urlscan.io logo urlscan.io
SecurityTrails logo

kaleidoscope-publishing.thrivecart.com Open in urlscan Pro
54.144.216.145  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://r.emails.oxfordlanguageclub.com/mk/cl/f/sh/7nVU1aA2nfuMS4Gumm8ZZzJoQ9UxJMg/X2c13dtAAE6g
Effective URL: https://kaleidoscope-publishing.thrivecart.com/cervantes-idiomas-signup/?_sc=MjE0NjM4NiM1MTIyNTI%3D&coupon=SPANISH95
Submission: On August 26 via api from BE — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 3 countries across 9 domains to perform 52 HTTP transactions. The main IP is 54.144.216.145, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is kaleidoscope-publishing.thrivecart.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on March 18th 2024. Valid for: a year.
This is the only time kaleidoscope-publishing.thrivecart.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1.179.112.197 396982 (GOOGLE-CL...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
7 54.144.216.145 14618 (AMAZON-AES)
13 18.238.243.10 16509 (AMAZON-02)
5 2400:52e0:1e0... 60068 (CDN77 _)
2 18.155.129.114 16509 (AMAZON-02)
1 18.172.112.18 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 18.172.112.83 16509 (AMAZON-02)
6 151.101.193.21 54113 (FASTLY)
4 192.229.221.25 15133 (EDGECAST)
2 151.101.131.1 54113 (FASTLY)
1 142.250.186.163 15169 (GOOGLE)
52 15
1    1.179.112.197 (France)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
r.emails.oxfordlanguageclub.com
1    2606:4700:4400::6812:278d (United States)

ASN13335 (CLOUDFLARENET, US)
sibautomation.com
7    54.144.216.145 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-216-145.compute-1.amazonaws.com
kaleidoscope-publishing.thrivecart.com
13    18.238.243.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-243-10.ams58.r.cloudfront.net
tinder.thrivecart.com
5    2400:52e0:1e00::1079:1 (Germany)

ASN60068 (CDN77 _, GB)
fonts.bunny.net
2    18.155.129.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-129-114.cdg52.r.cloudfront.net
spark.thrivecart.com
1    18.172.112.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-18.fra60.r.cloudfront.net
js.stripe.com
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.recaptcha.net
1    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
6    18.172.112.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-83.fra60.r.cloudfront.net
js.stripe.com
6    151.101.193.21 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.paypal.com
4    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
2    151.101.131.1 (San Francisco, United States)

ASN54113 (FASTLY, US)
t.paypal.com
1    142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net
www.recaptcha.net
Apex Domain
Subdomains		 Transfer
22 thrivecart.com
kaleidoscope-publishing.thrivecart.com
tinder.thrivecart.com — Cisco Umbrella Rank: 443389
spark.thrivecart.com — Cisco Umbrella Rank: 539158
886 KB
8 paypal.com
www.paypal.com — Cisco Umbrella Rank: 3677
t.paypal.com — Cisco Umbrella Rank: 4582
157 KB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2856
157 KB
5 bunny.net
fonts.bunny.net — Cisco Umbrella Rank: 15346
46 KB
4 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 3281
18 KB
3 recaptcha.net
www.recaptcha.net — Cisco Umbrella Rank: 1812
2 KB
1 gstatic.com
www.gstatic.com
215 KB
1 sibautomation.com
sibautomation.com — Cisco Umbrella Rank: 34099
1 oxfordlanguageclub.com
r.emails.oxfordlanguageclub.com
1 KB
52 9
Domain Requested by
13 tinder.thrivecart.com kaleidoscope-publishing.thrivecart.com
tinder.thrivecart.com
7 js.stripe.com kaleidoscope-publishing.thrivecart.com
js.stripe.com
7 kaleidoscope-publishing.thrivecart.com r.emails.oxfordlanguageclub.com
tinder.thrivecart.com
6 www.paypal.com tinder.thrivecart.com
www.paypal.com
5 fonts.bunny.net kaleidoscope-publishing.thrivecart.com
fonts.bunny.net
4 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
3 www.recaptcha.net kaleidoscope-publishing.thrivecart.com
www.gstatic.com
2 t.paypal.com
2 spark.thrivecart.com kaleidoscope-publishing.thrivecart.com
1 www.gstatic.com www.recaptcha.net
1 sibautomation.com r.emails.oxfordlanguageclub.com
1 r.emails.oxfordlanguageclub.com
52 12

This site contains links to these domains. Also see Links.

Domain
policies.google.com
Subject Issuer Validity Valid
r.emails.oxfordlanguageclub.com
R10		 2024-08-14 -
2024-11-12		 3 months crt.sh
sibautomation.com
WE1		 2024-08-05 -
2024-11-03		 3 months crt.sh
thrivecart.com
Amazon RSA 2048 M03		 2024-03-18 -
2025-04-15		 a year crt.sh
fonts.bunny.net
R11		 2024-08-19 -
2024-11-17		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-07-23 -
2024-10-24		 3 months crt.sh
misc.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2024-02-08 -
2025-02-08		 a year crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2024-06-21 -
2025-06-20		 a year crt.sh

This page contains 14 frames:

Primary Page: https://kaleidoscope-publishing.thrivecart.com/cervantes-idiomas-signup/?_sc=MjE0NjM4NiM1MTIyNTI%3D&coupon=SPANISH95
Frame ID: E1CF8227DBB3FD76F8B48E567460104E
Requests: 38 HTTP requests in this frame

Frame: https://sibautomation.com/cm.html?id=2146386
Frame ID: 5011A7DA63D620050B4C507FC692C6FB
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 38F1BC0046494ED3BABFF0BCE04B1BF2
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-ebd2e268331325976741bb7801a2a36a.html
Frame ID: 54E9A6C860F329C37AFDC5E9C700B5E9
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-5fbe40b77cbb098cdd05fab962b22cd5.html
Frame ID: 5F67BD6F77FD63AF2A19AA8F54913FC1
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-payment-6724aa5fd685952422483c45a74d6d18.html
Frame ID: C35B1EBF9FDDC405FF371B9E48491D29
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-loader-ui-2e3324f13a2ead38f8ee94519ce9982f.html
Frame ID: 5E176ABF43365AB8F81A92456C455511
Requests: 1 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdIM_caAAAAAFxTZPaupAHuI3pLR9Po-Y3m1RIz&co=aHR0cHM6Ly9rYWxlaWRvc2NvcGUtcHVibGlzaGluZy50aHJpdmVjYXJ0LmNvbTo0NDM.&hl=fr&v=i7X0JrnYWy9Y_5EYdoFM79kV&size=invisible&cb=clqokpuf9fs6
Frame ID: 7D63BBC3FFE370D9A7B1F3F5F188CBE6
Requests: 1 HTTP requests in this frame

Frame: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_osynfismgbzaaocwoagcwnxdbyuhxe&disableSetCookie=true&features=%5Bobject%20Object%5D%2Cnative-modal&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVFHVkhJTFNIRW9ySmhfdXZnejBzVHg5MVllazBaek9Lb2xzU2ZlQW9fTHlBelZoSVpxNXdVaHBDSUNuemRaQk15d2pjSWdOOV9iMGhEM0smbWVyY2hhbnQtaWQ9WEJHNFNZQ0NDOExONCZlbmFibGUtZnVuZGluZz12ZW5tbyZjdXJyZW5jeT1VU0QmY29tcG9uZW50cz1tZXNzYWdlcyUyQ2J1dHRvbnMlMkNob3N0ZWQtZmllbGRzJmludGVudD1zdWJzY3JpcHRpb24mdmF1bHQ9dHJ1ZSIsImF0dHJzIjp7ImRhdGEtcGFydG5lci1hdHRyaWJ1dGlvbi1pZCI6IlRocml2ZUNhcnRMTENfU1BfUFBDUENQRlMiLCJkYXRhLXVpZCI6InVpZF9vc3luZmlzbWdiemFhb2N3b2FnY3dueGRieXVoeGUifX0&env=production&scriptUID=uid_osynfismgbzaaocwoagcwnxdbyuhxe&version=1.64.9&integrationType=SDK
Frame ID: 4AFBB9E79F029675FBB5F88E8DA50354
Requests: 1 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?style.layout=vertical&style.shape=rect&style.tagline=false&style.menuPlacement=below&allowBillingPayments=true&applePaySupport=false&buttonSessionID=uid_25a59e1936_mji6mdy6mji&clientAccessToken=A21AAODvQ9PlxBnOBgGSXLDAO12cZEvOLt3wt7LR21DyLf6kzYBMfWdMPPTLLIEzTasuvGlkAB_YKBUPuGbvtdqQZYezDSrcg&customerId=&clientID=AQGVHILSHEorJh_uvgz0sTx91Yek0ZzOKolsSfeAo_LyAzVhIZq5wUhpCICnzdZBMywjcIgN9_b0hD3K&clientMetadataID=uid_a2c51f3e2c_mji6mdy6mji&commit=true&components.0=buttons&components.1=hosted-fields&components.2=messages&currency=USD&debug=false&disableSetCookie=true&enableFunding.0=venmo&env=production&experiment.enableVenmo=false&experiment.venmoVaultWithoutPurchase=false&flow=subscription_setup&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwibWFlc3RybyI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGluZXJzIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJjdXAiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjp0cnVlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG9iYW5jYXJpbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNhdGlzcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBhaWR5Ijp7ImVsaWdpYmxlIjpmYWxzZX19&intent=subscription&locale.country=US&locale.lang=en&merchantID.0=XBG4SYCCC8LN4&hasShippingCallback=false&pageType=checkout&platform=desktop&renderedButtons.0=paypal&renderedButtons.1=card&sessionID=uid_a2c51f3e2c_mji6mdy6mji&sdkCorrelationID=f29715930c5c5&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVFHVkhJTFNIRW9ySmhfdXZnejBzVHg5MVllazBaek9Lb2xzU2ZlQW9fTHlBelZoSVpxNXdVaHBDSUNuemRaQk15d2pjSWdOOV9iMGhEM0smbWVyY2hhbnQtaWQ9WEJHNFNZQ0NDOExONCZlbmFibGUtZnVuZGluZz12ZW5tbyZjdXJyZW5jeT1VU0QmY29tcG9uZW50cz1tZXNzYWdlcyUyQ2J1dHRvbnMlMkNob3N0ZWQtZmllbGRzJmludGVudD1zdWJzY3JpcHRpb24mdmF1bHQ9dHJ1ZSIsImF0dHJzIjp7ImRhdGEtcGFydG5lci1hdHRyaWJ1dGlvbi1pZCI6IlRocml2ZUNhcnRMTENfU1BfUFBDUENQRlMiLCJkYXRhLXVpZCI6InVpZF9vc3luZmlzbWdiemFhb2N3b2FnY3dueGRieXVoeGUifX0&sdkVersion=5.0.456&storageID=uid_9d02875463_mji6mdy6mji&supportedNativeBrowser=false&supportsPopups=true&vault=true
Frame ID: D42B5607D72EDDD80A31E6C0F1321888
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg
Frame ID: 4014657633396633249DD15BCFA5A6A4
Requests: 2 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/bframe?hl=fr&v=i7X0JrnYWy9Y_5EYdoFM79kV&k=6LdIM_caAAAAAFxTZPaupAHuI3pLR9Po-Y3m1RIz
Frame ID: D70B157C35D3E2DBAA80ED47FDFBD13F
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 607028E5A84C49B298639EAA4A9F5A84
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/hcaptcha-invisible-faa72c6911ed7b29f103ab1a33feeac1.html
Frame ID: 8EF7875561415C66D023E281A3C55F00
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

