info.hearandplay.com Open in urlscan Pro
172.67.74.215 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.eartutor.com/
Effective URL:
https://info.hearandplay.com/eartutor/
Submission: On August 05 via api (August 5th 2024, 7:29:46 pm UTC) from US — Scanned from DE

Summary HTTP 64 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 20 domains to perform 64 HTTP transactions. The main IP is 172.67.74.215, located in United States and belongs to CLOUDFLARENET, US. The main domain is info.hearandplay.com.
TLS certificate: Issued by WE1 on July 6th 2024. Valid for: 3 months.

This is the only time info.hearandplay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.33.251.168 3.33.251.168	16509 (AMAZON-02) (AMAZON-02)
1 31	172.67.74.215 172.67.74.215	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
2	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:78f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.102.11 18.66.102.11	16509 (AMAZON-02) (AMAZON-02)
2	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	13.33.187.109 13.33.187.109	16509 (AMAZON-02) (AMAZON-02)
3	2a01:111:202c... 2a01:111:202c::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 3	2606:4700::68... 2606:4700::6812:1feb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	143.204.215.6 143.204.215.6	16509 (AMAZON-02) (AMAZON-02)
1 4	2600:9000:264... 2600:9000:2644:9200:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
2	13.32.23.227 13.32.23.227	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d018:cc3... 2a05:d018:cc3:fe05:631e:1560:b06d:b3c3	16509 (AMAZON-02) (AMAZON-02)
64	22

1 3.33.251.168 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com

www.eartutor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 172.67.74.215 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

info.hearandplay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:78f (United States)

ASN13335 (CLOUDFLARENET, US)

hearandplay.infusionsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-11.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.187.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-109.fra60.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a01:111:202c::237 (United Kingdom)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:1feb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hearandplay.infusionsoft.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.215.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-6.fra53.r.cloudfront.net

beacon-v2.helpscout.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2644:9200:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.23.227 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-227.fra56.r.cloudfront.net

d3hb14vkzrxvla.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe05:631e:1560:b06d:b3c3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	hearandplay.com 1 redirects info.hearandplay.com	2 MB
5	adroll.com 1 redirects s.adroll.com — Cisco Umbrella Rank: 5194 d.adroll.com — Cisco Umbrella Rank: 2660	30 KB
3	helpscout.net beacon-v2.helpscout.net — Cisco Umbrella Rank: 23058	36 KB
3	infusionsoft.app 1 redirects hearandplay.infusionsoft.app	1 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 534	15 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104 ssl.google-analytics.com — Cisco Umbrella Rank: 951	38 KB
2	cloudfront.net d3hb14vkzrxvla.cloudfront.net	9 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	73 KB
2	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4988	2 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1335 script.hotjar.com — Cisco Umbrella Rank: 2017	60 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 176	22 KB
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 77	64 B
1	gstatic.com fonts.gstatic.com	48 KB
1	youtube.com www.youtube.com — Cisco Umbrella Rank: 84
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1223	7 KB
1	infusionsoft.com hearandplay.infusionsoft.com	3 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	93 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
1	eartutor.com 1 redirects www.eartutor.com	327 B
64	20

	Domain	Requested by
31	info.hearandplay.com	1 redirects info.hearandplay.com static.cloudflareinsights.com
4	s.adroll.com	1 redirects info.hearandplay.com s.adroll.com
3	beacon-v2.helpscout.net	info.hearandplay.com beacon-v2.helpscout.net
3	hearandplay.infusionsoft.app	1 redirects hearandplay.infusionsoft.com
3	bat.bing.com	info.hearandplay.com bat.bing.com
2	d3hb14vkzrxvla.cloudfront.net	beacon-v2.helpscout.net
2	www.facebook.com	info.hearandplay.com
2	ssl.google-analytics.com	info.hearandplay.com
2	connect.facebook.net	info.hearandplay.com connect.facebook.net
2	dev.visualwebsiteoptimizer.com	info.hearandplay.com
2	www.googleadservices.com	info.hearandplay.com www.googleadservices.com
1	d.adroll.com	s.adroll.com
1	googleads.g.doubleclick.net	info.hearandplay.com
1	script.hotjar.com	static.hotjar.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.youtube.com	info.hearandplay.com
1	www.google-analytics.com	info.hearandplay.com
1	static.hotjar.com	info.hearandplay.com
1	static.cloudflareinsights.com	info.hearandplay.com
1	hearandplay.infusionsoft.com	info.hearandplay.com
1	www.googletagmanager.com	info.hearandplay.com
1	fonts.googleapis.com	info.hearandplay.com
1	www.eartutor.com	1 redirects
64	23

This site contains links to these domains. Also see Links.

Domain
hearandplay.infusionsoft.com

Subject Issuer	Validity	Valid
hearandplay.com WE1	`2024-07-06` - `2024-10-04`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.googleadservices.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
infusionsoft.com WE1	`2024-07-01` - `2024-09-29`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-07-06` - `2024-10-04`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2024-06-29` - `2025-07-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-15` - `2024-08-13`	3 months	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
infusionsoft.app WE1	`2024-06-30` - `2024-09-28`	3 months	crt.sh
*.helpscout.net Amazon RSA 2048 M03	`2024-03-18` - `2025-04-15`	a year	crt.sh
s.adroll.com Amazon RSA 2048 M02	`2024-05-03` - `2025-06-01`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2023-10-09` - `2024-11-07`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://info.hearandplay.com/eartutor/
Frame ID: E61089B4EB40D67E082DC579EC5FAD2B
Requests: 59 HTTP requests in this frame

Frame: https://www.youtube.com/embed/DvzegCboTLI?rel=0&modestbranding=1&controls=0&showinfo=0&fs=0&wmode=transparent
Frame ID: 694E3C2BD97D0AFB69E61BC1162D7EF9
Requests: 1 HTTP requests in this frame

Frame: https://info.hearandplay.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js
Frame ID: 50CAB2A939F872127056DA16FAA4E233
Requests: 2 HTTP requests in this frame

Frame: https://hearandplay.infusionsoft.app/app/webTracking/websiteTriggerIframe
Frame ID: FC03F55751ADE94F40A237B44FC2A100
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ear Tutor Video |

Page URL History Show full URLs

https://www.eartutor.com/ HTTP 301
https://info.hearandplay.com/eartutor/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

64
Requests

95 %
HTTPS

61 %
IPv6

20
Domains

23
Subdomains

22
IPs

4
Countries

2073 kB
Transfer

3874 kB
Size

21
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://hearandplay.infusionsoft.com/app/orderForms/eartutor
Title: Download Your Copy Of Ear Tutor Today - Only $37!ADD TO CART

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.eartutor.com/ HTTP 301
https://info.hearandplay.com/eartutor/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://info.hearandplay.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://info.hearandplay.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js

Request Chain 56

https://s.adroll.com/j/pre/6SDFSZUURJHEVEPXCEPRBW/IA65MQKO6VBQFN3VR7DSZW/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 61

https://hearandplay.infusionsoft.app/app/webTracking/contact/1722886175289?contactId=0&screenResolution=1600x1200&plugins=&javaEnabled=false&domain=info.hearandplay.com&location=https://info.hearandplay.com/eartutor/&referrer= HTTP 302
https://hearandplay.infusionsoft.app/slices/spacer.gif

64 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
info.hearandplay.com/eartutor/
Redirect Chain

https://www.eartutor.com/
https://info.hearandplay.com/eartutor/

77 KB
17 KB

1317ms
1081ms

Document
text/html

172.67.74.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.hearandplay.com/eartutor/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.5.38

Resource Hash

199dc1bb1476d54a8139904162b68dbd07594e340feac8a1cc259b333e5950e2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8ae93252cb7c5d88-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
date: Mon, 05 Aug 2024 19:29:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=56Ae8k4C7dZqPtiqYQ%2BZJQBW7wBYWZcMKc2pxI9FS4hC%2BRqlGup1wvm44qZcaAKzhsH5e5%2BHTkT%2Ftxzls8KTno3%2BNyW9rki5WHnNfvks0pXet6CGls34%2FSn44zTOjoI%2FwiSfxpGe"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Cookie
x-powered-by: PHP/5.5.38
x-turbo-charged-by: LiteSpeed

Redirect headers

Connection: close
Content-Length: 73
Content-Type: text/html; charset=utf-8
Date: Mon, 05 Aug 2024 19:29:32 GMT
Location: https://info.hearandplay.com/eartutor/
Server: ip-100-74-4-250.eu-west-2.compute.internal
Vary: Accept-Encoding
X-Request-Id: 5b1f3809-0734-4b9b-ae0b-a48b9c6634d7

GET
H3 200 base.css
info.hearandplay.com/wp-content/plugins/thrive-visual-editor/landing-page/templates/css/ 704 B
797 B 400ms
377ms Stylesheet
text/css 172.67.74.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.hearandplay.com/wp-content/plugins/thrive-visual-editor/landing-page/templates/css/base.css?ver=2.1.12

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d16400e6b2166cf4a5b37b2216cde40c8637e6693cf623abbee9f8cd21a7dc33

