affiliates.gohighlevel.com Open in urlscan Pro
2606:4700::6812:16d5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://affiliates.gohighlevel.com/
Effective URL:
https://affiliates.gohighlevel.com/
Submission Tags: falconsandbox
Submission: On August 04 via api (August 4th 2024, 10:50:02 pm UTC) from US — Scanned from DE

Summary HTTP 44 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 14 domains to perform 44 HTTP transactions. The main IP is 2606:4700::6812:16d5, located in United States and belongs to CLOUDFLARENET, US. The main domain is affiliates.gohighlevel.com.
TLS certificate: Issued by WE1 on July 9th 2024. Valid for: 3 months.

This is the only time affiliates.gohighlevel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2606:4700::68... 2606:4700::6812:16d5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.245.46.86 18.245.46.86	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:266... 2600:9000:266e:5c00:1e:b6b6:9ac0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	18.245.46.32 18.245.46.32	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	13.107.246.60 13.107.246.60	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:806::2016	15169 (GOOGLE) (GOOGLE)
1 2	13.74.129.1 13.74.129.1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.152.143.207 52.152.143.207	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
44	19

13 2606:4700::6812:16d5 (United States)

ASN13335 (CLOUDFLARENET, US)

affiliates.gohighlevel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.46.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-86.fra56.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:266e:5c00:1e:b6b6:9ac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.firstpromoter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.46.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-32.fra56.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.246.60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.74.129.1 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.152.143.207 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

o.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	gohighlevel.com affiliates.gohighlevel.com	298 KB
5	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1114 c.clarity.ms — Cisco Umbrella Rank: 1838 o.clarity.ms — Cisco Umbrella Rank: 12757	28 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104 region1.google-analytics.com — Cisco Umbrella Rank: 3123	21 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 534 c.bing.com — Cisco Umbrella Rank: 341	17 KB
4	gstatic.com fonts.gstatic.com	75 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	398 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	75 KB
2	stripe.com js.stripe.com — Cisco Umbrella Rank: 2856	155 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 117	5 KB
1	firstpromoter.com cdn.firstpromoter.com — Cisco Umbrella Rank: 65150	2 KB
1	youtube.com www.youtube.com — Cisco Umbrella Rank: 84
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1223	7 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	1 KB
44	14

	Domain	Requested by
13	affiliates.gohighlevel.com	affiliates.gohighlevel.com static.cloudflareinsights.com
4	fonts.gstatic.com	fonts.googleapis.com
4	www.googletagmanager.com	affiliates.gohighlevel.com www.googletagmanager.com www.google-analytics.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com affiliates.gohighlevel.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	c.clarity.ms	1 redirects
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	www.facebook.com	affiliates.gohighlevel.com
2	region1.google-analytics.com	www.googletagmanager.com
2	connect.facebook.net	affiliates.gohighlevel.com connect.facebook.net
2	js.stripe.com	affiliates.gohighlevel.com js.stripe.com
1	o.clarity.ms	www.clarity.ms
1	c.bing.com	1 redirects
1	i.ytimg.com	affiliates.gohighlevel.com
1	cdn.firstpromoter.com	affiliates.gohighlevel.com
1	www.youtube.com	affiliates.gohighlevel.com
1	static.cloudflareinsights.com	affiliates.gohighlevel.com
1	fonts.googleapis.com	affiliates.gohighlevel.com
44	18

This site contains no links.

Subject Issuer	Validity	Valid
affiliates.gohighlevel.com WE1	`2024-07-09` - `2024-10-07`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-07-23` - `2024-10-24`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-07-06` - `2024-10-04`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.firstpromoter.com Amazon RSA 2048 M03	`2023-11-21` - `2024-12-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-14` - `2024-08-12`	3 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
edgestatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://affiliates.gohighlevel.com/
Frame ID: 180D9AA70BC11BEFA187CC845143E082
Requests: 45 HTTP requests in this frame

Frame: https://www.youtube.com/embed/w5Rvbbx3Mao?autoplay=1&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Frame ID: 74B1B6D08353B691001E3D55851CF03F
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 3D56F8DBF9650530024F49A63FE73218
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HighLevel - Affiliate link