cervantes-idiomas.com » Powered by ThriveCart

Page URL History Show full URLs

  1. http://r.emails.oxfordlanguageclub.com/mk/cl/f/sh/7nVU1aA2nfuMS4Gumm8ZZzJoQ9UxJMg/X2c13dtAAE6g HTTP 307
    https://r.emails.oxfordlanguageclub.com/mk/cl/f/sh/7nVU1aA2nfuMS4Gumm8ZZzJoQ9UxJMg/X2c13dtAAE6g Page URL
  2. https://kaleidoscope-publishing.thrivecart.com/cervantes-idiomas-signup/?_sc=MjE0NjM4NiM1MTIyNTI%3D&coupon=SPANISH95 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

52
Requests

100 %
HTTPS

29 %
IPv6

9
Domains

12
Subdomains

15
IPs

3
Countries

1483 kB
Transfer

5011 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://r.emails.oxfordlanguageclub.com/mk/cl/f/sh/7nVU1aA2nfuMS4Gumm8ZZzJoQ9UxJMg/X2c13dtAAE6g HTTP 307
    https://r.emails.oxfordlanguageclub.com/mk/cl/f/sh/7nVU1aA2nfuMS4Gumm8ZZzJoQ9UxJMg/X2c13dtAAE6g Page URL
  2. https://kaleidoscope-publishing.thrivecart.com/cervantes-idiomas-signup/?_sc=MjE0NjM4NiM1MTIyNTI%3D&coupon=SPANISH95 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://r.emails.oxfordlanguageclub.com/mk/cl/f/sh/7nVU1aA2nfuMS4Gumm8ZZzJoQ9UxJMg/X2c13dtAAE6g HTTP 307
  • https://r.emails.oxfordlanguageclub.com/mk/cl/f/sh/7nVU1aA2nfuMS4Gumm8ZZzJoQ9UxJMg/X2c13dtAAE6g

52 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
X2c13dtAAE6g
r.emails.oxfordlanguageclub.com/mk/cl/f/sh/7nVU1aA2nfuMS4Gumm8ZZzJoQ9UxJMg/
Redirect Chain
  • http://r.emails.oxfordlanguageclub.com/mk/cl/f/sh/7nVU1aA2nfuMS4Gumm8ZZzJoQ9UxJMg/X2c13dtAAE6g
  • https://r.emails.oxfordlanguageclub.com/mk/cl/f/sh/7nVU1aA2nfuMS4Gumm8ZZzJoQ9UxJMg/X2c13dtAAE6g
884 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r.emails.oxfordlanguageclub.com/mk/cl/f/sh/7nVU1aA2nfuMS4Gumm8ZZzJoQ9UxJMg/X2c13dtAAE6g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
1.179.112.197 , France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
cb0ab61f6138cc779eef4628d07d7291eef8d058c7ee142f7d0f87e89d1ae945
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-length
884
content-type
text/html; charset=utf-8
date
Mon, 26 Aug 2024 22:06:20 GMT
x-content-type-options
nosniff
x-sib-server
gke-public-cluster-v2-1-179-112-137
x-xss-protection
1

Redirect headers

Location
https://r.emails.oxfordlanguageclub.com/mk/cl/f/sh/7nVU1aA2nfuMS4Gumm8ZZzJoQ9UxJMg/X2c13dtAAE6g
Non-Authoritative-Reason
HttpsUpgrades
cm.html
sibautomation.com/ Frame 5011 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sibautomation.com/cm.html?id=2146386
Requested by
Host: r.emails.oxfordlanguageclub.com
URL: https://r.emails.oxfordlanguageclub.com/mk/cl/f/sh/7nVU1aA2nfuMS4Gumm8ZZzJoQ9UxJMg/X2c13dtAAE6g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:278d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Sails <sailsjs.com>
Resource Hash

Request headers

Referer
https://r.emails.oxfordlanguageclub.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
2937
cache-control
public, max-age=7200
cf-cache-status
HIT
cf-ray
8b9720e03ce393fe-LHR
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 26 Aug 2024 22:06:20 GMT
expires
Tue, 27 Aug 2024 00:06:20 GMT
server
cloudflare
vary
Accept-Encoding
x-powered-by
Sails <sailsjs.com>
Primary Request /
kaleidoscope-publishing.thrivecart.com/cervantes-idiomas-signup/ 		133 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kaleidoscope-publishing.thrivecart.com/cervantes-idiomas-signup/?_sc=MjE0NjM4NiM1MTIyNTI%3D&coupon=SPANISH95
Requested by
Host: r.emails.oxfordlanguageclub.com
URL: https://r.emails.oxfordlanguageclub.com/mk/cl/f/sh/7nVU1aA2nfuMS4Gumm8ZZzJoQ9UxJMg/X2c13dtAAE6g
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.216.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-216-145.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1ea43035ddb9d5d4082877fcbc9d56ce3efd406c77926ba79db44d37910ba686

Request headers

Referer
https://r.emails.oxfordlanguageclub.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 26 Aug 2024 22:06:20 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
checkout.minimal.css
tinder.thrivecart.com/v20240821195944/embed/v1/ 		235 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tinder.thrivecart.com/v20240821195944/embed/v1/checkout.minimal.css
Requested by
Host: kaleidoscope-publishing.thrivecart.com
URL: https://kaleidoscope-publishing.thrivecart.com/cervantes-idiomas-signup/?_sc=MjE0NjM4NiM1MTIyNTI%3D&coupon=SPANISH95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-10.ams58.r.cloudfront.net
Software
nginx /
Resource Hash
676fcead0d6741d54682aeb985375e26284a0f7a8496493a1fea19d7aa072df5

Request headers

Referer
https://kaleidoscope-publishing.thrivecart.com/
Origin
https://kaleidoscope-publishing.thrivecart.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 05:01:05 GMT
content-encoding
gzip
via
1.1 f580bae666598e3f09a5ffd24b286bae.cloudfront.net (CloudFront)
last-modified
Tue, 20 Aug 2024 15:46:53 GMT
server
nginx
x-amz-cf-pop
AMS58-P1
age
147916
etag
W/"66c4ba6d-3aace"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000, public
x-amz-cf-id
27kZuLZhymjVv_y7OEjzGsvMhmyZThuiTGyAwKczBaaCqL5zqX2yKA==
expires
Tue, 24 Sep 2024 05:01:05 GMT
widgets.css
tinder.thrivecart.com/v20240821195944/plugins/core.template.v2/assets/ 		1 MB
101 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tinder.thrivecart.com/v20240821195944/plugins/core.template.v2/assets/widgets.css
Requested by
Host: kaleidoscope-publishing.thrivecart.com
URL: https://kaleidoscope-publishing.thrivecart.com/cervantes-idiomas-signup/?_sc=MjE0NjM4NiM1MTIyNTI%3D&coupon=SPANISH95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-10.ams58.r.cloudfront.net
Software
nginx /
Resource Hash
c3ee04269584e97fd45e150b583e111246097e743f544e7db8a9ede70bdec9df

Request headers

Referer
https://kaleidoscope-publishing.thrivecart.com/
Origin
https://kaleidoscope-publishing.thrivecart.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 08:00:50 GMT
content-encoding
gzip
via
1.1 f580bae666598e3f09a5ffd24b286bae.cloudfront.net (CloudFront)
last-modified
Tue, 20 Aug 2024 15:46:53 GMT
server
nginx
x-amz-cf-pop
AMS58-P1
age
396331
etag
W/"66c4ba6d-14dfa3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000, public
x-amz-cf-id
gek_kDBfpBsGYIuJnlFpU5T1rZGiLplnmEhRz0tLiVVWq4h5ndHd4A==
expires
Sat, 21 Sep 2024 08:00:50 GMT
style.css
tinder.thrivecart.com/v20240821195944/plugins/core.template.v2/templates/standard/assets/ 		200 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tinder.thrivecart.com/v20240821195944/plugins/core.template.v2/templates/standard/assets/style.css
Requested by
Host: kaleidoscope-publishing.thrivecart.com
URL: https://kaleidoscope-publishing.thrivecart.com/cervantes-idiomas-signup/?_sc=MjE0NjM4NiM1MTIyNTI%3D&coupon=SPANISH95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-10.ams58.r.cloudfront.net
Software
nginx /
Resource Hash
9dcea744a61c25835eaa656d140c712a9f6429359a46e92084791887de17fd02

Request headers

Referer
https://kaleidoscope-publishing.thrivecart.com/
Origin
https://kaleidoscope-publishing.thrivecart.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 05:01:05 GMT
content-encoding
gzip
via
1.1 f580bae666598e3f09a5ffd24b286bae.cloudfront.net (CloudFront)
last-modified
Tue, 20 Aug 2024 15:46:53 GMT
server
nginx
x-amz-cf-pop
AMS58-P1
age
147916
etag
W/"66c4ba6d-32047"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000, public
x-amz-cf-id
jLq6bvc4fdcw8cU-GjPVRHITjStBGI6ZKiT-tZxSnnCMn7SnXnD-Nw==
expires
Tue, 24 Sep 2024 05:01:05 GMT
css
fonts.bunny.net/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.bunny.net/css?family=DM+Sans:400,400i,500,500i,700,700i&display=block&subset=latin-ext
Requested by
Host: kaleidoscope-publishing.thrivecart.com
URL: https://kaleidoscope-publishing.thrivecart.com/cervantes-idiomas-signup/?_sc=MjE0NjM4NiM1MTIyNTI%3D&coupon=SPANISH95
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
1adbfd18a8f0c9a57e3612bd4a310fe29e320a7a8c5fb05b6eaad5d564f66858