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://info.hearandplay.com/eartutor/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:29:34 GMT
strict-transport-security: max-age=31536000
content-encoding: br
content-security-policy: upgrade-insecure-requests;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 08 Apr 2019 06:26:29 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ni98duFxLo%2FjraUPj1qL7r1RTrVdl40YB5%2Fm4U5oVVNybx3pxkqtn6voqtM27cLCNUphUuNQ%2FfNF1eMdpcU4BcaqWOmzOI4BBwEyZx%2Fhnpbj9YIm9I%2FXuek1zTwfNHTTt3K9H4%2B4"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8ae9325aee0b5d88-FRA
expires: Mon, 12 Aug 2024 19:29:34 GMT

GET
H3 200 style.min.css
info.hearandplay.com/wp-includes/css/dist/block-library/ 25 KB
5 KB 427ms
404ms Stylesheet
text/css 172.67.74.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.hearandplay.com/wp-includes/css/dist/block-library/style.min.css?ver=5.1.19

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94f80c87390a84a3761860b1ce0764da77bb81d6f11cb3d059339148589aaf5c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://info.hearandplay.com/eartutor/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:29:34 GMT
strict-transport-security: max-age=31536000
content-encoding: br
content-security-policy: upgrade-insecure-requests;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 15 Apr 2021 13:22:22 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NeGgm77y0l6XGh3PGDYRIDEqWJjvDjyuBQFgdWakkst4k9kQSyBJ1pZQ%2B6vOX6zQVFCSJclJs17QuYeiljfHt%2BvyuRsAFQXgLCAJTbPDJFOoy52VMrNKiAhHHF9z2PXsYZ%2BNlGkV"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8ae9325aee0f5d88-FRA
expires: Mon, 12 Aug 2024 19:29:34 GMT

GET
H3 200 thrive_flat.css
info.hearandplay.com/wp-content/plugins/thrive-visual-editor/editor/css/ 396 KB
47 KB 637ms
614ms Stylesheet
text/css 172.67.74.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.hearandplay.com/wp-content/plugins/thrive-visual-editor/editor/css/thrive_flat.css?ver=2.1.12

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ce1c74d2e4611f9c734676a588a47a97c6c3c7371343c81cc4d34a92264e9cb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://info.hearandplay.com/eartutor/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:29:34 GMT
strict-transport-security: max-age=31536000
content-encoding: br
content-security-policy: upgrade-insecure-requests;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 08 Apr 2019 06:26:29 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DHeQ1SmLLzAUyFbOnqW%2FOvlRM6KUKaNep3U39%2FcwUZL%2By6L2gQoQ4HM53NRynPFrdZuMNsSWZ5QBNPytbxk9XKrVbVhZoD9IO1rFb9WvjPIiisc7tsi%2Bg2rr82rIrNIiylPXH9ha"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8ae9325aee115d88-FRA
expires: Mon, 12 Aug 2024 19:29:34 GMT

GET
H2 200 css
fonts.googleapis.com/ 22 KB
2 KB 704ms
59ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700%2C400italic%2C700italic&ver=5.1.19

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dc8e02e4c8cbc847c79e57f90b4255e2d1fdc8938b8f63455eb8187f0981e6f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://info.hearandplay.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Aug 2024 19:29:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 05 Aug 2024 19:29:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Aug 2024 19:29:34 GMT

GET
H3 200 checkout.css
info.hearandplay.com/wp-content/plugins/thrive-apprentice/css/ 4 KB
1 KB 399ms
376ms Stylesheet
text/css 172.67.74.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.hearandplay.com/wp-content/plugins/thrive-apprentice/css/checkout.css?ver=2.1.5

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

692f6f364bbd9accd6866c67deb823580f463e1b7ea1fc81071abc2d5015ad26

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://info.hearandplay.com/eartutor/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:29:34 GMT
strict-transport-security: max-age=31536000
content-encoding: br
content-security-policy: upgrade-insecure-requests;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 08 Apr 2019 06:26:27 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ne1u5Bsmg50V5rl9VctXrXD890tcvrbSQzyhnSNfPJyxZUwwfQ3TAXBIGmpZZ2oqk5cSSJd65pkCqRN6xSYC3wroznJHZlUYBVETBdnx0%2B0uEjQYm%2BFBUQD3NH2PXtqDupIJdcGd"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8ae9325aee135d88-FRA
expires: Mon, 12 Aug 2024 19:29:34 GMT

GET
H3 200 default.min.css
info.hearandplay.com/wp-content/plugins/optimizePressPlugin/lib/assets/ 395 KB
58 KB 614ms
592ms Stylesheet
text/css 172.67.74.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.hearandplay.com/wp-content/plugins/optimizePressPlugin/lib/assets/default.min.css?ver=2.5.10.2

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d523a3d1c1de051b11ecc17709cdf490fd2c4caf10f13417e2c74569ad6d79fd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://info.hearandplay.com/eartutor/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:29:34 GMT
strict-transport-security: max-age=31536000
content-encoding: br
content-security-policy: upgrade-insecure-requests;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 16 Sep 2017 17:12:38 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IeyB6LETENz%2FNBjJk4oaPcVxnsB6Kln7J%2F8MGWfiNgGTVY7W3iSaVWVwyJrdrkZvhWD1S6lKyqz5U4MChQ%2B%2B0xL63C4hSctxzd1xL6QYpv6JcHB7OAYeC%2FqjLag8dHadIGnbLMVp"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8ae9325aee145d88-FRA
expires: Mon, 12 Aug 2024 19:29:34 GMT

GET
H3 200 jquery.js Show response
info.hearandplay.com/wp-includes/js/jquery/ 95 KB
35 KB 505ms
483ms Script
application/javascript 172.67.74.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.hearandplay.com/wp-includes/js/jquery/jquery.js?ver=1.12.4

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://info.hearandplay.com/eartutor/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:29:34 GMT
strict-transport-security: max-age=31536000
content-encoding: br
content-security-policy: upgrade-insecure-requests;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 05 Sep 2019 01:22:33 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6gcUPufU3uKIwTi5%2Be8VJs2M0vRbPIm9yxwr%2FcdynWlvYFLtT8no%2FaWgerNBytz1EtQx1wn0sfUta3RPDuGFWP0LVOXCbc8LEunqtZHhlihLAVSPgDSNyp2sbhks%2ByP6pWJON%2Fq8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8ae9325aee165d88-FRA
expires: Mon, 12 Aug 2024 19:29:34 GMT

GET
H3 200 jquery-migrate.min.js Show response
info.hearandplay.com/wp-includes/js/jquery/ 10 KB
4 KB 398ms
376ms Script
application/javascript 172.67.74.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.hearandplay.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://info.hearandplay.com/eartutor/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:29:34 GMT
strict-transport-security: max-age=31536000
content-encoding: br
content-security-policy: upgrade-insecure-requests;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 29 Apr 2017 04:22:32 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZwgI1%2BQnAxDFZdyOv4hcmiOH6m4VPevuZ97u4zAulMYUXBo3xUHjXgON1jvPQ3qYM5%2Bvb%2F1dfLAvGwJ8QdZIGuWpPJdaKZRqAwWektn0m0SkJsXfa11eC6TgaxuQHmVHVsUvqQMH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8ae9325aee1b5d88-FRA
expires: Mon, 12 Aug 2024 19:29:34 GMT

GET
H3 200 op-jquery-base-all.min.js Show response
info.hearandplay.com/wp-content/plugins/optimizePressPlugin/lib/js/ 52 KB
17 KB 204ms
188ms Script
application/javascript 172.67.74.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.hearandplay.com/wp-content/plugins/optimizePressPlugin/lib/js/op-jquery-base-all.min.js?ver=2.5.10.2

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fee229982b7fc656f15dcd65b57a0ad868d5a4aef350eff7828a92de4044ef05

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://info.hearandplay.com/eartutor/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:29:33 GMT
strict-transport-security: max-age=31536000
content-encoding: br
content-security-policy: upgrade-insecure-requests;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 6472
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 16 Sep 2017 17:12:38 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tcHPF%2BqLoi9c0S4kALrp8KRKrE8uRqJTadFkvPH9XASahT92dOEQNwr0CXnaIZajQW87HiJUFieHjK3CRna0SLtijBWOjlNtJLdiF9V2i963l9Rd0lFhPunNwE7ySSBbST5oaFKj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8ae9325aee205d88-FRA
expires: Mon, 12 Aug 2024 17:41:41 GMT

GET
H3 200 js_cookie.js Show response
info.hearandplay.com/wp-content/themes/OptimizePress/js/ 613 B
821 B 393ms
376ms Script
application/javascript 172.67.74.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.hearandplay.com/wp-content/themes/OptimizePress/js/js_cookie.js?ver=1.0

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f762a58f151203f0f45407ca1ad076a77adaa276c0fc55ccb4dbffc93aba5030