Page URL History Show full URLs

http://affiliates.gohighlevel.com/ HTTP 307
https://affiliates.gohighlevel.com/ Page URL

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

44
Requests

98 %
HTTPS

72 %
IPv6

14
Domains

18
Subdomains

19
IPs

3
Countries

1086 kB
Transfer

3181 kB
Size

24
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://affiliates.gohighlevel.com/ HTTP 307
https://affiliates.gohighlevel.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=EC0417FA11944BABA38D76D7674A033A&RedC=c.clarity.ms&MXFR=21F2B7CEC0586D053E85A31FC45863AA HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=EC0417FA11944BABA38D76D7674A033A&MUID=16CD8001E81B6BEA111594D0E91B6A68

44 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
affiliates.gohighlevel.com/
Redirect Chain

http://affiliates.gohighlevel.com/
https://affiliates.gohighlevel.com/

124 KB
24 KB

236ms
212ms

Document
text/html

2606:4700::6812:16d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliates.gohighlevel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1573c274939f605badaf4619e86e485d05710e1453376336e241205d4a5855aa

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8ae21a85aaef1c7f-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 04 Aug 2024 22:49:57 GMT
server: cloudflare
vary: Accept-Encoding
x-cloud-trace-context: e33320d0d7dbb338ad91b86c991a094d
x-powered-by: Express

Redirect headers

Location: https://affiliates.gohighlevel.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 / Show response
js.stripe.com/v3/ 634 KB
155 KB 37ms
8ms Script
text/javascript 18.245.46.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: affiliates.gohighlevel.com
URL: https://affiliates.gohighlevel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-86.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e941e7c2c88f18a1a36d0cb58e9196e42cdc3e93d9f798a430cbf65cbb53d6f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://affiliates.gohighlevel.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 22:49:11 GMT
content-encoding: br
via: 1.1 f9b794511293751fa3df3ec945ab397e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 47
x-amz-cf-pop: FRA56-P9
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 02 Aug 2024 21:58:41 GMT
server: Cloudfront
etag: W/"377b7b7410510b02a0911f1ca8793557"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: 8cFhRmb9gEBEEXUdOkG-1dpLJUPf-_jdJeSGMmkfgsEFcJ6sRbA6hg==

GET
H2 200 448713b.js Show response
affiliates.gohighlevel.com/_nuxt/ 2 KB
1 KB 200ms
199ms Script
text/javascript 2606:4700::6812:16d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliates.gohighlevel.com/_nuxt/448713b.js
Requested by: Host: affiliates.gohighlevel.com
URL: https://affiliates.gohighlevel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 446ec5b4a0287354841b1caeae88c852da6bfdcd1c8e632d898f25df94413dce

Request headers

Referer: https://affiliates.gohighlevel.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 22:49:57 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
etag: "uq6s_A"
vary: Accept-Encoding
content-type: text/javascript
x-cloud-trace-context: 815d5c3a76435d6d553445ec2f091c8b
cache-control: public, max-age=7200
cf-ray: 8ae21a871c661c7f-FRA
expires: Mon, 05 Aug 2024 00:49:57 GMT

GET
H2 200 415d68f.js Show response
affiliates.gohighlevel.com/_nuxt/ 237 KB
94 KB 223ms
222ms Script
text/javascript 2606:4700::6812:16d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliates.gohighlevel.com/_nuxt/415d68f.js
Requested by: Host: affiliates.gohighlevel.com
URL: https://affiliates.gohighlevel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ad82296107760df9f786a7359ac806853d5d113aa6d6c790629923b84bdcf07

Request headers

Referer: https://affiliates.gohighlevel.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 22:49:57 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
etag: "uq6s_A"
vary: Accept-Encoding
content-type: text/javascript
x-cloud-trace-context: 92238b24c6997d5f8b80b66e2a5943c1
cache-control: public, max-age=7200
cf-ray: 8ae21a871c691c7f-FRA
expires: Mon, 05 Aug 2024 00:49:57 GMT

GET
H2 200 ab47ba1.js Show response
affiliates.gohighlevel.com/_nuxt/ 138 KB
43 KB 162ms
161ms Script
text/javascript 2606:4700::6812:16d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliates.gohighlevel.com/_nuxt/ab47ba1.js
Requested by: Host: affiliates.gohighlevel.com
URL: https://affiliates.gohighlevel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 497ee27c6f60377464d8322e0340da31ff5cf1c41907e62c23359eb3406bb11f

