66.147.62
2001:4860:4802:32::36
2600:9000:2057:7c00:19:9934:6a80:93a1
2600:9000:2057:ee00:19:9934:6a80:93a1
2600:9000:21f3:d000:11:f728:3040:93a1
2a00:1450:4001:800::2008
2a00:1450:4001:803::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c00::9d
2a02:598:a::79:234
2a02:598:c:189::43
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
35.214.143.26
54.229.245.170
09168934b163974da0077b146bf594554c23803f3f94945358e20bb01bb60cdd
1272f6164316b7f6fac271cdb5bb73c5895b32dc4bc2d4a9727af334d6008866
15ac2eb915b76232c5bb9070335ea869e4b242477aae9cf6f3a531b03294ec52
219fb70d5fb9245cef6470b63d1af5480d0bbb9b14c22d44f9691499bbb152fc
2ef43bb44162c85a732d2d4b77118849112e33d6917cc59aa8fe5f9807e4b4f4
301f267a32be6c698a27845d896699a415ff2dd27b7df06a0ba55d4efdeadb16
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
4e46f22604c80c793c7120aed8e2d1d30d399d30124fcd98db376ea0facbe9ee
582da1c54e3970e66c00212d3f83987bc4cd14a1a3bc6389c75cb9630569bbe7
5a64cdf2bb7d6399c7dcd35fd40cb08e2c7af7ac22318c5bc295066c60451e57
606aa2bda3c8f27e74725e3886c323ebb3c03625a9692da65eabfec1b13d69ab
60d59a74a15e883b32643a9e6a1049d041d21d044b87d2dbc24389d5039f54cf
658978040226bacbfa7084da83e790603a612248b3443946d4955b40401cb61c
71928eea1d18dc9311ae39900455160b118f3895c9c767b750315bc5f057ccbb
77549d0b2c228af6292735560409b4684ac71eefe6c4e9980310271a42138623
7bd7b1b1eb4c575e334e3f041d9b088f8c019101d14299da27e4416811477f92
7d252640cc66cdfd63ad759fde7e5e68e95182c782e14221257c808eaa10d82d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
896f82bc72901bfa4df0a16e06a2b21071bcd8c2ac15c5e7e34329594ebb86b5
8f70afee5521b389c4c702e3aebd36c16d582d58892bee337ba2a3fa75f05a0f
9b0a69391cfd43de9dee15f4dc9f34181f3ceadf5ef89f6f1726372c76928f24
9cdb9fe56c5d34b2f49bca1a44cf0fcbdd930ba3bbf58a9f8e1b5d25024937a3
a9106f8201be70decee33d6db0ed15214e640fb5760a3ee0492dcfb6ca7b8ad0
ae89c83f8cde6275f9754e3bb76e8dc071ca63d08194e77e5fc7a34efbf852b9
af59d042e3fe3eb6be234fec5769d90a93f96e84553c49e04cd57dec8ae3b3be
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4fa567cbf1260f3a3eb142e37b6201533a0112b85b8986d1c78d773a8e955ad
bd808da8e5194893f9ce7ee3d008e667cadaa1e6caea18666fe01d0e274796ec
c13d8260479ee1c8374b731628d1806462164c4111f0d6649bcd60ff61094e66
c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa
c57bdeecf57cdcf7ba1285d9c7de47605bd2d1efa5580b53ca979664bc41ff21
c7a4c8909c6b6a974cbc5d84b1ef30ead88a76822d4a8e1a9f9ef6943607d9d3
cc0a03e14a626b9c2aced93702882de09fb11ce81da078fb2cdc73680fbf88c4
d18ee8c698b7c38a860c2f32defaef3a1f31b5991c7aa88252514d481bdfc121
df95c359e3559c219087fcb7d390b577cbd6577c0338d18644bd275149c62a86
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e65151d8b191ecdee650118921d3b09ec652545f0c3c1836b0d690a327385da0
e6c9c0488539dfa8c7fffe8306ab9a8d639982e5975f08f06dcc77804ebb5f51
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
f6140f52ea0b54fd7d9095b32d53ee14cbd1143479dcdf267c6bc9162d8dcaf5

patrongo.com Open in urlscan Pro 35.214.143.26 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

96 %HTTPS

70 %IPv6

14 Domains

20 Subdomains

19 IPs

6 Countries

1286 kBTransfer

2445 kBSize

16 Cookies

4 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

patrongo.com Open in urlscan Pro
35.214.143.26 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

96 %
HTTPS

70 %
IPv6

14
Domains

20
Subdomains

19
IPs

6
Countries

1286 kB
Transfer

2445 kB
Size

16
Cookies

52 HTTP transactions
1 data transactions