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://info.hearandplay.com/eartutor/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:29:34 GMT
strict-transport-security: max-age=31536000
content-encoding: br
content-security-policy: upgrade-insecure-requests;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 21 Nov 2014 09:23:44 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UfEN5WIZZPffG88iDXBa2bqziSWdQUCKAmDfA40QBg8ESOKNRL4Vv%2FQkLsqM43HhMjGMl9slx5ph6XRWHp0ravYzg7pLA1RKj0xXC2XpygvDSGw8tO4J%2Fn6ZxVYJHNYQl11MgCEk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8ae9325aee245d88-FRA
expires: Mon, 12 Aug 2024 19:29:34 GMT

GET
H3 200 header.min.js Show response
info.hearandplay.com/wp-content/plugins/thrive-headline-optimizer/frontend/js/ 2 KB
2 KB 420ms
404ms Script
application/javascript 172.67.74.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.hearandplay.com/wp-content/plugins/thrive-headline-optimizer/frontend/js/header.min.js?ver=1.1.21

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d599b033a9d032e9c833bee96a36c1b13e2bd451b47ea778e787c2b32837264b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://info.hearandplay.com/eartutor/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:29:34 GMT
strict-transport-security: max-age=31536000
content-encoding: br
content-security-policy: upgrade-insecure-requests;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 08 Apr 2019 06:26:32 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YrIyl186%2FNv%2Frg9BKxZX3fJJKwzn8Usl32wcNRWUop27G4zWqC792aS%2BVeTsErgeiWPgM7u8SlWCC3uBJG2EZGANTF74zEvP3wBH%2FzKITo0oGBxeOkX3ymYKBvWBR4dWtLXA%2FveI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8ae9325aee275d88-FRA
expires: Mon, 12 Aug 2024 19:29:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 272 KB
93 KB 512ms
184ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1072635249

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6c89cab42e124cd564e3d00526719bff6a6786c4baaf0dbeb63e715784b56914

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://info.hearandplay.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:29:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95012
x-xss-protection: 0
last-modified: Mon, 05 Aug 2024 18:02:26 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 05 Aug 2024 19:29:35 GMT

GET
H3 200 hearandplay-logo1.png
info.hearandplay.com/wp-content/uploads/2017/05/ 10 KB
10 KB 533ms
517ms Image
image/png 172.67.74.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://info.hearandplay.com/wp-content/uploads/2017/05/hearandplay-logo1.png

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0af94ebc69db5bc772f8ed84262a9ec9903b634c90bf16e98f3b5657666d721

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://info.hearandplay.com/eartutor/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:29:34 GMT
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 9972
last-modified: Wed, 17 May 2017 14:23:46 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A5yLriWIH1lR67aLwLlOGqBlISZyrUcv84xhgVIMqNEJ2r85Q3zv37lTsX%2F1hDyPJdB7zJxUq2%2BPxG0gXYuCzPk5mGgIgzYP3mgoVm3%2Blpn3A7x8clN6yd3qCFW6smQ4lib9S%2F1U"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8ae9325aee295d88-FRA
expires: Mon, 12 Aug 2024 19:29:34 GMT

GET
H3 200 bubble-harmonize.jpg
info.hearandplay.com/wp-content/uploads/2017/05/ 19 KB
20 KB 497ms
482ms Image
image/jpeg 172.67.74.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://info.hearandplay.com/wp-content/uploads/2017/05/bubble-harmonize.jpg

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbe76dc85109820be5bd51c6468c9d4b12cd587807aede996a37d85e79aa2f10

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://info.hearandplay.com/eartutor/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:29:34 GMT
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 19894
last-modified: Thu, 11 May 2017 19:47:12 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HWASkXGm0pruYGePhvThdCA%2Bmj696TisyWez%2Bmhfal6Ya05d9NL9yTD0Rp4qivn0IM7wVmMNsnQOOiiatYLXVTMxXlw1eRRiaUygjLnwTa%2FaB%2BCVdbB5FGc9jJxQdkBvxawkC0QO"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8ae9325aee2a5d88-FRA
expires: Mon, 12 Aug 2024 19:29:34 GMT

GET
H3 200 pianoplayer2.jpg
info.hearandplay.com/wp-content/uploads/2017/05/ 21 KB
21 KB 496ms
495ms Image
image/jpeg 172.67.74.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://info.hearandplay.com/wp-content/uploads/2017/05/pianoplayer2.jpg

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25228c7807e2a558826ce98bd91ca5f2f82a0082e0e2b3e1c062effde7672443

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://info.hearandplay.com/eartutor/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:29:34 GMT
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 21449
last-modified: Thu, 11 May 2017 19:30:41 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S2naFaWi1oXfsDnixT2S3xyhYbb4TIH74JDhnb8pUEwJ71q%2BQyXYt1znSgFutt0hYV0rJH20lS8du1GAOu0ihDeOClaAE2Aoe%2BtfZRULbd7BoWxklst0r%2BqEBO08pBpNRde7JlI%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8ae9325dfa2d5d88-FRA
expires: Mon, 12 Aug 2024 19:29:34 GMT

GET
H3 200 bubble-hear.jpg
info.hearandplay.com/wp-content/uploads/2017/05/ 19 KB
19 KB 506ms
506ms Image
image/jpeg 172.67.74.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://info.hearandplay.com/wp-content/uploads/2017/05/bubble-hear.jpg

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fc50f584a10af076a32d6f760dce5bf10d93cb40cfa7dd18cb5e349f6322ff3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://info.hearandplay.com/eartutor/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:29:34 GMT
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 19038
last-modified: Thu, 11 May 2017 19:48:18 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rrw5MzgEJwADOxry0xuQfLhgJr8XHSuq3CmN6NHVhmSCoUbXXF%2FqDBTIk5e6bgcXcTmsLEQt3qTYeDURakqJIQCzlUhCH2IDaesjUNdn7RRXs5Z9WRxqyx2u%2Fl0JxcPoafWMeM3P"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8ae9325e5a835d88-FRA
expires: Mon, 12 Aug 2024 19:29:34 GMT

GET
H3 200 eartutorflat-1024x1024.jpg
info.hearandplay.com/wp-content/uploads/2018/07/ 59 KB
59 KB 875ms
874ms Image
image/jpeg 172.67.74.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://info.hearandplay.com/wp-content/uploads/2018/07/eartutorflat-1024x1024.jpg

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39a3918176714f2220d15bb83b7e51ad497142f36a16cddb4f7bb57ec5157e20

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://info.hearandplay.com/eartutor/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:29:35 GMT
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 60323
last-modified: Thu, 19 Jul 2018 16:05:12 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bPsSOovtgF%2FfhQbyTiqmywHZCKYrR2JQEbZvxSfpKp47Hn2Mnje1MZBvltLG2eGSrXDPGINWSjJCZuqi38ga22fwpaebaPgG%2FdtaRK5c5FcojM%2BuD6wAQhzFWM9I4xeysbSYJLhT"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8ae932604d2f5d88-FRA
expires: Mon, 12 Aug 2024 19:29:35 GMT

GET
H3 200 eartutormac-rightside-1024x973.png
info.hearandplay.com/wp-content/uploads/2018/07/ 609 KB
610 KB 936ms
933ms Image
image/png 172.67.74.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://info.hearandplay.com/wp-content/uploads/2018/07/eartutormac-rightside-1024x973.png

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a5594c19479570feef18e77458d69d8b7bbd6d0bc75860398b57d1853f4932c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://info.hearandplay.com/eartutor/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:29:35 GMT
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 623783
last-modified: Thu, 19 Jul 2018 21:28:08 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xhKZQrzyVwQXJLC1Np4Bw%2FmEVIegL93ZpCiGB5KCnmy0WL%2BHqw5Rov5ySSJv1nKIraBFPJxLcTAvjnEK84wqpJT5wIHrpFaUDuU%2BZ3eB5%2BPKUdHXqe9fkgxk3Vwe6Mc2UqLNPGdc"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8ae932604d4a5d88-FRA
expires: Mon, 12 Aug 2024 19:29:35 GMT

GET
H3 200 conversion.js Show response
www.googleadservices.com/pagead/ 57 KB
21 KB 295ms
113ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

13c5d672a26ed35aa291a6aa89d87ceb703d430b9c6e918b5cd2749414539c4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://info.hearandplay.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:29:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21173
x-xss-protection: 0
server: cafe
etag: 4147160116119415605
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 05 Aug 2024 19:29:34 GMT

GET
H2 200 getTrackingCode Show response
hearandplay.infusionsoft.com/app/webTracking/ 7 KB
3 KB 528ms
196ms Script
text/javascript 2606:4700::6812:78f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hearandplay.infusionsoft.com/app/webTracking/getTrackingCode?trackingId=f64dcb4668d2e4edbe77b1468123f543

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:78f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d32e70c6c3a4ff7f26958e4b8e4174f431428e7bf6510160b2657fe17b19a5bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://info.hearandplay.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Aug 2024 19:29:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
server: cloudflare
via: 1.1 google
vary: accept-encoding
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, no-store
cf-ray: 8ae93262494992b3-FRA
x-xss-protection: 1; mode=block
expires: Mon, 05 Aug 2024 19:29:35 GMT