Request headers

Referer: https://affiliates.gohighlevel.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 22:49:57 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
etag: "uq6s_A"
vary: Accept-Encoding
content-type: text/javascript
x-cloud-trace-context: 71c480fdd86c3110f1564418ee55edfa
cache-control: public, max-age=7200
cf-ray: 8ae21a871c6c1c7f-FRA
expires: Mon, 05 Aug 2024 00:49:57 GMT

GET
H2 200 05465a6.js Show response
affiliates.gohighlevel.com/_nuxt/ 171 KB
46 KB 171ms
170ms Script
text/javascript 2606:4700::6812:16d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliates.gohighlevel.com/_nuxt/05465a6.js
Requested by: Host: affiliates.gohighlevel.com
URL: https://affiliates.gohighlevel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c54966f3b2f23c13c4ebc544804f5314a18e206501b3c0c82e0b1f7d34fb532

Request headers

Referer: https://affiliates.gohighlevel.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 22:49:57 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
etag: "uq6s_A"
vary: Accept-Encoding
content-type: text/javascript
x-cloud-trace-context: 71c480fdd86c3110f1564418ee55edfa
cache-control: public, max-age=7200
cf-ray: 8ae21a871c6d1c7f-FRA
expires: Mon, 05 Aug 2024 00:49:57 GMT

GET
H2 200 2cf981f.js Show response
affiliates.gohighlevel.com/_nuxt/ 12 KB
4 KB 191ms
190ms Script
text/javascript 2606:4700::6812:16d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliates.gohighlevel.com/_nuxt/2cf981f.js
Requested by: Host: affiliates.gohighlevel.com
URL: https://affiliates.gohighlevel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8c4dde1b82b1849a248f22f01def9a2ed14185aa3669b47f8295e2f0d90675e

Request headers

Referer: https://affiliates.gohighlevel.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 22:49:57 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
etag: "uq6s_A"
vary: Accept-Encoding
content-type: text/javascript
x-cloud-trace-context: 815d5c3a76435d6d553445ec2f091c8b
cache-control: public, max-age=7200
cf-ray: 8ae21a871c6e1c7f-FRA
expires: Mon, 05 Aug 2024 00:49:57 GMT

GET
H2 200 css
fonts.googleapis.com/ 17 KB
1 KB 42ms
16ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i

Requested by

Host: affiliates.gohighlevel.com
URL: https://affiliates.gohighlevel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f4602b083181bf931b5ab428a4fe12536309c50de41755ec18d12a39d8f09c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://affiliates.gohighlevel.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 04 Aug 2024 22:49:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 04 Aug 2024 20:58:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Aug 2024 22:49:57 GMT

GET
H2 200 HighLevel-logo-dark.259e401.png
affiliates.gohighlevel.com/_nuxt/img/ 10 KB
10 KB 180ms
179ms Image
image/png 2606:4700::6812:16d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://affiliates.gohighlevel.com/_nuxt/img/HighLevel-logo-dark.259e401.png
Requested by: Host: affiliates.gohighlevel.com
URL: https://affiliates.gohighlevel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17fbe55d2eac74967c38dd9f9ab9db2147496831434ffa01b00c641292bb97a8

Request headers

Referer: https://affiliates.gohighlevel.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 22:49:57 GMT
cf-cache-status: REVALIDATED
server: cloudflare
etag: "uq6s_A"
vary: Accept-Encoding
content-type: image/png
x-cloud-trace-context: 71c480fdd86c3110f1564418ee55edfa
cache-control: public, max-age=7200
cf-ray: 8ae21a872c771c7f-FRA
expires: Mon, 05 Aug 2024 00:49:57 GMT

GET
H2 200 laptop.d807f67.png
affiliates.gohighlevel.com/_nuxt/img/ 59 KB
59 KB 212ms
212ms Image
image/png 2606:4700::6812:16d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://affiliates.gohighlevel.com/_nuxt/img/laptop.d807f67.png
Requested by: Host: affiliates.gohighlevel.com
URL: https://affiliates.gohighlevel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ff7684bf2a6f46bab27749b8cac51607ad3285c5b8856ebcfc8da8fc4142fa9