Request headers

Referer
https://kaleidoscope-publishing.thrivecart.com/
Origin
https://kaleidoscope-publishing.thrivecart.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 22:06:21 GMT
content-encoding
br
cdn-edgestorageid
1082
cdn-cachedat
08/19/2024 15:44:34
cdn-pullzone
781720
last-modified
Mon, 19 Aug 2024 15:44:34 GMT
server
BunnyCDN-DE1-1079
cdn-proxyver
1.04
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
5bbf1f0b32e8745dcea0cc1dc64b6169
cdn-requestcountrycode
FR
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
css2
fonts.bunny.net/ 		983 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.bunny.net/css2?display=swap&family=DM+Sans&subset=latin-ext
Requested by
Host: kaleidoscope-publishing.thrivecart.com
URL: https://kaleidoscope-publishing.thrivecart.com/cervantes-idiomas-signup/?_sc=MjE0NjM4NiM1MTIyNTI%3D&coupon=SPANISH95
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
84df2e076a7367cd9dfc5b3b8d3175ce1680978e75b9b906d152513e800c77ff

Request headers

Referer
https://kaleidoscope-publishing.thrivecart.com/
Origin
https://kaleidoscope-publishing.thrivecart.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 22:06:21 GMT
content-encoding
br
cdn-edgestorageid
1081
cdn-cachedat
08/03/2024 15:41:08
cdn-pullzone
781720
last-modified
Sat, 03 Aug 2024 15:41:08 GMT
server
BunnyCDN-DE1-1079
cdn-proxyver
1.04
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
af7dd1031e51df97c14eb21d5c8f4391
cdn-requestcountrycode
FR
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
user_assets%2F1R0T8FBK%2Fuploads%2Fimages%2Fcervantes-idiomas--1715248960.png
spark.thrivecart.com/0x0/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spark.thrivecart.com/0x0/user_assets%2F1R0T8FBK%2Fuploads%2Fimages%2Fcervantes-idiomas--1715248960.png
Requested by
Host: kaleidoscope-publishing.thrivecart.com
URL: https://kaleidoscope-publishing.thrivecart.com/cervantes-idiomas-signup/?_sc=MjE0NjM4NiM1MTIyNTI%3D&coupon=SPANISH95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.129.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-129-114.cdg52.r.cloudfront.net
Software
/
Resource Hash
cb1914163e0c6e2fe0897354bf4cee2e0656160a31ff6673d97466caffc38969

Request headers

Referer
https://kaleidoscope-publishing.thrivecart.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 15:41:25 GMT
via
1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront), 1.1 fab151d68d1a2f6afb087e422136c6fe.cloudfront.net (CloudFront)
x-amz-cf-id
OWAXPRDTUDzJ9IfZnq36Dwa48QdhFQQXJr4hU4_2QJ7mFK0SI2czjQ==
x-amz-cf-pop
FRA60-P6, CDG52-P4
age
627896
x-amzn-requestid
e39bbf49-64ec-47a1-8df1-607e18a4068d
etag
"254798e90ae6af384da2bd997acee872d726af90"
x-amzn-trace-id
Root=1-66c367a5-67e5a3fa0091cc5d66607652;Parent=13d6c1f8c7e78d84;Sampled=0;lineage=8fb9be9f:0
content-type
image/png
x-cache
Hit from cloudfront
cache-control
max-age=31536000,public
x-amz-apigw-id
cw0h9HGWoAMEZDg=
content-length
3255
x-amzn-remapped-date
Mon, 19 Aug 2024 15:41:25 GMT
expires
Tue, 19 Aug 2025 15:41:25 GMT
user_assets%2F1R0T8FBK%2Fuploads%2Fimages%2Fpicture2-1715249011.jpeg
spark.thrivecart.com/0x0/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spark.thrivecart.com/0x0/user_assets%2F1R0T8FBK%2Fuploads%2Fimages%2Fpicture2-1715249011.jpeg
Requested by
Host: kaleidoscope-publishing.thrivecart.com
URL: https://kaleidoscope-publishing.thrivecart.com/cervantes-idiomas-signup/?_sc=MjE0NjM4NiM1MTIyNTI%3D&coupon=SPANISH95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.129.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-129-114.cdg52.r.cloudfront.net
Software
/
Resource Hash
5b981d8afb8ac46993778d1d3800121c64a7748195d31c472de9e7ec9e3e4382

Request headers

Referer
https://kaleidoscope-publishing.thrivecart.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 03:50:46 GMT
via
1.1 d4b0acc43b96f7849332ef0fcc29ac32.cloudfront.net (CloudFront), 1.1 fab151d68d1a2f6afb087e422136c6fe.cloudfront.net (CloudFront)
x-amz-cf-id
gUGjkYcuMmkk4O_bImyEhIFm5qQW9cX9-gUQ2EAP6KmoEzrLwAOleg==
x-amz-cf-pop
FRA60-P6, CDG52-P4
age
65735
x-amzn-requestid
bb278d08-e9e9-47dd-92fd-867ad1bbfc38
etag
"93517d017c55d8d38b084dd4aa4fa0f109271113"
x-amzn-trace-id
Root=1-66cbfb95-0274a1164452db377c0a23e6;Parent=6f0ae439429418a9;Sampled=0;lineage=8fb9be9f:0
content-type
image/png
x-cache
Hit from cloudfront
cache-control
max-age=31536000,public
x-amz-apigw-id
dGQ_dEjMIAMEEPg=
content-length
39402
x-amzn-remapped-date
Mon, 26 Aug 2024 03:50:45 GMT
expires
Tue, 26 Aug 2025 03:50:46 GMT
guarantee_1.png
tinder.thrivecart.com/v20240821195944/plugins/core.template.v2/widgets/seal/frontend/assets/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tinder.thrivecart.com/v20240821195944/plugins/core.template.v2/widgets/seal/frontend/assets/guarantee_1.png
Requested by
Host: kaleidoscope-publishing.thrivecart.com
URL: https://kaleidoscope-publishing.thrivecart.com/cervantes-idiomas-signup/?_sc=MjE0NjM4NiM1MTIyNTI%3D&coupon=SPANISH95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-10.ams58.r.cloudfront.net
Software
nginx /
Resource Hash
74c908b8e0d99745e382ff041d3129e2020a06e3030c7a4500d24756a46c1085

Request headers

Referer
https://kaleidoscope-publishing.thrivecart.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:01:47 GMT
via
1.1 6592b72953c66e8c26c29c332cf2edf0.cloudfront.net (CloudFront)
last-modified
Tue, 20 Aug 2024 15:46:53 GMT
server
nginx
x-amz-cf-pop
AMS58-P1
age
439473
etag
"66c4ba6d-296a"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
10602
x-amz-cf-id
krxDnqsY7U3thTbPnZIKkeflPK_enKIF3TOkvktGEJqvKGVek9PRuA==
expires
Fri, 20 Sep 2024 20:01:47 GMT
cards_limited.png
tinder.thrivecart.com/v20240821195944/plugins/core.template.v2/widgets/core_fields_buy_button/frontend/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tinder.thrivecart.com/v20240821195944/plugins/core.template.v2/widgets/core_fields_buy_button/frontend/cards_limited.png
Requested by
Host: kaleidoscope-publishing.thrivecart.com
URL: https://kaleidoscope-publishing.thrivecart.com/cervantes-idiomas-signup/?_sc=MjE0NjM4NiM1MTIyNTI%3D&coupon=SPANISH95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-10.ams58.r.cloudfront.net
Software
nginx /
Resource Hash
1beb1ffc4631dc233334ae5761d9504dc38ede5e85ade396dcc35613ed146507

Request headers

Referer
https://kaleidoscope-publishing.thrivecart.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:00:22 GMT
via
1.1 6592b72953c66e8c26c29c332cf2edf0.cloudfront.net (CloudFront)
last-modified
Tue, 20 Aug 2024 15:46:53 GMT
server
nginx
x-amz-cf-pop
AMS58-P1
age
439558
etag
"66c4ba6d-1f0e"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
7950
x-amz-cf-id
swgAqEdGNyWSvXtaHg3w3qYKSeQqJlvGCCsMzB4eT353EhZVb49DQQ==
expires
Fri, 20 Sep 2024 20:00:22 GMT
cards_full.png
tinder.thrivecart.com/v20240821195944/plugins/core.template.v2/widgets/core_fields_buy_button/frontend/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tinder.thrivecart.com/v20240821195944/plugins/core.template.v2/widgets/core_fields_buy_button/frontend/cards_full.png
Requested by
Host: kaleidoscope-publishing.thrivecart.com
URL: https://kaleidoscope-publishing.thrivecart.com/cervantes-idiomas-signup/?_sc=MjE0NjM4NiM1MTIyNTI%3D&coupon=SPANISH95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-10.ams58.r.cloudfront.net
Software
nginx /
Resource Hash
b2362f1c2a377dd386a3929b9fb2dc5fabfbc2a7f102e29009bfe09c6833849c

Request headers

Referer
https://kaleidoscope-publishing.thrivecart.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:00:22 GMT
via
1.1 6592b72953c66e8c26c29c332cf2edf0.cloudfront.net (CloudFront)
last-modified
Tue, 20 Aug 2024 15:46:53 GMT
server
nginx
x-amz-cf-pop
AMS58-P1
age
439559
etag
"66c4ba6d-27ff"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
10239
x-amz-cf-id
w9cSKI4XqHQ-GqdLg5HjbHnp9gx2779Cxtn3ncp18SJOj6UgP1LJfg==
expires
Fri, 20 Sep 2024 20:00:22 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
logo-translucent.png
tinder.thrivecart.com/v20240821195944/static/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tinder.thrivecart.com/v20240821195944/static/images/logo-translucent.png
Requested by
Host: tinder.thrivecart.com
URL: https://tinder.thrivecart.com/v20240821195944/plugins/core.template.v2/templates/standard/assets/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-10.ams58.r.cloudfront.net
Software
nginx /
Resource Hash
0178efc1cd691a4412d88770fcca9ec0c7355669113c7b4d707fa4b21bb9df9c