GET
H3 200 triggers.min.js Show response
info.hearandplay.com/wp-content/plugins/thrive-headline-optimizer/frontend/js/ 4 KB
2 KB 64ms
58ms Script
application/javascript 172.67.74.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.hearandplay.com/wp-content/plugins/thrive-headline-optimizer/frontend/js/triggers.min.js?ver=1.1.21

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4ab723ba9966877bf53479c660b17312eb0253be9cf474f02e829b35e88460a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://info.hearandplay.com/eartutor/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:29:34 GMT
strict-transport-security: max-age=31536000
content-encoding: br
content-security-policy: upgrade-insecure-requests;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 78909
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 08 Apr 2019 06:26:32 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fayEgddMNuw8lvdvJKy1LIn4pgEnxf03DizNTHN8veZE%2FIu21Gng0fwQbceDjbBxjSPpvoWQ1UpsX7MVrerFoDDZVRqUqt%2BPCnzu6A337SjkZwPLn26ugRUZUjdF7prIZ1y3phDK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8ae932604d365d88-FRA
expires: Sun, 11 Aug 2024 21:34:25 GMT

GET
H3 200 imagesloaded.min.js Show response
info.hearandplay.com/wp-includes/js/ 8 KB
3 KB 359ms
353ms Script
application/javascript 172.67.74.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.hearandplay.com/wp-includes/js/imagesloaded.min.js?ver=3.2.0

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11e15f1d64a63cb498d0d42720a688ed15bf78393d8c460d695a110244c066e3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://info.hearandplay.com/eartutor/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:29:35 GMT
strict-transport-security: max-age=31536000
content-encoding: br
content-security-policy: upgrade-insecure-requests;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 24 Feb 2019 04:40:49 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tL%2BniYlcr85LVp%2BnH6igBgePGOzkgymVRqNQiYCUVrKAWp66EGEHnjTqonwDYnoFmc19sd%2BT0qFOts0NeBlvWu5YMRGlivskZbBYITeJzYDKZqkXketUYsW4SV4rbkBe2Zdtp%2F4n"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8ae932604d3a5d88-FRA
expires: Mon, 12 Aug 2024 19:29:35 GMT

GET
H3 200 masonry.min.js Show response
info.hearandplay.com/wp-includes/js/ 28 KB
9 KB 353ms
347ms Script
application/javascript 172.67.74.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.hearandplay.com/wp-includes/js/masonry.min.js?ver=3.3.2

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

733d7c26a5fb7240e83e8af2c822218b321b5143e28c2dd65ab2492297ac6bd7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://info.hearandplay.com/eartutor/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:29:35 GMT
strict-transport-security: max-age=31536000
content-encoding: br
content-security-policy: upgrade-insecure-requests;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 24 Feb 2019 04:40:49 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XskdABPV%2BdigJngSErZRyJYeAY8op70EKDuFBK3bgKmfx0hptOgXrozuEL0PJ3q7h5JjOwsU2rBO7gtASGcSo5mYRXIls20g8kSz5aCK9jB4wAjfds8T6w8ePahAGvxhBTzlaita"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8ae932604d3b5d88-FRA
expires: Mon, 12 Aug 2024 19:29:35 GMT

GET
H3 200 jquery.masonry.min.js Show response
info.hearandplay.com/wp-includes/js/jquery/ 2 KB
1 KB 368ms
362ms Script
application/javascript 172.67.74.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.hearandplay.com/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://info.hearandplay.com/eartutor/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:29:35 GMT
strict-transport-security: max-age=31536000
content-encoding: br
content-security-policy: upgrade-insecure-requests;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 29 Apr 2017 04:22:32 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BF0%2BmiyKnacSr24U%2BtmmQv1J2mfz4r0Lu83IoMDEA6eb4iuL2JR5roXaC0grEkNMwkd9LCfmYoSN4emL3h7ZbXOHONF0brjkpOVbZPANeOFh4BWLHQSFbGoB%2Bx9u%2FYgIFurH4uwI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8ae932604d3d5d88-FRA
expires: Mon, 12 Aug 2024 19:29:35 GMT

GET
H3 200 frontend.min.js Show response
info.hearandplay.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/ 69 KB
21 KB 525ms
520ms Script
application/javascript 172.67.74.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.hearandplay.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/frontend.min.js?ver=2.1.12

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cce226c7e41d46ba430a15939132319a6e632e78a683b06f2cd21b49b45fcec1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://info.hearandplay.com/eartutor/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:29:35 GMT
strict-transport-security: max-age=31536000
content-encoding: br
content-security-policy: upgrade-insecure-requests;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 08 Apr 2019 06:26:29 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aJmkhMBoIVRj%2Buu%2Frymv6cVB3QLfaRKP26EjDtIvGHDM%2B%2FAR6Y%2FYkQLviR4HO4tSk%2FF5i0dVKgHHobX%2FDhqc5cKG%2F565qXFU00yEP%2B0WMxu0jLju%2Fujz2xeNeVDsLbrSpP9QVAYA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8ae932604d3f5d88-FRA
expires: Mon, 12 Aug 2024 19:29:35 GMT

GET
H3 200 frontend.min.js Show response
info.hearandplay.com/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/ 2 KB
1 KB 63ms
58ms Script
application/javascript 172.67.74.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.hearandplay.com/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/frontend.min.js?ver=2.1.4

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6589e5fc1e34b95a7c355d417d7a71753897da51f1e2fc633a64da450b701da6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://info.hearandplay.com/eartutor/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:29:34 GMT
strict-transport-security: max-age=31536000
content-encoding: br
content-security-policy: upgrade-insecure-requests;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 83279
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 08 Apr 2019 06:26:29 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N82tRNBqPe4pzKwq6yBIxdESGeoDGvQs68dC%2FvPOe7cyxQS%2BW5AUp0%2Bbre9bWAu%2FO5HdqEc2H%2F%2BvlFxQEZwuc1qHRBG2pvPJM2HVKNuSYITc2RHijhdAV38%2Fl1%2BDHy3UiGYwbyeC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8ae932604d425d88-FRA
expires: Sun, 11 Aug 2024 20:21:35 GMT

GET
H3 200 wp-embed.min.js Show response
info.hearandplay.com/wp-includes/js/ 1 KB
1 KB 46ms
43ms Script
application/javascript 172.67.74.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.hearandplay.com/wp-includes/js/wp-embed.min.js?ver=5.1.19

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37c5f58f12814dd0ecc28f15b7765c6bcd31a9479d330b4ef896e140bf89dc38

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://info.hearandplay.com/eartutor/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:29:34 GMT
strict-transport-security: max-age=31536000
content-encoding: br
content-security-policy: upgrade-insecure-requests;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 83279
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 20 May 2023 04:08:30 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KYCOXhYfkIhHrWThcPfwVmAmtjymxv%2BmewagFC46XKHfPOrAncVa47T51NsQSFIrUTEL5Ki4MljEq6vNI62uuT4%2FhTGJtjUYOhPu7Zv2CdqgTdi%2FWS60Q17JMstJET5MffLJH3DX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8ae932604d485d88-FRA
expires: Sun, 11 Aug 2024 20:21:35 GMT

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 510ms
182ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer: https://info.hearandplay.com/
Origin: https://info.hearandplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:29:35 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8ae932624cbe37fb-FRA

GET
H2 200 hotjar-634621.js Show response
static.hotjar.com/c/ 11 KB
5 KB 511ms
184ms Script
application/javascript 18.66.102.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-634621.js?sv=5

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-11.fra56.r.cloudfront.net

Software

Resource Hash

007b9f1ea1d3fd62e5b9d31706811725cb40749d6ccaf1a720827fe91ce3fba0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://info.hearandplay.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:29:35 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/32cd2a61bf61445ef1b0a9b15b8675c7
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: Jw2gb6FlxWv037hiLO5-iXOtAYlic-qjHHPMsHFKYgWcub1F8TVCdQ==

GET
H2 200 js_visitor_settings.php Show response
dev.visualwebsiteoptimizer.com/deploy/ 4 KB
2 KB 630ms
50ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=25240&url=https%3A%2F%2Finfo.hearandplay.com%2Feartutor%2F&random=0.7636814291626866
Requested by: Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: 5d8fe2d13a0a9cf39b14cbedf0a90870c1fd1cfb53603ed3bab03616285a9c82

Request headers

Referer: https://info.hearandplay.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 05 Aug 2024 19:29:33 GMT
content-encoding: gzip
via: 1.1 google
server: gams1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/javascript; charset=UTF-8

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
146 B 133ms
131ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=25240&d=info.hearandplay.com&u=D462CC1278CFF561443917CA494CEA4E0&h=3aaa8c6c7d3633d1dc924dfb0fa726a0

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv02c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://info.hearandplay.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:29:34 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv02c
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=43200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 358ms
31ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://info.hearandplay.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 05 Aug 2024 19:15:05 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 870
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 05 Aug 2024 21:15:05 GMT