Request headers

Referer: https://affiliates.gohighlevel.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 22:49:57 GMT
cf-cache-status: REVALIDATED
server: cloudflare
etag: "uq6s_A"
vary: Accept-Encoding
content-type: image/png
x-cloud-trace-context: 815d5c3a76435d6d553445ec2f091c8b
cache-control: public, max-age=7200
cf-ray: 8ae21a872c7a1c7f-FRA
expires: Mon, 05 Aug 2024 00:49:57 GMT

GET
H2 200 HighLevel-logo-white.776133b.png
affiliates.gohighlevel.com/_nuxt/img/ 10 KB
10 KB 185ms
184ms Image
image/png 2606:4700::6812:16d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://affiliates.gohighlevel.com/_nuxt/img/HighLevel-logo-white.776133b.png
Requested by: Host: affiliates.gohighlevel.com
URL: https://affiliates.gohighlevel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ed306ef606e05f3cb4761fdea007e14d80d8343a0d025ab92118fb13dbf760d

Request headers

Referer: https://affiliates.gohighlevel.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 22:49:57 GMT
cf-cache-status: REVALIDATED
server: cloudflare
etag: "uq6s_A"
vary: Accept-Encoding
content-type: image/png
x-cloud-trace-context: e6077b86000f74d3c073f6d6e2bca76b
cache-control: public, max-age=7200
cf-ray: 8ae21a87acda1c7f-FRA
expires: Mon, 05 Aug 2024 00:49:57 GMT

GET
H2 200 email-decode.min.js Show response
affiliates.gohighlevel.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
847 B 12ms
11ms Script
application/javascript 2606:4700::6812:16d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://affiliates.gohighlevel.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: affiliates.gohighlevel.com
URL: https://affiliates.gohighlevel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:16d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://affiliates.gohighlevel.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 22:49:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 30 Jul 2024 21:56:14 GMT
server: cloudflare
etag: W/"66a9617e-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8ae21a87acdd1c7f-FRA
expires: Tue, 06 Aug 2024 22:49:57 GMT

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 68ms
47ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: affiliates.gohighlevel.com
URL: https://affiliates.gohighlevel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer: https://affiliates.gohighlevel.com/
Origin: https://affiliates.gohighlevel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 22:49:57 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8ae21a87c935a034-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 354 KB
115 KB 46ms
26ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WW8CJ4V

Requested by

Host: affiliates.gohighlevel.com
URL: https://affiliates.gohighlevel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b1275a15e24eb4d9365bd04ffa2921bf9a12d62fdcc15e6ac965450bdcd80a18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://affiliates.gohighlevel.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 22:49:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117268
x-xss-protection: 0
last-modified: Sun, 04 Aug 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 04 Aug 2024 22:49:57 GMT

GET
H2 200 w5Rvbbx3Mao
www.youtube.com/embed/ Frame 74B1 0
0 90ms
65ms Document
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/w5Rvbbx3Mao?autoplay=1&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Requested by

Host: affiliates.gohighlevel.com
URL: https://affiliates.gohighlevel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://affiliates.gohighlevel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Aug 2024 22:49:57 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 460 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5853227c3b313cf65c5b5f834345e4ffb8c6b181cf9e5317fc24da04f483919e

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 404 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13d1a4b5d61053564df4b9c320d790dd611f834e33890645fabf1313887bc1f2

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 33ms
12ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://affiliates.gohighlevel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 20:52:13 GMT
x-content-type-options: nosniff
age: 266264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18588
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Aug 2025 20:52:13 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 36ms
15ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://affiliates.gohighlevel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 20:51:11 GMT
x-content-type-options: nosniff
age: 266326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18596
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Aug 2025 20:51:11 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 32ms
11ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://affiliates.gohighlevel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 20:49:41 GMT
x-content-type-options: nosniff
age: 266416
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18536
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Aug 2025 20:49:41 GMT

GET
DATA 200
OK truncated
/ 732 B
732 B Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1cf74f81fb5eabaaf807b344f76e9e4d0a26c254f1c654bff38ecc92f13585e