Request headers

Referer
https://tinder.thrivecart.com/v20240821195944/plugins/core.template.v2/templates/standard/assets/style.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:00:33 GMT
via
1.1 6592b72953c66e8c26c29c332cf2edf0.cloudfront.net (CloudFront)
last-modified
Tue, 20 Aug 2024 15:46:52 GMT
server
nginx
x-amz-cf-pop
AMS58-P1
age
439548
etag
"66c4ba6c-24c8"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
9416
x-amz-cf-id
_5D6MX93SlQTTm-XSZDGvu6q_BMZrWr5XFNji1Q6uH3cBp4nf8WFyA==
expires
Fri, 20 Sep 2024 20:00:33 GMT
dm-sans-latin-700-normal.woff2
fonts.bunny.net/dm-sans/files/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.bunny.net/dm-sans/files/dm-sans-latin-700-normal.woff2
Requested by
Host: fonts.bunny.net
URL: https://fonts.bunny.net/css?family=DM+Sans:400,400i,500,500i,700,700i&display=block&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
52b34c81a087fe1de2aa984d16f3a7e70f502eb5a6c69c51d88ec0741b0aa0c4

Request headers

Referer
https://fonts.bunny.net/css?family=DM+Sans:400,400i,500,500i,700,700i&display=block&subset=latin-ext
Origin
https://kaleidoscope-publishing.thrivecart.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 22:06:21 GMT
cdn-edgestorageid
1081
cdn-storageserver
DE-679
cdn-cachedat
07/31/2024 15:59:51
cdn-pullzone
781720
content-length
14304
last-modified
Tue, 09 Jul 2024 14:09:51 GMT
server
BunnyCDN-DE1-1079
cdn-fileserver
649
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
"668d44af-37e0"
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
775c63d9fce2d5c7ea8f843fdfa5f3c2
accept-ranges
bytes
cdn-requestcountrycode
FR
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
dm-sans-latin-400-normal.woff2
fonts.bunny.net/dm-sans/files/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.bunny.net/dm-sans/files/dm-sans-latin-400-normal.woff2
Requested by
Host: fonts.bunny.net
URL: https://fonts.bunny.net/css?family=DM+Sans:400,400i,500,500i,700,700i&display=block&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
a71e519e44faaa2a518544f31c899590cd80076d09814d015b69e64dd9202128

Request headers

Referer
https://fonts.bunny.net/css?family=DM+Sans:400,400i,500,500i,700,700i&display=block&subset=latin-ext
Origin
https://kaleidoscope-publishing.thrivecart.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 22:06:21 GMT
cdn-edgestorageid
1082
cdn-storageserver
DE-680
cdn-cachedat
08/08/2024 09:16:46
cdn-pullzone
781720
content-length
14116
last-modified
Tue, 09 Jul 2024 14:09:46 GMT
server
BunnyCDN-DE1-1079
cdn-fileserver
633
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
"668d44aa-3724"
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
42a8b705240693d544fa1b88d76a39b2
accept-ranges
bytes
cdn-requestcountrycode
FR
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
dm-sans-latin-500-normal.woff2
fonts.bunny.net/dm-sans/files/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.bunny.net/dm-sans/files/dm-sans-latin-500-normal.woff2
Requested by
Host: fonts.bunny.net
URL: https://fonts.bunny.net/css?family=DM+Sans:400,400i,500,500i,700,700i&display=block&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
720546bd1109304dfb6076e22b74c2afeaca0b38c819d019eccb1a2e91e6f0be

Request headers

Referer
https://fonts.bunny.net/css?family=DM+Sans:400,400i,500,500i,700,700i&display=block&subset=latin-ext
Origin
https://kaleidoscope-publishing.thrivecart.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 22:06:21 GMT
cdn-edgestorageid
1079
cdn-storageserver
DE-677
cdn-cachedat
07/24/2024 20:59:33
cdn-pullzone
781720
content-length
14308
last-modified
Tue, 09 Jul 2024 14:09:47 GMT
server
BunnyCDN-DE1-1079
cdn-fileserver
660
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
"668d44ab-37e4"
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
b0e5973ebda6841a94bab8ab6afb2226
accept-ranges
bytes
cdn-requestcountrycode
FR
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
fa-solid-900.woff2
tinder.thrivecart.com/v20240821195944/static/assets/fontawesome-6.1.1/webfonts/ 		321 KB
322 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://tinder.thrivecart.com/v20240821195944/static/assets/fontawesome-6.1.1/webfonts/fa-solid-900.woff2
Requested by
Host: tinder.thrivecart.com
URL: https://tinder.thrivecart.com/v20240821195944/embed/v1/checkout.minimal.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-10.ams58.r.cloudfront.net
Software
nginx /
Resource Hash
f350c708b5e7748a452b4b98600fa49127166d995686e260ccafb58d51a4ea62

Request headers

Referer
https://tinder.thrivecart.com/v20240821195944/embed/v1/checkout.minimal.css
Origin
https://kaleidoscope-publishing.thrivecart.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 01:12:29 GMT
via
1.1 f580bae666598e3f09a5ffd24b286bae.cloudfront.net (CloudFront)
last-modified
Tue, 20 Aug 2024 15:46:52 GMT
server
nginx
x-amz-cf-pop
AMS58-P1
age
75232
etag
"66c4ba6c-505f4"
x-cache
Hit from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
329204
x-amz-cf-id
YxB4wrZ03tceRkqmZ3ha7AW4BYpCtj7T7Yp5n3zPrqdFCUlN_k2D1g==
expires
Wed, 25 Sep 2024 01:12:29 GMT
fa-brands-400.woff2
tinder.thrivecart.com/v20240821195944/static/assets/fontawesome-6.1.1/webfonts/ 		103 KB
104 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://tinder.thrivecart.com/v20240821195944/static/assets/fontawesome-6.1.1/webfonts/fa-brands-400.woff2
Requested by
Host: tinder.thrivecart.com
URL: https://tinder.thrivecart.com/v20240821195944/embed/v1/checkout.minimal.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-10.ams58.r.cloudfront.net
Software
nginx /
Resource Hash
3701cbff3acccd80b1f2eede4311050514f7a64c2039eb77a77368fcd6e3de28

Request headers

Referer
https://tinder.thrivecart.com/v20240821195944/embed/v1/checkout.minimal.css
Origin
https://kaleidoscope-publishing.thrivecart.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 01:12:29 GMT
via
1.1 f580bae666598e3f09a5ffd24b286bae.cloudfront.net (CloudFront)
last-modified
Tue, 20 Aug 2024 15:46:52 GMT
server
nginx
x-amz-cf-pop
AMS58-P1
age
75232
etag
"66c4ba6c-19d28"
x-cache
Hit from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
105768
x-amz-cf-id
IllDzkNpYlD_FWP8CKA5DTddvMO1nR_WikObhN2hzO0BQUipM2atdA==
expires
Wed, 25 Sep 2024 01:12:29 GMT
common.js
tinder.thrivecart.com/v20240821195944/embed/v1/ 		260 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tinder.thrivecart.com/v20240821195944/embed/v1/common.js
Requested by
Host: kaleidoscope-publishing.thrivecart.com
URL: https://kaleidoscope-publishing.thrivecart.com/cervantes-idiomas-signup/?_sc=MjE0NjM4NiM1MTIyNTI%3D&coupon=SPANISH95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-10.ams58.r.cloudfront.net
Software
nginx /
Resource Hash
a45ddaa3b4e5d703fc40bfd583bb09c90df22b834f2a7c132a9fab8cf79a6a09

Request headers

Referer
https://kaleidoscope-publishing.thrivecart.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:00:24 GMT
content-encoding
gzip
via
1.1 6592b72953c66e8c26c29c332cf2edf0.cloudfront.net (CloudFront)
last-modified
Tue, 20 Aug 2024 15:46:53 GMT
server
nginx
x-amz-cf-pop
AMS58-P1
age
439557
etag
W/"66c4ba6d-40e47"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, public
x-amz-cf-id
k8o3RnIXYcFWTW__HVRsGmMSgNF9aGbAc2sgOFNTRQ_8BtuiCuZ_7Q==
expires
Fri, 20 Sep 2024 20:00:24 GMT
checkout.v2.js
tinder.thrivecart.com/v20240821195944/embed/v1/ 		219 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tinder.thrivecart.com/v20240821195944/embed/v1/checkout.v2.js
Requested by
Host: kaleidoscope-publishing.thrivecart.com
URL: https://kaleidoscope-publishing.thrivecart.com/cervantes-idiomas-signup/?_sc=MjE0NjM4NiM1MTIyNTI%3D&coupon=SPANISH95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-10.ams58.r.cloudfront.net
Software
nginx /
Resource Hash
51070acc56c3a5939f237449521937fbe50f656ba2d50de96a08cf775807d465