GET
H3 200 wp-emoji-release.min.js Show response
info.hearandplay.com/wp-includes/js/ 12 KB
5 KB 59ms
58ms Script
application/javascript 172.67.74.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.hearandplay.com/wp-includes/js/wp-emoji-release.min.js?ver=5.1.19

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9160bf5ee2c9435a62c8b1d991b7f419417cab5d5a37eefcee79767a292b4b7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://info.hearandplay.com/eartutor/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:29:34 GMT
strict-transport-security: max-age=31536000
content-encoding: br
content-security-policy: upgrade-insecure-requests;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 83274
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 15 Apr 2021 13:22:22 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XofM0JqPu9KpaICnsI2snoWXlD6TNJqXdTP%2BeBgZVW%2BJsEUMgtMuxpwQ%2FfBJgH6B%2BhCUhHRqEERTwbDs5ky2f5CaCIXqfD6UPYoqjpsgKwSCFB3zj8Y6HZY6a%2FJZr4C0tMmMJTaN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8ae932604d4b5d88-FRA
expires: Sun, 11 Aug 2024 20:21:40 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
60 KB 345ms
19ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://info.hearandplay.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 05 Aug 2024 19:29:35 GMT
document-policy: force-load-at-top
x-fb-server-load: 21
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58865
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=14, mss=1297, tbw=2791, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: 4YNxfJwkyojfKZlKf6uwkCjNNrP2+FwJxgGntI72V6R6oGjjmT0qPw3M8ToSuCbGYf2g8xsZhSnOw9xgROC0mA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
x-fb-optimizer: 0
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 DvzegCboTLI
www.youtube.com/embed/ Frame 694E 0
0 411ms
125ms Document
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/DvzegCboTLI?rel=0&modestbranding=1&controls=0&showinfo=0&fs=0&wmode=transparent

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://info.hearandplay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Aug 2024 19:29:35 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 326ms
14ms Script
text/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://info.hearandplay.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 05 Aug 2024 18:51:36 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2279
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Mon, 05 Aug 2024 20:51:36 GMT

GET
H3 200 Masterclassbackdrop-1024x576.png
info.hearandplay.com/wp-content/uploads/2016/08/ 654 KB
655 KB 1195ms
1190ms Image
image/png 172.67.74.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://info.hearandplay.com/wp-content/uploads/2016/08/Masterclassbackdrop-1024x576.png

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8318e492225ca187685441a3da3d626350a4b3225cb427f2696f89d9fb525a09

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://info.hearandplay.com/eartutor/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:29:35 GMT
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 669565
last-modified: Sat, 06 Aug 2016 21:01:09 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BoOFJ3FOv7cwZ6D9zA0YiAslJsG%2FCKlX7dnkX5RVWOUdYDjoc83f0sQqZGFMx%2Fa5DTm3TMsBHn69LatPxNbz6btZZq9L5A6AuiclbkTrh9dcSDYfWneMlhq%2BgmyOZ%2BAU3oUuQQPP"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8ae932610e285d88-FRA
expires: Mon, 12 Aug 2024 19:29:35 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 344ms
37ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700%2C400italic%2C700italic&ver=5.1.19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://info.hearandplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 14:56:39 GMT
x-content-type-options: nosniff
age: 534776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Jul 2025 14:56:39 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
197 B 104ms
41ms Image
image/gif 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1302023318&utmhn=info.hearandplay.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=de-de&utmje=0&utmfl=-&utmdt=Ear%20Tutor%20Video%20%7C&utmhid=666107440&utmr=-&utmp=%2Feartutor%2F&utmht=1722886175215&utmac=UA-827453-1&utmcc=__utma%3D1.530399838.1722886175.1722886175.1722886175.1%3B%2B__utmz%3D1.1722886175.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=553873711&utmredir=1&utmu=DhAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://info.hearandplay.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Aug 2024 19:29:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/1072635249/ 3 KB
2 KB 103ms
54ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1072635249/?random=1722886175218&cv=9&fst=1722886175218&num=1&value=0&label=HmgvCP-C9QIQ8bq8_wM&bg=666666&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Finfo.hearandplay.com%2Feartutor%2F&tiba=Ear%20Tutor%20Video%20%7C&capi=1&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

2ba2c61b37a8354320518231c24d79f03e9306757d10a29d84ab37de2003d1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://info.hearandplay.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Aug 2024 19:29:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1548
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.8da33a8f469c3b5ffcec.js Show response
script.hotjar.com/ 223 KB
56 KB 545ms
451ms Script
application/javascript 13.33.187.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-634621.js?sv=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.187.109 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-187-109.fra60.r.cloudfront.net

Software

Resource Hash

76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://info.hearandplay.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 14:23:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 4d37a80c51c1368344134f5bdf1ea92e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
age: 536789
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56385
last-modified: Tue, 30 Jul 2024 14:22:40 GMT
etag: "0728625a147ca79276a1790b9cf3175d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: JkL-I-qFDRE4B-DiljL9Sr61QW1-GuCOR2EIMPMr6uJtgQ1C3cwgbA==

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
14 KB 590ms
87ms Script
application/javascript 2a01:111:202c::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:111:202c::237 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://info.hearandplay.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 05 Aug 2024 19:29:35 GMT
last-modified: Sat, 13 Jul 2024 20:42:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8C56C45DDFBC47D494326B62EC8C964D Ref B: LON212050719031 Ref C: 2024-08-05T19:29:35Z
etag: "044982565d5da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14183

GET
H3

200

main.js Show response
info.hearandplay.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/ Frame 50CA
Redirect Chain

https://info.hearandplay.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://info.hearandplay.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js?

8 KB
4 KB

56ms
47ms

Script
application/javascript

172.67.74.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.hearandplay.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js?

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Server

172.67.74.215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acfe70fe83a8ff11be0c6a83d125eee02007701da72a83adfdd1a5612cef3137

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:29:36 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uPUTu1oRU%2B3VeezE9ZJRrWq9ewW8CrYqqn0ihfkhTpdkuYa0Ig9g12AjuiNTNq5knB8Na%2FuBqT5ranTO89z4ZbeVIiLC2ZTS5VMmidRNO3iIF5oRDpOoRBSm0f0u4kXA%2FMjpVhs0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8ae9326aaad15d88-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 05 Aug 2024 19:29:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7pwBU74Tl%2Bzkl6oFg%2BaOeQ%2ForAhlPnHkI7wWJVUnGWt6kZvqAsowrLiym5ARLPSFOjU162I749CDpK3AvF0IOpHStXCYxTX%2BF2nIa1paq1FfEK4pUf%2FJiVk1anzu8iYNVRWjRKXi"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js?
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8ae932649a9e5d88-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/1072635249/ 42 B
64 B 141ms
76ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1072635249/?random=1510255843&cv=9&fst=1722886175218&num=1&value=0&label=HmgvCP-C9QIQ8bq8_wM&bg=666666&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Finfo.hearandplay.com%2Feartutor%2F&tiba=Ear%20Tutor%20Video%20%7C&capi=1&hn=www.googleadservices.com&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECSixub3QtbmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI49Pdk8vehwMVeztVCB1LbwceMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh1odHRwczovL2luZm8uaGVhcmFuZHBsYXkuY29tLw

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://info.hearandplay.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Aug 2024 19:29:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 292634490891502 Show response
connect.facebook.net/signals/config/ 66 KB
13 KB 109ms
86ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/292634490891502?v=2.9.164&r=stable&domain=info.hearandplay.com&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1f176f94bc6ee88dee15de11b0c55f6d6a406957e756748c44e951e606468c2f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://info.hearandplay.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 05 Aug 2024 19:29:35 GMT
document-policy: force-load-at-top
x-fb-server-load: 26
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=32, rtx=3, c=34, mss=1297, tbw=64401, tp=-1, tpl=-1, uplat=49, ullat=0
pragma: public
x-fb-debug: 382zKrCtIB4wxJSSXEMOembHxqLmFu4Ol+r/VSj/Lich2yHt8AB3FljOLMW8triO/znC/rCxPs/Jq/2iyDOvdQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 175ms
24ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=292634490891502&ev=PageView&dl=https%3A%2F%2Finfo.hearandplay.com%2Feartutor%2F&rl=&if=false&ts=1722886175965&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1722886175961.341998277390262758&ler=empty&cdl=API_unavailable&it=1722886175670&coo=false&rqm=GET

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://info.hearandplay.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=12, rtx=1, c=10, mss=1297, tbw=2819, tp=-1, tpl=-1, uplat=0, ullat=1
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 05 Aug 2024 19:29:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 327ms
171ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=292634490891502&ev=PageView&dl=https%3A%2F%2Finfo.hearandplay.com%2Feartutor%2F&rl=&if=false&ts=1722886175965&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1722886175961.341998277390262758&ler=empty&cdl=API_unavailable&it=1722886175670&coo=false&rqm=FGET

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://info.hearandplay.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x6c53f905b75db7d6","source_keys":["1","2"]}],"aggregatable_values":{"1":10922,"2":0},"filters":{"2":["24:8612565805436160","24:6031798876895335","24:4488711891186448","7830:8612565805436160","7830:6031798876895335","7830:4488711891186448","10853:8612565805436160","10853:6031798876895335","10853:4488711891186448","41:8612565805436160","41:6031798876895335","41:4488711891186448","8046:8612565805436160","8046:6031798876895335","8046:4488711891186448"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Mon, 05 Aug 2024 19:29:36 GMT
x-fb-server-load: 39
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7399739782411675300", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=12, rtx=1, c=10, mss=1297, tbw=3137, tp=-1, tpl=-1, uplat=154, ullat=0
pragma: no-cache
x-fb-debug: FCZRvueIIiGa3kNIieakiu2XsFsB4cBWgeiJ/yXW+sBc+wSIazZ2hXMh7uz5xkpkxy9sgevSk1pMCnx5UHnwbQ==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7399739782411675300"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 28001090.js Show response
bat.bing.com/p/action/ 335 B
402 B 92ms
85ms Script
application/javascript 2a01:111:202c::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/28001090.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:111:202c::237 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e6eae0251ff9d9602e618bd779c3c7234b243fb71da5afa4e502443e9c007bd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://info.hearandplay.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Mon, 05 Aug 2024 19:29:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9A17302C98D84566B1A5401A63EA0FA4 Ref B: LON212050719031 Ref C: 2024-08-05T19:29:35Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=1800

GET
H2 204 0
bat.bing.com/action/ 0
179 B 57ms
20ms Image
text/plain 2a01:111:202c::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=28001090&Ver=2&mid=2bc72328-2157-4abb-9d70-e2d934cfb7f6&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Ear%20Tutor%20Video%20%7C&p=https%3A%2F%2Finfo.hearandplay.com%2Feartutor%2F&r=&lt=3352&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=522253

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:111:202c::237 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://info.hearandplay.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 05 Aug 2024 19:29:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4D3216BB83EF43988C66377C28E25D3D Ref B: LON212050719031 Ref C: 2024-08-05T19:29:36Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 8ae93252cb7c5d88 Show response
info.hearandplay.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 50CA 0
683 B 89ms
78ms XHR
text/plain 172.67.74.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://info.hearandplay.com/cdn-cgi/challenge-platform/h/b/jsd/r/8ae93252cb7c5d88
Requested by: Host: info.hearandplay.com
URL: https://info.hearandplay.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.74.215 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 05 Aug 2024 19:29:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6YxK4zy9VL0KF1ceW0%2F%2BHfXLGD3xGGwT0a7Kd1zutSnE7o%2Bq1eWRz2dMoWFMNLfBVnK9F6EE1KKUOWtqnM%2BFeWZZGtH3lK3Pctah%2FtimBxo4vdFnY30JHT36bjZyXwdjP9g4Jd1m"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 8ae9326dce645d88-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 websiteTriggerIframe
hearandplay.infusionsoft.app/app/webTracking/ Frame FC03 0
0 398ms
211ms Document
text/html 2606:4700::6812:1feb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hearandplay.infusionsoft.app/app/webTracking/websiteTriggerIframe

Requested by

Host: hearandplay.infusionsoft.com
URL: https://hearandplay.infusionsoft.com/app/webTracking/getTrackingCode?trackingId=f64dcb4668d2e4edbe77b1468123f543

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1feb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://info.hearandplay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 8ae932720a412c27-FRA
content-encoding: gzip
content-language: de-DE
content-type: text/html;charset=UTF-8
date: Mon, 05 Aug 2024 19:29:37 GMT
expires: Mon, 05 Aug 2024 19:29:37 GMT
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
beacon-v2.helpscout.net/ 458 B
902 B 202ms
10ms Script
application/javascript 143.204.215.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon-v2.helpscout.net/

Requested by

Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-6.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

992480f2372e7e8936911137328e7a424956a94549050cbb61180e31f33247ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://info.hearandplay.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:27:49 GMT
content-encoding: gzip
via: 1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA53-C1
age: 109
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 326
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 05 Aug 2024 08:38:29 GMT
server: AmazonS3
etag: "417c1f8d99bc161f2e06d07b4eb37357"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=120, s-maxage=120, public
accept-ranges: bytes
x-amz-cf-id: 5WG6qw6jNslWa8KYYq82kWHubesm8v5Pv5LEvtswboKkLf8rrhPhVA==

POST
H3 204 rum Show response
info.hearandplay.com/cdn-cgi/ 0
144 B 84ms
50ms XHR
text/plain 172.67.74.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.hearandplay.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://info.hearandplay.com/eartutor/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Mon, 05 Aug 2024 19:29:37 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://info.hearandplay.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8ae93270da765d88-FRA

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 88 KB
28 KB 208ms
35ms Script
text/javascript 2600:9000:2644:9200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: info.hearandplay.com
URL: https://info.hearandplay.com/eartutor/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:9200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 02b5db103f24a7395fa2623b371ea764e2948337147de780911dc2fcdec49458

Request headers

Referer: https://info.hearandplay.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

X-Amz-Version-Id: fsiDuzy5vys3wCM7hYlFnR.TBXHQSKgT
Content-Encoding: gzip
Via: 1.1 cbd5498107be7e5bcccda272c5fdbef4.cloudfront.net (CloudFront)
Date: Mon, 05 Aug 2024 19:14:52 GMT
Age: 886
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 04 Jul 2024 15:21:58 GMT
Server: AmazonS3
Etag: W/"c3ca7e6129306d41ac549ab4c252c99b"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: _7CBKxKL6krZBuDeMP-tGT_d8ncKPDXurKlVsMVnNyj7iua0o4iiGg==

GET
H2 200 vendor.5fe8f3bc.js Show response
beacon-v2.helpscout.net/static/js/ 62 KB
23 KB 22ms
21ms Script
application/javascript 143.204.215.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon-v2.helpscout.net/static/js/vendor.5fe8f3bc.js

Requested by

Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-6.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c615d03cee52e9673053fd8588d0e124a318245eb3e831e8f3a9204c6d3c99f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://info.hearandplay.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 17:47:50 GMT
content-encoding: gzip
via: 1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA53-C1
age: 6107
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 22572
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 26 Jul 2024 17:26:38 GMT
server: AmazonS3
etag: "a3d10a46a82feffc1fa974df28b56f57"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: AEvj13_5MljQu9BQZv9yB1z6rzs53112lsxbTdgFEAh-UUnEFXxITQ==

GET
H2 200 main.ddc6d8d6.js Show response
beacon-v2.helpscout.net/static/js/ 31 KB
13 KB 32ms
32ms Script
application/javascript 143.204.215.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon-v2.helpscout.net/static/js/main.ddc6d8d6.js

Requested by

Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-6.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

9fa02332e26a86f2561fda8191abbfa308cda997a44f8c6aaf7a5b10a64e3b1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://info.hearandplay.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 17:47:50 GMT
content-encoding: gzip
via: 1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA53-C1
age: 6107
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 12421
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 05 Aug 2024 08:38:29 GMT
server: AmazonS3
etag: "265485c7ab8090f2557d87d07c4defe1"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: rTKp4GHf4rpmK2GutzOAy2PXffPNIIScUnvv1eg4OB53JsOjX-IXDg==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/6SDFSZUURJHEVEPXCEPRBW/IA65MQKO6VBQFN3VR7DSZW/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

15ms
13ms

Script
application/javascript

2600:9000:2644:9200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Protocol: HTTP/1.1
Server: 2600:9000:2644:9200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://info.hearandplay.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date: Mon, 05 Aug 2024 06:38:03 GMT
Via: 1.1 cbd5498107be7e5bcccda272c5fdbef4.cloudfront.net (CloudFront)
Age: 46295
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: GdnnnJ8VC7yRTr7k5uoCgW4_bHXhdfFZv-TZ_piB1VMNkv-SIoktBQ==

Redirect headers

Date: Mon, 05 Aug 2024 08:00:40 GMT
Via: 1.1 cbd5498107be7e5bcccda272c5fdbef4.cloudfront.net (CloudFront)
Age: 41336
X-Amz-Cf-Pop: FRA60-P6
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: dKGqbg1mTjPk4TMgVsPYxI7WYoVHEpZoR_D_s-9rGKa2-tq_pfB_Hg==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/6SDFSZUURJHEVEPXCEPRBW/IA65MQKO6VBQFN3VR7DSZW/ 0
809 B 65ms
15ms Script
text/javascript 2600:9000:2644:9200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/6SDFSZUURJHEVEPXCEPRBW/IA65MQKO6VBQFN3VR7DSZW/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:9200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://info.hearandplay.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

X-Amz-Version-Id: Nj1RbzFA0ZLe67ZecxBs6lgauuvclqdh
Date: Mon, 05 Aug 2024 18:47:20 GMT
Via: 1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
Age: 2538
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 24 Jul 2024 11:54:12 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: arCkBCmPXsPks6FUErNKEpzXrS9BRpbBCDNlikUpD2XhQZwUbT71gg==

GET
H2 200 8c8f48ed-cd78-427f-a465-43eb0afa07ad Show response
d3hb14vkzrxvla.cloudfront.net/v1/ 8 KB
9 KB 134ms
128ms XHR
application/json 13.32.23.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3hb14vkzrxvla.cloudfront.net/v1/8c8f48ed-cd78-427f-a465-43eb0afa07ad