Request headers

Referer
https://kaleidoscope-publishing.thrivecart.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:00:24 GMT
content-encoding
gzip
via
1.1 6592b72953c66e8c26c29c332cf2edf0.cloudfront.net (CloudFront)
last-modified
Tue, 20 Aug 2024 15:46:53 GMT
server
nginx
x-amz-cf-pop
AMS58-P1
age
439557
etag
W/"66c4ba6d-36b42"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, public
x-amz-cf-id
2ZnHe740X5Pvmg43IYKlNvY_cD3xGPTNPoZMuXAiDLQ8X7KKbC3vcA==
expires
Fri, 20 Sep 2024 20:00:24 GMT
/
js.stripe.com/v3/ 		647 KB
157 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: kaleidoscope-publishing.thrivecart.com
URL: https://kaleidoscope-publishing.thrivecart.com/cervantes-idiomas-signup/?_sc=MjE0NjM4NiM1MTIyNTI%3D&coupon=SPANISH95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-18.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
440d8cb4766de79300cc758fbeaec839be24d8fba27d74ea25f87b5d23683bc6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://kaleidoscope-publishing.thrivecart.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 22:06:21 GMT
content-encoding
br
via
1.1 10f6ed997c15c1439b3ae1db258c7d16.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
7
x-amz-cf-pop
FRA60-P8
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 26 Aug 2024 21:32:59 GMT
server
Cloudfront
etag
W/"f81a0cec49679aee986a0886993332ff"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
RY6pbG7V0gy73lw2MJc7xr4gkL2NIRA_Ce-oSkjVhdjGYI7o7qUBZA==
api.js
www.recaptcha.net/recaptcha/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api.js
Requested by
Host: kaleidoscope-publishing.thrivecart.com
URL: https://kaleidoscope-publishing.thrivecart.com/cervantes-idiomas-signup/?_sc=MjE0NjM4NiM1MTIyNTI%3D&coupon=SPANISH95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7b215142aa7e7b49394ea869774a3736f94d6a273d2d763de07d9a387086592c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://kaleidoscope-publishing.thrivecart.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 22:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
expires
Mon, 26 Aug 2024 22:06:21 GMT
widgets.js
tinder.thrivecart.com/v20240821195944/plugins/core.template.v2/assets/ 		267 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tinder.thrivecart.com/v20240821195944/plugins/core.template.v2/assets/widgets.js
Requested by
Host: kaleidoscope-publishing.thrivecart.com
URL: https://kaleidoscope-publishing.thrivecart.com/cervantes-idiomas-signup/?_sc=MjE0NjM4NiM1MTIyNTI%3D&coupon=SPANISH95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-10.ams58.r.cloudfront.net
Software
nginx /
Resource Hash
6397534af6f8ea868872a1e8aa3c864358cb58ecae394ebed7f13235ed5e5ca2

Request headers

Referer
https://kaleidoscope-publishing.thrivecart.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:00:24 GMT
content-encoding
gzip
via
1.1 6592b72953c66e8c26c29c332cf2edf0.cloudfront.net (CloudFront)
last-modified
Tue, 20 Aug 2024 15:46:53 GMT
server
nginx
x-amz-cf-pop
AMS58-P1
age
439557
etag
W/"66c4ba6d-42db1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, public
x-amz-cf-id
uN0vyg5k_kIG0kgIz_ka-M79EnONqq9JmFOOLu9PCssJnYVJ0BI3ow==
expires
Fri, 20 Sep 2024 20:00:24 GMT
favicon.ico
kaleidoscope-publishing.thrivecart.com/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://kaleidoscope-publishing.thrivecart.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.216.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-216-145.compute-1.amazonaws.com
Software
nginx /
Resource Hash
8e8613104fb69a46cff2ed57b6c9b4707a3dd0a64436b262295f41b34c4fb9de

Request headers

Referer
https://kaleidoscope-publishing.thrivecart.com/cervantes-idiomas-signup/?_sc=MjE0NjM4NiM1MTIyNTI%3D&coupon=SPANISH95
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 22:06:21 GMT
last-modified
Wed, 21 Aug 2024 19:59:58 GMT
server
nginx
accept-ranges
bytes
etag
"66c6473e-10be"
content-length
4286
content-type
image/x-icon
favicon.ico
kaleidoscope-publishing.thrivecart.com/ 		4 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://kaleidoscope-publishing.thrivecart.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.216.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-216-145.compute-1.amazonaws.com
Software
nginx /
Resource Hash
8e8613104fb69a46cff2ed57b6c9b4707a3dd0a64436b262295f41b34c4fb9de

Request headers

Referer
https://kaleidoscope-publishing.thrivecart.com/cervantes-idiomas-signup/?_sc=MjE0NjM4NiM1MTIyNTI%3D
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 22:06:21 GMT
last-modified
Wed, 21 Aug 2024 19:59:58 GMT
server
nginx
accept-ranges
bytes
etag
"66c6473e-10be"
content-length
4286
content-type
image/x-icon
recaptcha__fr.js
www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/ 		539 KB
215 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/recaptcha__fr.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90b093d0632304ca9774e284386055b0ed71a42c06749090619f15977999e32a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kaleidoscope-publishing.thrivecart.com/
Origin
https://kaleidoscope-publishing.thrivecart.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 07:14:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53488
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
219419
x-xss-protection
0
last-modified
Mon, 19 Aug 2024 04:00:58 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 26 Aug 2025 07:14:53 GMT
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 38F1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-83.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://kaleidoscope-publishing.thrivecart.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1531
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 26 Aug 2024 21:40:51 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 23 Aug 2024 21:21:17 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 db38c5279288cd1c6aea4fa2c0409120.cloudfront.net (CloudFront)
x-amz-cf-id
IY3A8PRu3bTXwbtt55Sk1ZzlowEhGJWek3IUhNvAK4hfkDV3vxFE1A==
x-amz-cf-pop
FRA60-P8
x-cache
Hit from cloudfront
x-content-type-options
nosniff
track
kaleidoscope-publishing.thrivecart.com/api/v1/statistics/ 		88 B
453 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kaleidoscope-publishing.thrivecart.com/api/v1/statistics/track?viewer_id=&user_id=cca53739-c1e3-4003-a76d-f5ae75fe5296&browser=chrome&os=unknown&entity_id=213&entity_type=product&account_id=6253&mode=2&campaign_id=&affiliate_id=&tc_flow=&tco=&tcv=&uv=8&event_meta%5Burl%5D=https%3A%2F%2Fkaleidoscope-publishing.thrivecart.com%2Fcervantes-idiomas-signup%2F%3F_sc%3DMjE0NjM4NiM1MTIyNTI%253D&event_meta%5Buser_agent%5D=Mozilla%2F5.0+(X11%3B+Linux+x86_64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F128.0.0.0+Safari%2F537.36&event_meta%5Bfbp%5D=.&event_meta%5Bfbc%5D=.&event_meta%5Boffer_type%5D=product&event_meta%5Boffer_ref%5D=213&event_meta%5Bevent_time%5D=1724709982&event_meta%5Bpage_load_time%5D=1724709980&event_type=checkout_view
Requested by
Host: tinder.thrivecart.com
URL: https://tinder.thrivecart.com/v20240821195944/embed/v1/common.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.216.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-216-145.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2506c8e0808d3bf801f3316a1a83bbab1336624ba6fd86fedfe4d99fc0ba1ec9

Request headers

Accept
application/json, text/javascript
Referer
https://kaleidoscope-publishing.thrivecart.com/cervantes-idiomas-signup/?_sc=MjE0NjM4NiM1MTIyNTI%3D
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 26 Aug 2024 22:06:21 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://*.thrivecart.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 19 Nov 1981 08:52:00 GMT
controller-with-preconnect-ebd2e268331325976741bb7801a2a36a.html
js.stripe.com/v3/ Frame 54E9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-with-preconnect-ebd2e268331325976741bb7801a2a36a.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-83.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://kaleidoscope-publishing.thrivecart.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
33
alt-svc
h3=":443"; ma=86400
cache-control
max-age=60, stale-while-revalidate=900
content-length
651
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 26 Aug 2024 22:05:50 GMT
etag
"ebd2e268331325976741bb7801a2a36a"
last-modified
Mon, 26 Aug 2024 20:42:23 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 db38c5279288cd1c6aea4fa2c0409120.cloudfront.net (CloudFront)
x-amz-cf-id
1TmEBkfJUVLgk3b3fbce5nT5Vd5YhsabCysAF5gUqMuLzWLknOAkRA==
x-amz-cf-pop
FRA60-P8
x-cache
Hit from cloudfront
x-content-type-options
nosniff
select-arrow.png
tinder.thrivecart.com/embed/v1/images/ 		637 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tinder.thrivecart.com/embed/v1/images/select-arrow.png
Requested by
Host: tinder.thrivecart.com
URL: https://tinder.thrivecart.com/v20240821195944/embed/v1/checkout.minimal.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-10.ams58.r.cloudfront.net
Software
nginx /
Resource Hash
4ff40fb5a2aea4aee1a72ed5c530e9e6db69247d05424747e76343c82b827a7d

Request headers

Referer
https://tinder.thrivecart.com/v20240821195944/embed/v1/checkout.minimal.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 15:44:35 GMT
via
1.1 6592b72953c66e8c26c29c332cf2edf0.cloudfront.net (CloudFront)
last-modified
Tue, 13 Aug 2024 15:43:14 GMT
server
nginx
x-amz-cf-pop
AMS58-P1
age
1146106
etag
"66bb7f12-27d"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
637
x-amz-cf-id
IQ0Ox9vp8WfKUrPxH1-xUC8I2ec4FerhItpsW8VqhdH46IBQMUYKRQ==
expires
Thu, 12 Sep 2024 15:44:35 GMT
payment-request-inner-google-pay-5fbe40b77cbb098cdd05fab962b22cd5.html
js.stripe.com/v3/ Frame 5F67 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/payment-request-inner-google-pay-5fbe40b77cbb098cdd05fab962b22cd5.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-83.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://kaleidoscope-publishing.thrivecart.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3191
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-length
408
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 26 Aug 2024 21:13:11 GMT
etag
"5fbe40b77cbb098cdd05fab962b22cd5"
last-modified
Mon, 26 Aug 2024 20:42:37 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 db38c5279288cd1c6aea4fa2c0409120.cloudfront.net (CloudFront)
x-amz-cf-id
Ae0Zm0GsfVZsEyqsVcBtwKutpbYNtbFMwmp_9_YajWTrm2sUH9Jo2g==
x-amz-cf-pop
FRA60-P8
x-cache
Hit from cloudfront
x-content-type-options
nosniff
elements-inner-payment-6724aa5fd685952422483c45a74d6d18.html
js.stripe.com/v3/ Frame C35B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-payment-6724aa5fd685952422483c45a74d6d18.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-83.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://kaleidoscope-publishing.thrivecart.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
139
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-length
819
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 26 Aug 2024 22:04:51 GMT
etag
"6724aa5fd685952422483c45a74d6d18"
last-modified
Mon, 26 Aug 2024 20:42:23 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 db38c5279288cd1c6aea4fa2c0409120.cloudfront.net (CloudFront)
x-amz-cf-id
kOhb3YT4ESNc1I_CqZWrt0Qq1frVVe0KZuqyQiq2O5Q_e3AjFjZKpA==
x-amz-cf-pop
FRA60-P8
x-cache
Hit from cloudfront
x-content-type-options
nosniff
intent
kaleidoscope-publishing.thrivecart.com/api/v1/paypalintents/ 		503 B
883 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kaleidoscope-publishing.thrivecart.com/api/v1/paypalintents/intent
Requested by
Host: tinder.thrivecart.com
URL: https://tinder.thrivecart.com/v20240821195944/embed/v1/common.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.216.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-216-145.compute-1.amazonaws.com
Software
nginx /
Resource Hash
68512e86680b6d8550f64b53f7cc6f662546513cbe2a8afb726522df385b1f15