Requested by

Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/static/js/vendor.5fe8f3bc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.23.227 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-23-227.fra56.r.cloudfront.net

Software

Resource Hash

554d94e267f28eea2047a90811e40cfe5df5ccf7f2ebdf552d55aad8ffb6c93c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

correlationId: 58416211-2bb5-49aa-aa0b-bf24cccbd71c
Helpscout-Release: 2.2.211
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Beacon-Device-ID: a0821f52-67a1-4758-9549-5ee8174916c8
Referer: https://info.hearandplay.com/
Beacon-Device-Instance-ID: 80508435-b0d7-4b3c-9ef8-a993735b0924
Helpscout-Origin: Beacon-Embed

Response headers

date: Mon, 05 Aug 2024 19:29:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
x-ratelimit-remaining-ai-ask-hour: 25
x-ratelimit-remaining-identify-hour: 25
x-ratelimit-limit-general-minute: 60
x-ratelimit-remaining-conversations-hour: 10
x-ratelimit-limit-identify-hour: 25
x-ratelimit-remaining-chat-tokens-hour: 25
x-ratelimit-limit-conversations-hour: 10
x-ratelimit-limit-attachments-hour: 10
vary: Origin,Access-Control-Request-Method
content-type: application/json
access-control-allow-origin: https://info.hearandplay.com
x-ratelimit-remaining-general-minute: 60
access-control-expose-headers: Resource-ID
cache-control: max-age=300
access-control-allow-credentials: true
x-ratelimit-remaining-attachments-hour: 10
x-ratelimit-limit-ai-ask-hour: 25
x-amz-cf-id: -OrXup3z6REszaietX8v6qaidpcPBVOpnmkdHwox1zbtO7syId9_Zw==
x-ratelimit-limit-chat-tokens-hour: 25

GET
H2 200 6SDFSZUURJHEVEPXCEPRBW Show response
d.adroll.com/consent/check/ 578 B
671 B 461ms
42ms Script
application/javascript 2a05:d018:cc3:fe05:631e:1560:b06d:b3c3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/6SDFSZUURJHEVEPXCEPRBW?pv=31209428095.023872&arrfrr=https%3A%2F%2Finfo.hearandplay.com%2Feartutor%2F&_s=11783b092fb845bc7c3f641f10684e14&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe05:631e:1560:b06d:b3c3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: dbca32baf103bff9a15b4b94a1c2401671b438c64122c3bc3827b376801bc92b

Request headers

Referer: https://info.hearandplay.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:29:38 GMT
server: nginx/1.22.1
content-length: 578
content-type: application/javascript

OPTIONS
H2 200 8c8f48ed-cd78-427f-a465-43eb0afa07ad
d3hb14vkzrxvla.cloudfront.net/v1/ Frame 0
0 442ms
107ms Preflight 13.32.23.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3hb14vkzrxvla.cloudfront.net/v1/8c8f48ed-cd78-427f-a465-43eb0afa07ad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.23.227 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-23-227.fra56.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: beacon-device-id,beacon-device-instance-id,correlationid,helpscout-origin,helpscout-release
Access-Control-Request-Method: GET
Origin: https://info.hearandplay.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: beacon-device-id, beacon-device-instance-id, correlationid, helpscout-origin, helpscout-release
access-control-allow-methods: GET
access-control-allow-origin: https://info.hearandplay.com
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, TRACE, PATCH
content-length: 0
date: Mon, 05 Aug 2024 19:29:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin,Access-Control-Request-Method
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
x-amz-cf-id: -FNy6edUGqvgawv-q1TiJkps4TBx7q_tlBJ954tjbygBhGitST2ZbA==
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
x-ratelimit-limit-ai-ask-hour: 25
x-ratelimit-limit-attachments-hour: 10
x-ratelimit-limit-chat-tokens-hour: 25
x-ratelimit-limit-conversations-hour: 10
x-ratelimit-limit-general-minute: 60
x-ratelimit-limit-identify-hour: 25
x-ratelimit-remaining-ai-ask-hour: 25
x-ratelimit-remaining-attachments-hour: 10
x-ratelimit-remaining-chat-tokens-hour: 25
x-ratelimit-remaining-conversations-hour: 10
x-ratelimit-remaining-general-minute: 60
x-ratelimit-remaining-identify-hour: 25

GET
H2

200

spacer.gif
hearandplay.infusionsoft.app/slices/
Redirect Chain

https://hearandplay.infusionsoft.app/app/webTracking/contact/1722886175289?contactId=0&screenResolution=1600x1200&plugins=&javaEnabled=false&domain=info.hearandplay.com&location=https://info.hearan...
https://hearandplay.infusionsoft.app/slices/spacer.gif

43 B
395 B

255ms
205ms

Image
image/gif

2606:4700::6812:1feb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hearandplay.infusionsoft.app/slices/spacer.gif

Protocol

Server

2606:4700::6812:1feb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://localhost:10239 http://local.infusiontest.com:10239 https://local.infusiontest.com:10239 https://app.intg.infusiontest.com https://app.stge.infusiontest.com https://app.infusionsoft.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://info.hearandplay.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:29:38 GMT
content-security-policy: frame-ancestors 'self' http://localhost:10239 http://local.infusiontest.com:10239 https://local.infusiontest.com:10239 https://app.intg.infusiontest.com https://app.stge.infusiontest.com https://app.infusionsoft.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
content-encoding: gzip
via: 1.1 google
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Aug 2024 10:34:14 GMT
server: cloudflare
etag: W/"43-1722854054212"
vary: accept-encoding
content-type: image/gif;charset=UTF-8
cache-control: public, max-age=31554000
cf-ray: 8ae93276dcfc4d5e-FRA
expires: Wed, 06 Aug 2025 00:29:38 GMT

Redirect headers

pragma: no-cache, no-cache
date: Mon, 05 Aug 2024 19:29:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
server: cloudflare
via: 1.1 google
vary: accept-encoding
location: /slices/spacer.gif
cache-control: no-cache, no-store, no-cache, no-store
cf-ray: 8ae932756b114d5e-FRA
x-xss-protection: 1; mode=block
expires: Mon, 05 Aug 2024 19:29:38 GMT, -1

GET
H3 200 favicon.ico
info.hearandplay.com/wp-content/uploads/2013/08/ 318 B
649 B 75ms
74ms Other
image/x-icon 172.67.74.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.hearandplay.com/wp-content/uploads/2013/08/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6d80c01c368cde548f2226d2920e0a7e5a78feecfae90de83e9d29d66c52608

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://info.hearandplay.com/eartutor/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 19:29:39 GMT
strict-transport-security: max-age=31536000
content-encoding: br
content-security-policy: upgrade-insecure-requests;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 38477
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 24 Aug 2013 02:02:42 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=niNFjbV1dES%2BRYEegZE8cmcZWlB%2Fkl%2BWdG1SjuiIF%2FVShnl8xxX1tkKiFIlW2LSKahQkv1qlBmz4Vfvyf9oLgJfltHVDqyaQvxEKV1NlMf%2FeOwScWGr09OJHB09gA1FWN3ciRCx%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8ae9327c18bf5d88-FRA
expires: Mon, 12 Aug 2024 08:48:22 GMT