Request headers

Accept
application/json, text/javascript
Referer
https://kaleidoscope-publishing.thrivecart.com/cervantes-idiomas-signup/?_sc=MjE0NjM4NiM1MTIyNTI%3D
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 26 Aug 2024 22:06:22 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://kaleidoscope-publishing.thrivecart.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 19 Nov 1981 08:52:00 GMT
elements-inner-loader-ui-2e3324f13a2ead38f8ee94519ce9982f.html
js.stripe.com/v3/ Frame 5E17 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-loader-ui-2e3324f13a2ead38f8ee94519ce9982f.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-83.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://kaleidoscope-publishing.thrivecart.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
104
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-length
474
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 26 Aug 2024 22:04:38 GMT
etag
"2e3324f13a2ead38f8ee94519ce9982f"
last-modified
Mon, 26 Aug 2024 20:42:23 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 db38c5279288cd1c6aea4fa2c0409120.cloudfront.net (CloudFront)
x-amz-cf-id
VFgzL1nMz_JIlyjtYd_-u0_rf11IklK3pYiSIqAQjKPCz861cjaa9w==
x-amz-cf-pop
FRA60-P8
x-cache
Hit from cloudfront
x-content-type-options
nosniff
anchor
www.recaptcha.net/recaptcha/api2/ Frame 7D63 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdIM_caAAAAAFxTZPaupAHuI3pLR9Po-Y3m1RIz&co=aHR0cHM6Ly9rYWxlaWRvc2NvcGUtcHVibGlzaGluZy50aHJpdmVjYXJ0LmNvbTo0NDM.&hl=fr&v=i7X0JrnYWy9Y_5EYdoFM79kV&size=invisible&cb=clqokpuf9fs6
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/recaptcha__fr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-t-sE3wSFvOdWN--eExxQ6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kaleidoscope-publishing.thrivecart.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-t-sE3wSFvOdWN--eExxQ6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Mon, 26 Aug 2024 22:06:21 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
calculate
kaleidoscope-publishing.thrivecart.com/api/v1/coupons/ 		147 B
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kaleidoscope-publishing.thrivecart.com/api/v1/coupons/calculate?coupon_code=SPANISH95&entity_type=products&entity_id=213&entity_sub=46379
Requested by
Host: tinder.thrivecart.com
URL: https://tinder.thrivecart.com/v20240821195944/embed/v1/common.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.216.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-216-145.compute-1.amazonaws.com
Software
nginx /
Resource Hash
65595685de44ea5540a2a5c0452fd25212a129c030688efbf640823d5688ad12

Request headers

Accept
application/json, text/javascript
Referer
https://kaleidoscope-publishing.thrivecart.com/cervantes-idiomas-signup/?_sc=MjE0NjM4NiM1MTIyNTI%3D
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 26 Aug 2024 22:06:21 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://*.thrivecart.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 19 Nov 1981 08:52:00 GMT
js
www.paypal.com/sdk/ 		537 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AQGVHILSHEorJh_uvgz0sTx91Yek0ZzOKolsSfeAo_LyAzVhIZq5wUhpCICnzdZBMywjcIgN9_b0hD3K&merchant-id=XBG4SYCCC8LN4&enable-funding=venmo&currency=USD&components=messages%2Cbuttons%2Chosted-fields&intent=subscription&vault=true
Requested by
Host: tinder.thrivecart.com
URL: https://tinder.thrivecart.com/v20240821195944/embed/v1/checkout.v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d6a6866116ecded1f75da24ad240f0d0d5bd86e747d5ca760b9a4d4ad03e199d
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-XOAgEFoqkt+GBXkR/ohYNJe6GHY3VjVxzBn+tOXWuCL52PZC' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-XOAgEFoqkt+GBXkR/ohYNJe6GHY3VjVxzBn+tOXWuCL52PZC' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kaleidoscope-publishing.thrivecart.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-XOAgEFoqkt+GBXkR/ohYNJe6GHY3VjVxzBn+tOXWuCL52PZC' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-XOAgEFoqkt+GBXkR/ohYNJe6GHY3VjVxzBn+tOXWuCL52PZC' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
disable-set-cookie
true
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Mon, 26 Aug 2024 22:06:22 GMT
age
207
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, HIT, MISS
p3p
true
paypal-debug-id
f343203e43b7a
server-timing
"traceparent;desc="00-0000000000000000000f343203e43b7a-a093db4768f65e54-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
151548
x-xss-protection
1; mode=block
x-served-by
cache-lhr-egll1980027-LHR, cache-lcy-eglc8600092-LCY, cache-lcy-eglc8600092-LCY
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f343203e43b7a-bc4a4469a9ad41be-01
x-timer
S1724709982.174876,VS0,VE6
etag
W/"24ffc-tf1h2BS4o61DU9C4QOplIyqODEo"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0, 0
local
www.paypal.com/credit-presentment/experiments/ Frame 4AFB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/credit-presentment/experiments/local?uid=uid_osynfismgbzaaocwoagcwnxdbyuhxe&disableSetCookie=true&features=%5Bobject%20Object%5D%2Cnative-modal&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVFHVkhJTFNIRW9ySmhfdXZnejBzVHg5MVllazBaek9Lb2xzU2ZlQW9fTHlBelZoSVpxNXdVaHBDSUNuemRaQk15d2pjSWdOOV9iMGhEM0smbWVyY2hhbnQtaWQ9WEJHNFNZQ0NDOExONCZlbmFibGUtZnVuZGluZz12ZW5tbyZjdXJyZW5jeT1VU0QmY29tcG9uZW50cz1tZXNzYWdlcyUyQ2J1dHRvbnMlMkNob3N0ZWQtZmllbGRzJmludGVudD1zdWJzY3JpcHRpb24mdmF1bHQ9dHJ1ZSIsImF0dHJzIjp7ImRhdGEtcGFydG5lci1hdHRyaWJ1dGlvbi1pZCI6IlRocml2ZUNhcnRMTENfU1BfUFBDUENQRlMiLCJkYXRhLXVpZCI6InVpZF9vc3luZmlzbWdiemFhb2N3b2FnY3dueGRieXVoeGUifX0&env=production&scriptUID=uid_osynfismgbzaaocwoagcwnxdbyuhxe&version=1.64.9&integrationType=SDK
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQGVHILSHEorJh_uvgz0sTx91Yek0ZzOKolsSfeAo_LyAzVhIZq5wUhpCICnzdZBMywjcIgN9_b0hD3K&merchant-id=XBG4SYCCC8LN4&enable-funding=venmo&currency=USD&components=messages%2Cbuttons%2Chosted-fields&intent=subscription&vault=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kaleidoscope-publishing.thrivecart.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-expose-headers
Server-Timing
age
97685
cache-control
s-maxage=86400, max-age=0
content-encoding
gzip
content-length
1526
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type
text/html; charset=utf-8
date
Mon, 26 Aug 2024 22:06:22 GMT
dc
ccg11-origin-www-1.paypal.com
edge-cache-tag
up-treatments-zoid
etag
W/"1479-hZrJEn1/I7nZxrYtD5biQSscHCo"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f625290345807
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
"traceparent;desc="00-0000000000000000000f625290345807-c49dae2a3c78ccfe-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f625290345807-637a6434332d9a11-01
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
HIT, HIT, MISS
x-cache-hits
9798, 50562, 0
x-served-by
cache-lhr-egll1980044-LHR, cache-lcy-eglc8600075-LCY, cache-lcy-eglc8600075-LCY
x-timer
S1724709983.532328,VS0,VE5
x-xss-protection
1; mode=block
pptm.js
www.paypal.com/tagmanager/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=kaleidoscope-publishing.thrivecart.com&t=xo&v=5.0.456&source=payments_sdk&mrid=XBG4SYCCC8LN4&client_id=AQGVHILSHEorJh_uvgz0sTx91Yek0ZzOKolsSfeAo_LyAzVhIZq5wUhpCICnzdZBMywjcIgN9_b0hD3K&comp=messages,buttons,hosted-fields&disableSetCookie=true&vault=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQGVHILSHEorJh_uvgz0sTx91Yek0ZzOKolsSfeAo_LyAzVhIZq5wUhpCICnzdZBMywjcIgN9_b0hD3K&merchant-id=XBG4SYCCC8LN4&enable-funding=venmo&currency=USD&components=messages%2Cbuttons%2Chosted-fields&intent=subscription&vault=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d41b2c93743538ab1a54b56f4012872a358d1da2a98ccc4a4df97dc75584a3b8
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-prvdSeCDwoiaZZZ4knNsPUY0UTLa01n5LxAoBhFfI+Lu3+mg' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kaleidoscope-publishing.thrivecart.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-prvdSeCDwoiaZZZ4knNsPUY0UTLa01n5LxAoBhFfI+Lu3+mg' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 26 Aug 2024 22:06:22 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
52471
x-cache
HIT, HIT, MISS
paypal-debug-id
f917907cc6761
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4813
x-xss-protection
1; mode=block
x-served-by
cache-lhr-egll1980078-LHR, cache-lcy-eglc8600092-LCY, cache-lcy-eglc8600092-LCY
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f917907cc6761-b566172fd03094d2-01
x-timer
S1724709982.488908,VS0,VE8
etag
W/"36de-Atp3FBKMXtM2j1CqTcP4OJSkv/c"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=3600
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
4, 0, 0
buttons
www.paypal.com/smart/ Frame D42B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/smart/buttons?style.layout=vertical&style.shape=rect&style.tagline=false&style.menuPlacement=below&allowBillingPayments=true&applePaySupport=false&buttonSessionID=uid_25a59e1936_mji6mdy6mji&clientAccessToken=A21AAODvQ9PlxBnOBgGSXLDAO12cZEvOLt3wt7LR21DyLf6kzYBMfWdMPPTLLIEzTasuvGlkAB_YKBUPuGbvtdqQZYezDSrcg&customerId=&clientID=AQGVHILSHEorJh_uvgz0sTx91Yek0ZzOKolsSfeAo_LyAzVhIZq5wUhpCICnzdZBMywjcIgN9_b0hD3K&clientMetadataID=uid_a2c51f3e2c_mji6mdy6mji&commit=true&components.0=buttons&components.1=hosted-fields&components.2=messages&currency=USD&debug=false&disableSetCookie=true&enableFunding.0=venmo&env=production&experiment.enableVenmo=false&experiment.venmoVaultWithoutPurchase=false&flow=subscription_setup&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwibWFlc3RybyI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGluZXJzIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJjdXAiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjp0cnVlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG9iYW5jYXJpbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNhdGlzcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBhaWR5Ijp7ImVsaWdpYmxlIjpmYWxzZX19&intent=subscription&locale.country=US&locale.lang=en&merchantID.0=XBG4SYCCC8LN4&hasShippingCallback=false&pageType=checkout&platform=desktop&renderedButtons.0=paypal&renderedButtons.1=card&sessionID=uid_a2c51f3e2c_mji6mdy6mji&sdkCorrelationID=f29715930c5c5&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVFHVkhJTFNIRW9ySmhfdXZnejBzVHg5MVllazBaek9Lb2xzU2ZlQW9fTHlBelZoSVpxNXdVaHBDSUNuemRaQk15d2pjSWdOOV9iMGhEM0smbWVyY2hhbnQtaWQ9WEJHNFNZQ0NDOExONCZlbmFibGUtZnVuZGluZz12ZW5tbyZjdXJyZW5jeT1VU0QmY29tcG9uZW50cz1tZXNzYWdlcyUyQ2J1dHRvbnMlMkNob3N0ZWQtZmllbGRzJmludGVudD1zdWJzY3JpcHRpb24mdmF1bHQ9dHJ1ZSIsImF0dHJzIjp7ImRhdGEtcGFydG5lci1hdHRyaWJ1dGlvbi1pZCI6IlRocml2ZUNhcnRMTENfU1BfUFBDUENQRlMiLCJkYXRhLXVpZCI6InVpZF9vc3luZmlzbWdiemFhb2N3b2FnY3dueGRieXVoeGUifX0&sdkVersion=5.0.456&storageID=uid_9d02875463_mji6mdy6mji&supportedNativeBrowser=false&supportsPopups=true&vault=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQGVHILSHEorJh_uvgz0sTx91Yek0ZzOKolsSfeAo_LyAzVhIZq5wUhpCICnzdZBMywjcIgN9_b0hD3K&merchant-id=XBG4SYCCC8LN4&enable-funding=venmo&currency=USD&components=messages%2Cbuttons%2Chosted-fields&intent=subscription&vault=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.venmo.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kaleidoscope-publishing.thrivecart.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-disposition
inline
content-encoding
gzip
content-security-policy
form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.venmo.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
date
Mon, 26 Aug 2024 22:06:23 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"776ae-iBuNj5t3l7VXBW9uYkVvnVNzYUo"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p
true
paypal-debug-id
f227449066e5d
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
"traceparent;desc="00-0000000000000000000f227449066e5d-2651899c84ab41e6-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f227449066e5d-feb9a28ede17a6af-01
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
MISS, MISS, MISS
x-cache-hits
0, 0, 0
x-content-type-options
nosniff
x-csrf-jwt
__blank__
x-served-by
cache-lhr-egll1980065-LHR, cache-lcy-eglc8600075-LCY, cache-lcy-eglc8600075-LCY
x-timer
S1724709983.589298,VS0,VE524
x-xss-protection
1; mode=block
paypal-blue.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 4014 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F05) /
Resource Hash
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 22:06:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
d18d9e9ea48ff
dc
ccg11-origin-www-1.paypal.com
content-length
1207
last-modified
Tue, 04 Apr 2023 21:46:19 GMT
server
ECAcc (paa/6F05)
traceparent
00-0000000000000000000d18d9e9ea48ff-876595a86b750599-01
etag
W/"642c9aab-cc2"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Mon, 26 Aug 2024 23:06:22 GMT
card-white.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 4014 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/js-sdk-logos/2.2.7/card-white.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F71) /
Resource Hash
1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 22:06:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
5976a99a83c65
dc
ccg11-origin-www-1.paypal.com
content-length
637
last-modified
Tue, 04 Apr 2023 21:46:19 GMT
server
ECAcc (paa/6F71)
traceparent
00-00000000000000000005976a99a83c65-4f3dc1583854614f-01
etag
W/"642c9aab-54e"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Mon, 26 Aug 2024 23:06:22 GMT
logger
www.paypal.com/xoplatform/logger/api/ 		975 B
907 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQGVHILSHEorJh_uvgz0sTx91Yek0ZzOKolsSfeAo_LyAzVhIZq5wUhpCICnzdZBMywjcIgN9_b0hD3K&merchant-id=XBG4SYCCC8LN4&enable-funding=venmo&currency=USD&components=messages%2Cbuttons%2Chosted-fields&intent=subscription&vault=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0f84a9408134d0f90d67a21b519059dbe9753ecd426dff8bbf20f56ec8cce3ea
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://kaleidoscope-publishing.thrivecart.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Mon, 26 Aug 2024 22:06:22 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS, MISS
paypal-debug-id
f227449a9c7bf
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-lhr-egll1980060-LHR, cache-lcy-eglc8600084-LCY, cache-lcy-eglc8600084-LCY
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f227449a9c7bf-e83551aec9f59f85-01
x-timer
S1724709983.794447,VS0,VE183
etag
W/"3cf-zXHtaDk2vEXAGpwpm5eap2s+rj0"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://kaleidoscope-publishing.thrivecart.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0, 0, 0
muse.js
www.paypalobjects.com/muse/ 		55 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/muse.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=kaleidoscope-publishing.thrivecart.com&t=xo&v=5.0.456&source=payments_sdk&mrid=XBG4SYCCC8LN4&client_id=AQGVHILSHEorJh_uvgz0sTx91Yek0ZzOKolsSfeAo_LyAzVhIZq5wUhpCICnzdZBMywjcIgN9_b0hD3K&comp=messages,buttons,hosted-fields&disableSetCookie=true&vault=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F2E) /
Resource Hash
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://kaleidoscope-publishing.thrivecart.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 22:06:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
d50f9d0e2a5a3
dc
ccg11-origin-www-1.paypal.com
content-length
16355
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
server
ECAcc (paa/6F2E)
traceparent
00-0000000000000000000d50f9d0e2a5a3-e556e26d3529b4db-01
etag
"64f25363-daa8+gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Mon, 26 Aug 2024 23:06:22 GMT
ts
t.paypal.com/ 		42 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AXBG4SYCCC8LN4-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AXBG4SYCCC8LN4-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=1ec5a5e9-f102-49a8-9141-9bf78b611e71&fltp=analytics&mrid=XBG4SYCCC8LN4&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=cervantes-idiomas.com%20%C2%BB%20Powered%20by%20ThriveCart&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1724709982605&g=-120&completeurl=https%3A%2F%2Fkaleidoscope-publishing.thrivecart.com%2Fcervantes-idiomas-signup%2F%3F_sc%3DMjE0NjM4NiM1MTIyNTI%253D&ru=https%3A%2F%2Fr.emails.oxfordlanguageclub.com%2F&disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.131.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://kaleidoscope-publishing.thrivecart.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Mon, 26 Aug 2024 22:06:22 GMT
date
Mon, 26 Aug 2024 22:06:22 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
1180bc2956e08
server-timing
"traceparent;desc="00-00000000000000000001180bc2956e08-6a9052d75fe6572f-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-lhr-egll1980050-LHR, cache-lcy-eglc8600032-LCY
pragma
no-cache
correlation-id
1180bc2956e08
traceparent
00-00000000000000000001180bc2956e08-c65e73a8db547f88-01
x-timer
S1724709983.692826,VS0,VE146
vary
Accept-Encoding
content-type
image/gif
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0, 0
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://kaleidoscope-publishing.thrivecart.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://kaleidoscope-publishing.thrivecart.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
0
date
Mon, 26 Aug 2024 22:06:22 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f22744936282f
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f22744936282f-383a15b3664d85ba-01
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
MISS, MISS, MISS
x-cache-hits
0, 0, 0
x-content-type-options
nosniff
x-served-by
cache-lhr-egll1980088-LHR, cache-lcy-eglc8600084-LCY, cache-lcy-eglc8600084-LCY
x-timer
S1724709983.610146,VS0,VE164
bframe
www.recaptcha.net/recaptcha/api2/ Frame D70B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api2/bframe?hl=fr&v=i7X0JrnYWy9Y_5EYdoFM79kV&k=6LdIM_caAAAAAFxTZPaupAHuI3pLR9Po-Y3m1RIz
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/recaptcha__fr.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VahTM3DLVKvy33rEBPCm3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kaleidoscope-publishing.thrivecart.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-VahTM3DLVKvy33rEBPCm3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Mon, 26 Aug 2024 22:06:22 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
heartbeat
kaleidoscope-publishing.thrivecart.com/api/v1/statistics/ 		25 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kaleidoscope-publishing.thrivecart.com/api/v1/statistics/heartbeat?data%5Baccount_id%5D=6253&data%5Bviewer_id%5D=429583657794850655&data%5Bproduct_id%5D=213&data%5Btc_flow%5D=&data%5Btco%5D=&data%5Btcv%5D=&data%5Bping_id%5D=&data%5Buv%5D=8
Requested by
Host: tinder.thrivecart.com
URL: https://tinder.thrivecart.com/v20240821195944/embed/v1/common.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.216.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-216-145.compute-1.amazonaws.com
Software
nginx /
Resource Hash
717c83b4a00e4baa507d792e464c1579944003d3cdaf52b424edf97f125fb36d