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.info.hearandplay.com/	1970-01-21 07:21:48	Name: _vwo_uuid_v2 Value: D462CC1278CFF561443917CA494CEA4E0\|3aaa8c6c7d3633d1dc924dfb0fa726a0
info.hearandplay.com/	1970-01-21 08:10:46	Name: __utma Value: 1.530399838.1722886175.1722886175.1722886175.1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: hj4-61IEcQw
.youtube.com/	1970-01-21 02:53:58	Name: VISITOR_INFO1_LIVE Value: TdYSq8hghPA
.youtube.com/	1970-01-21 02:53:58	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgRA%3D%3D
info.hearandplay.com/	1969-12-31 23:59:59	Name: __utmc Value: 1
info.hearandplay.com/	1970-01-21 02:57:34	Name: __utmz Value: 1.1722886175.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
info.hearandplay.com/	1970-01-20 22:34:46	Name: __utmt Value: 1
info.hearandplay.com/	1970-01-20 22:34:47	Name: __utmb Value: 1.1.10.1722886175
.infusionsoft.com/	1970-01-20 22:34:47	Name: __cf_bm Value: 2o5QkgcYUo7ge04cd9IkT3wGtul_wUvdNsbPRN2sEpE-1722886175-1.0.1.1-witnTqIX9dEks_9DtfPl7q6L8fkqjw.SCynB_7T04TLJK33lPLhducGo7ILgv9S8xcnz3GbALQL2evNuU9EqRw
info.hearandplay.com/	1970-01-21 08:10:46	Name: _ga Value: GA1.1.530399838.1722886175
info.hearandplay.com/	1970-01-20 22:36:12	Name: _gid Value: GA1.1.116122726.1722886175
.hearandplay.com/	1970-01-21 00:44:22	Name: _gcl_au Value: 1.1.264516414.1722886175
.doubleclick.net/	1970-01-20 22:34:47	Name: test_cookie Value: CheckForPermission
.hearandplay.com/	1970-01-21 00:44:22	Name: _fbp Value: fb.1.1722886175961.341998277390262758
.hearandplay.com/	1970-01-21 07:20:22	Name: _hjSessionUser_634621 Value: eyJpZCI6IjZjMDljMzEyLWYxNjAtNTUxYS1iNWM0LTVlYTU4ZTEzMTYzNSIsImNyZWF0ZWQiOjE3MjI4ODYxNzYxNjgsImV4aXN0aW5nIjpmYWxzZX0=
.hearandplay.com/	1970-01-20 22:34:47	Name: _hjSession_634621 Value: eyJpZCI6IjU0MmE4YTQ1LTkxZDItNDdiMy04MDcwLTc2MTI1NGZkYTI5NCIsImMiOjE3MjI4ODYxNzYxNjksInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.hearandplay.com/	1970-01-21 07:20:22	Name: cf_clearance Value: 2ADgjpHYD0oZh.xo.7ddlOV5sqUBpylkhEweo14Q.Yk-1722886176-1.0.1.1-2Q2.KS6OreGRxvUPtY6H2ykKFHmr6AUkRTefE8Jdspt6Vz7d62tc3tB5cUI_AoSodNnqbghQGFoVlnZXSBjp4g
hearandplay.infusionsoft.app/	1970-01-21 07:20:22	Name: InfusionsoftTrackingCookie Value: c55fe2f47ed65e65f83bac7f8d6080b5
.infusionsoft.app/	1970-01-21 07:20:22	Name: cf_clearance Value: otEKF3upW3.0Wzej037LZpVMOnjL2zTUnVZKgMH5_NA-1722886178-1.0.1.1-GgI.hbffwlxRo9J2mUpJjiT_wHH3cUUcu0i77bpGRXCkAZ9UZBpC31ZUbkH94mYGGYKv7jAXLUV0wRUxoZMMoA
.infusionsoft.app/	1970-01-20 22:34:47	Name: __cf_bm Value: _8XGmbwIMVSMsQtbk5sFRGgVuVNF.LrONQIiusaO0vw-1722886178-1.0.1.1-7OfJkt8SdH6xHgHuWfJ8DzLOdIZMm4gSZbwFcmigP8ykwbL1N9wrTEGPivcAjdK1fvbmb0uCjS2Dg5UBvCwLHreUupSWHB0PID9RPKwr.Lw

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://info.hearandplay.com/eartutor/(Line 29) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=25240&url=https%3A%2F%2Finfo.hearandplay.com%2Feartutor%2F&random=0.7636814291626866, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://info.hearandplay.com/eartutor/(Line 29) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=25240&url=https%3A%2F%2Finfo.hearandplay.com%2Feartutor%2F&random=0.7636814291626866, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://info.hearandplay.com/eartutor/(Line 355) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://info.hearandplay.com/eartutor/(Line 355) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
beacon-v2.helpscout.net
connect.facebook.net
d.adroll.com
d3hb14vkzrxvla.cloudfront.net
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hearandplay.infusionsoft.app
hearandplay.infusionsoft.com
info.hearandplay.com
s.adroll.com
script.hotjar.com
ssl.google-analytics.com
static.cloudflareinsights.com
static.hotjar.com
www.eartutor.com
www.facebook.com
www.google-analytics.com
www.googleadservices.com
www.googletagmanager.com
www.youtube.com
13.32.23.227
13.33.187.109
142.250.186.98
143.204.215.6
172.67.74.215
18.66.102.11
216.58.206.34
2600:9000:2644:9200:6:9280:1080:93a1
2606:4700::6810:4f49
2606:4700::6812:1feb
2606:4700::6812:78f
2a00:1450:4001:803::2003
2a00:1450:4001:80b::2008
2a00:1450:4001:813::200e
2a00:1450:4001:81c::200e
2a00:1450:4001:81d::2008
2a00:1450:4001:829::200a
2a01:111:202c::237
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a05:d018:cc3:fe05:631e:1560:b06d:b3c3
3.33.251.168
34.96.102.137
007b9f1ea1d3fd62e5b9d31706811725cb40749d6ccaf1a720827fe91ce3fba0
02b5db103f24a7395fa2623b371ea764e2948337147de780911dc2fcdec49458
11e15f1d64a63cb498d0d42720a688ed15bf78393d8c460d695a110244c066e3
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13c5d672a26ed35aa291a6aa89d87ceb703d430b9c6e918b5cd2749414539c4d
199dc1bb1476d54a8139904162b68dbd07594e340feac8a1cc259b333e5950e2
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1f176f94bc6ee88dee15de11b0c55f6d6a406957e756748c44e951e606468c2f
25228c7807e2a558826ce98bd91ca5f2f82a0082e0e2b3e1c062effde7672443
2ba2c61b37a8354320518231c24d79f03e9306757d10a29d84ab37de2003d1cd
2ce1c74d2e4611f9c734676a588a47a97c6c3c7371343c81cc4d34a92264e9cb
37c5f58f12814dd0ecc28f15b7765c6bcd31a9479d330b4ef896e140bf89dc38
39a3918176714f2220d15bb83b7e51ad497142f36a16cddb4f7bb57ec5157e20
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
554d94e267f28eea2047a90811e40cfe5df5ccf7f2ebdf552d55aad8ffb6c93c
5d8fe2d13a0a9cf39b14cbedf0a90870c1fd1cfb53603ed3bab03616285a9c82
6589e5fc1e34b95a7c355d417d7a71753897da51f1e2fc633a64da450b701da6
692f6f364bbd9accd6866c67deb823580f463e1b7ea1fc81071abc2d5015ad26
6a5594c19479570feef18e77458d69d8b7bbd6d0bc75860398b57d1853f4932c
6c89cab42e124cd564e3d00526719bff6a6786c4baaf0dbeb63e715784b56914
733d7c26a5fb7240e83e8af2c822218b321b5143e28c2dd65ab2492297ac6bd7
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
8318e492225ca187685441a3da3d626350a4b3225cb427f2696f89d9fb525a09
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
94f80c87390a84a3761860b1ce0764da77bb81d6f11cb3d059339148589aaf5c
992480f2372e7e8936911137328e7a424956a94549050cbb61180e31f33247ff
9fa02332e26a86f2561fda8191abbfa308cda997a44f8c6aaf7a5b10a64e3b1f
9fc50f584a10af076a32d6f760dce5bf10d93cb40cfa7dd18cb5e349f6322ff3
a6d80c01c368cde548f2226d2920e0a7e5a78feecfae90de83e9d29d66c52608
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
acfe70fe83a8ff11be0c6a83d125eee02007701da72a83adfdd1a5612cef3137
b0af94ebc69db5bc772f8ed84262a9ec9903b634c90bf16e98f3b5657666d721
b4ab723ba9966877bf53479c660b17312eb0253be9cf474f02e829b35e88460a
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
c615d03cee52e9673053fd8588d0e124a318245eb3e831e8f3a9204c6d3c99f2
cbe76dc85109820be5bd51c6468c9d4b12cd587807aede996a37d85e79aa2f10
cce226c7e41d46ba430a15939132319a6e632e78a683b06f2cd21b49b45fcec1
d16400e6b2166cf4a5b37b2216cde40c8637e6693cf623abbee9f8cd21a7dc33
d32e70c6c3a4ff7f26958e4b8e4174f431428e7bf6510160b2657fe17b19a5bf
d523a3d1c1de051b11ecc17709cdf490fd2c4caf10f13417e2c74569ad6d79fd
d599b033a9d032e9c833bee96a36c1b13e2bd451b47ea778e787c2b32837264b
d9160bf5ee2c9435a62c8b1d991b7f419417cab5d5a37eefcee79767a292b4b7
dbca32baf103bff9a15b4b94a1c2401671b438c64122c3bc3827b376801bc92b
dc8e02e4c8cbc847c79e57f90b4255e2d1fdc8938b8f63455eb8187f0981e6f9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6eae0251ff9d9602e618bd779c3c7234b243fb71da5afa4e502443e9c007bd4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f762a58f151203f0f45407ca1ad076a77adaa276c0fc55ccb4dbffc93aba5030
fee229982b7fc656f15dcd65b57a0ad868d5a4aef350eff7828a92de4044ef05

info.hearandplay.com Open in urlscan Pro 172.67.74.215 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

64 Requests

95 %HTTPS

61 %IPv6

20 Domains

23 Subdomains

22 IPs

4 Countries

2073 kBTransfer

3874 kBSize

21 Cookies

1 Outgoing links

Page URL History

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

info.hearandplay.com Open in urlscan Pro
172.67.74.215 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

95 %
HTTPS

61 %
IPv6

20
Domains

23
Subdomains

22
IPs

4
Countries

2073 kB
Transfer

3874 kB
Size

21
Cookies

64 HTTP transactions
0 data transactions