Request headers

Accept
application/json, text/javascript
Referer
https://kaleidoscope-publishing.thrivecart.com/cervantes-idiomas-signup/?_sc=MjE0NjM4NiM1MTIyNTI%3D
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 26 Aug 2024 22:06:22 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://*.thrivecart.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 19 Nov 1981 08:52:00 GMT
index.html
www.paypalobjects.com/muse/analytics/ Frame 6070 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/analytics/index.html
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F45) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://kaleidoscope-publishing.thrivecart.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
gzip
content-length
16754
content-type
text/html
date
Mon, 26 Aug 2024 22:06:22 GMT
dc
ccg11-origin-www-1.paypal.com
etag
"64f25363-dacc+gzip"
expires
Mon, 26 Aug 2024 23:06:22 GMT
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
paypal-debug-id
bebd73dfd23a3
server
ECAcc (paa/6F45)
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
traceparent
00-0000000000000000000bebd73dfd23a3-bb8508b5f3923fe1-01
vary
Accept-Encoding
x-cache
HIT
x-content-type-options
nosniff
ts
t.paypal.com/ 		42 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AXBG4SYCCC8LN4-1&page=muse%3Aoffer%3A%3A%3AXBG4SYCCC8LN4-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=1ec5a5e9-f102-49a8-9141-9bf78b611e71&es=visitorInfoFlowStarted&mrid=XBG4SYCCC8LN4&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=cervantes-idiomas.com%20%C2%BB%20Powered%20by%20ThriveCart&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1724709982880&g=-120&completeurl=https%3A%2F%2Fkaleidoscope-publishing.thrivecart.com%2Fcervantes-idiomas-signup%2F%3F_sc%3DMjE0NjM4NiM1MTIyNTI%253D&disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.131.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://kaleidoscope-publishing.thrivecart.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Mon, 26 Aug 2024 22:06:22 GMT
date
Mon, 26 Aug 2024 22:06:23 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
e3382321b7009
server-timing
"traceparent;desc="00-0000000000000000000e3382321b7009-e584bb66ee8d0bfb-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-lhr-egll1980062-LHR, cache-lcy-eglc8600032-LCY
pragma
no-cache
correlation-id
e3382321b7009
traceparent
00-0000000000000000000e3382321b7009-b69beab16dace6dd-01
x-timer
S1724709983.890782,VS0,VE136
vary
Accept-Encoding
content-type
image/gif
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0, 0
hcaptcha-invisible-faa72c6911ed7b29f103ab1a33feeac1.html
js.stripe.com/v3/ Frame 8EF7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/hcaptcha-invisible-faa72c6911ed7b29f103ab1a33feeac1.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.172.112.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-83.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-cs3kqCbrpqf6rOGIBtGEyTUQrXTu30OfLlHgVnpv0Ik='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
1310
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-encoding
br
content-security-policy
base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-cs3kqCbrpqf6rOGIBtGEyTUQrXTu30OfLlHgVnpv0Ik='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 26 Aug 2024 21:44:55 GMT
etag
W/"040dcc4bba3bc66cd990b8a0da47e040"
last-modified
Mon, 26 Aug 2024 20:42:37 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 c0ddd35bae9510a7268b5854c63453cc.cloudfront.net (CloudFront)
x-amz-cf-id
ArTq1bmecuEK79y6TPmU1i3CcOf7Zxxz5uvIrT9g4DgMTOEtyotdiQ==
x-amz-cf-pop
FRA60-P8
x-cache
Hit from cloudfront
x-content-type-options
nosniff

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 function| $script object| _context object| _thrive object| _tcdynamic object| Channel function| $ function| ender object| global function| require function| provide function| Module object| async function| merge function| validate function| _thrive_hooks function| ClipboardJS function| Cookie function| thrive$ function| initialiseThriveCheckout object| ThriveCart function| emoji_lib object| cqApi object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| webpackChunkStripeJSouter function| noop function| Stripe object| orderForm object| closure_lm_251503 object| __post_robot_11_0_0___uid_osynfismgbzaaocwoagcwnxdbyuhxe object| paypal object| __zoid_10_3_3___uid_osynfismgbzaaocwoagcwnxdbyuhxe object| paypalDDL string| PaypalOffersObject function| ppq object| __post_robot_10_0_44__ object| PAYPAL

9 Cookies

Domain/Path Name / Value
www.recaptcha.net/recaptcha Name: _GRECAPTCHA
Value: 09AMAEUMAepeKHw78RJ4mKhml93TDs7ZEwaWxkQjMG6ftjoh8qb6M5ppLOJLG8uDzao4EXY_L4PabqYH3NYT8Eqyw
sibautomation.com/ Name: uuid
Value: cb8caead-e72c-47a5-a0ca-d6cd58bb3c27
.thrivecart.com/ Name: thrivecart_v2
Value: 5ed627mb2c291iqm0hcpkvcq62
m.stripe.com/ Name: m
Value: 4df5b5ec-b116-46c9-8f8b-cb27184da4017a7d1a
.kaleidoscope-publishing.thrivecart.com/ Name: __stripe_mid
Value: 19240d4e-f316-4daf-8244-187966d2329cd7af3e
.kaleidoscope-publishing.thrivecart.com/ Name: __stripe_sid
Value: 20655eb5-91ed-448f-8a2f-7a5bde66fd915e83d6
.paypal.com/ Name: ts
Value: vreXpYrS%3D1819317983%26vteXpYrS%3D1724711783%26vr%3D90b9d4a61910a551c8b3d622fd8ad376%26vt%3D90b9d4a61910a551c8b3d622fd8ad375%26vtyp%3Dnew
.paypal.com/ Name: ts_c
Value: vr%3D90b9d4a61910a551c8b3d622fd8ad376%26vt%3D90b9d4a61910a551c8b3d622fd8ad375
api.hcaptcha.com/ Name: hmt_id
Value: 86ed8692-847c-46f7-98fc-7743e1208526

4 Console Messages

Source Level URL
Text
other warning URL: https://kaleidoscope-publishing.thrivecart.com/cervantes-idiomas-signup/?_sc=MjE0NjM4NiM1MTIyNTI%3D
Message:
Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other warning URL: https://kaleidoscope-publishing.thrivecart.com/cervantes-idiomas-signup/?_sc=MjE0NjM4NiM1MTIyNTI%3D
Message:
Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".
other warning URL: https://kaleidoscope-publishing.thrivecart.com/cervantes-idiomas-signup/?_sc=MjE0NjM4NiM1MTIyNTI%3D
Message:
Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other warning URL: https://kaleidoscope-publishing.thrivecart.com/cervantes-idiomas-signup/?_sc=MjE0NjM4NiM1MTIyNTI%3D
Message:
Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.bunny.net
js.stripe.com
kaleidoscope-publishing.thrivecart.com
r.emails.oxfordlanguageclub.com
sibautomation.com
spark.thrivecart.com
t.paypal.com
tinder.thrivecart.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.recaptcha.net
1.179.112.197
142.250.186.163
151.101.131.1
151.101.193.21
18.155.129.114
18.172.112.18
18.172.112.83
18.238.243.10
192.229.221.25
2400:52e0:1e00::1079:1
2606:4700:4400::6812:278d
2a00:1450:4001:81c::2003
2a00:1450:4001:82b::2003
54.144.216.145
0178efc1cd691a4412d88770fcca9ec0c7355669113c7b4d707fa4b21bb9df9c
0f84a9408134d0f90d67a21b519059dbe9753ecd426dff8bbf20f56ec8cce3ea
1adbfd18a8f0c9a57e3612bd4a310fe29e320a7a8c5fb05b6eaad5d564f66858
1beb1ffc4631dc233334ae5761d9504dc38ede5e85ade396dcc35613ed146507
1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b
1ea43035ddb9d5d4082877fcbc9d56ce3efd406c77926ba79db44d37910ba686
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
2506c8e0808d3bf801f3316a1a83bbab1336624ba6fd86fedfe4d99fc0ba1ec9
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
3701cbff3acccd80b1f2eede4311050514f7a64c2039eb77a77368fcd6e3de28
440d8cb4766de79300cc758fbeaec839be24d8fba27d74ea25f87b5d23683bc6
4ff40fb5a2aea4aee1a72ed5c530e9e6db69247d05424747e76343c82b827a7d
51070acc56c3a5939f237449521937fbe50f656ba2d50de96a08cf775807d465
52b34c81a087fe1de2aa984d16f3a7e70f502eb5a6c69c51d88ec0741b0aa0c4
5b981d8afb8ac46993778d1d3800121c64a7748195d31c472de9e7ec9e3e4382
6397534af6f8ea868872a1e8aa3c864358cb58ecae394ebed7f13235ed5e5ca2
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
65595685de44ea5540a2a5c0452fd25212a129c030688efbf640823d5688ad12
676fcead0d6741d54682aeb985375e26284a0f7a8496493a1fea19d7aa072df5
68512e86680b6d8550f64b53f7cc6f662546513cbe2a8afb726522df385b1f15
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
717c83b4a00e4baa507d792e464c1579944003d3cdaf52b424edf97f125fb36d
720546bd1109304dfb6076e22b74c2afeaca0b38c819d019eccb1a2e91e6f0be
74c908b8e0d99745e382ff041d3129e2020a06e3030c7a4500d24756a46c1085
7b215142aa7e7b49394ea869774a3736f94d6a273d2d763de07d9a387086592c
84df2e076a7367cd9dfc5b3b8d3175ce1680978e75b9b906d152513e800c77ff
8e8613104fb69a46cff2ed57b6c9b4707a3dd0a64436b262295f41b34c4fb9de
90b093d0632304ca9774e284386055b0ed71a42c06749090619f15977999e32a
9dcea744a61c25835eaa656d140c712a9f6429359a46e92084791887de17fd02
a45ddaa3b4e5d703fc40bfd583bb09c90df22b834f2a7c132a9fab8cf79a6a09
a71e519e44faaa2a518544f31c899590cd80076d09814d015b69e64dd9202128
b2362f1c2a377dd386a3929b9fb2dc5fabfbc2a7f102e29009bfe09c6833849c
c3ee04269584e97fd45e150b583e111246097e743f544e7db8a9ede70bdec9df
cb0ab61f6138cc779eef4628d07d7291eef8d058c7ee142f7d0f87e89d1ae945
cb1914163e0c6e2fe0897354bf4cee2e0656160a31ff6673d97466caffc38969
d41b2c93743538ab1a54b56f4012872a358d1da2a98ccc4a4df97dc75584a3b8
d6a6866116ecded1f75da24ad240f0d0d5bd86e747d5ca760b9a4d4ad03e199d
f350c708b5e7748a452b4b98600fa49127166d995686e260ccafb58d51a4ea62