Request headers

Referer
Origin: https://affiliates.gohighlevel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: font/woff2

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v32/ 20 KB
20 KB 26ms
6ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6760631fecfe59ed152aeb2c51fdcb515ac00cd4755449016b5b34813735d00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://affiliates.gohighlevel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 20:57:35 GMT
x-content-type-options: nosniff
age: 265942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20144
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Aug 2025 20:57:35 GMT

GET
H2 200 fprom.js Show response
cdn.firstpromoter.com/ 5 KB
2 KB 58ms
7ms Script
application/javascript 2600:9000:266e:5c00:1e:b6b6:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstpromoter.com/fprom.js
Requested by: Host: affiliates.gohighlevel.com
URL: https://affiliates.gohighlevel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:5c00:1e:b6b6:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1c9c5272136c7ebb6df65a9f5f7e30afe147971ec8d417412e7e5cbc3c51b77c

Request headers

Referer: https://affiliates.gohighlevel.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 21:22:56 GMT
content-encoding: gzip
via: 1.1 851fdca2e1873274a995295ecd94732e.cloudfront.net (CloudFront)
last-modified: Sun, 16 May 2021 12:18:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P8
age: 5225
etag: W/"4050b7f2106d3693d62497155108e557"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=7200
x-amz-cf-id: tNJ5vxjdZ9ZT14HJsknFYCN77jmX0ESxk2eyyC-_ynHShy3L4aBAfw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
60 KB 23ms
9ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: affiliates.gohighlevel.com
URL: https://affiliates.gohighlevel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://affiliates.gohighlevel.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 04 Aug 2024 22:49:57 GMT
document-policy: force-load-at-top
x-fb-server-load: 19
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58865
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1328, tbw=2784, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: 95lfCQzz/X+lf8Ox9GuqI7ZvwcmHJT3Yl+AcJF/Ow/8M19W511WmP0yuPNmw70pT+AWBLisKFjvQDdj2zPSp8A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 299 KB
101 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HSZW8WNR22&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WW8CJ4V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ffcd84fda44e78250d7658159a152faa16dfa75f47f9873f36ccf2cebb98464e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://affiliates.gohighlevel.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 22:49:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103044
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 04 Aug 2024 22:49:57 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 36ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WW8CJ4V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://affiliates.gohighlevel.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 04 Aug 2024 21:15:05 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5692
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 04 Aug 2024 23:15:05 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 269 KB
92 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-813895096&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WW8CJ4V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d0bd50f053b85a7df372c94aa76b805c734b24bd4a9d159a82dae23717ac9ac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://affiliates.gohighlevel.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 22:49:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94487
x-xss-protection: 0
last-modified: Sun, 04 Aug 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 04 Aug 2024 22:49:57 GMT

GET
H2 200 598563093923086 Show response
connect.facebook.net/signals/config/ 73 KB
15 KB 95ms
94ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/598563093923086?v=2.9.164&r=stable&domain=affiliates.gohighlevel.com&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

40716fe3e9847e3029f89d6df5fad45b47aae67cbac5e8c44d0d8b26f6dc7ed2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://affiliates.gohighlevel.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 04 Aug 2024 22:49:57 GMT
document-policy: force-load-at-top
x-fb-server-load: 18
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=10, rtx=0, c=64, mss=1328, tbw=64422, tp=-1, tpl=-1, uplat=87, ullat=0
pragma: public
x-fb-debug: lnSguIiC+WYmdh0Hjee+H/nIz1pNWxzrX9b8TSZhizVvMVYsKXa8o3QmevXJ1orG0/7Ksu/kJQg4eXahvp/rIQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
14 KB 99ms
32ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WW8CJ4V

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://affiliates.gohighlevel.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 04 Aug 2024 22:49:57 GMT
last-modified: Sat, 13 Jul 2024 20:42:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F8AB50FD0F894E1FA0046DA3D3ECD406 Ref B: FRAEDGE1808 Ref C: 2024-08-04T22:49:57Z
etag: "044982565d5da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14183

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
215 B 14ms
14ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=576525316&t=pageview&_s=1&dl=https%3A%2F%2Faffiliates.gohighlevel.com%2F&ul=de-de&de=UTF-8&dt=HighLevel%20-%20Affiliate%20link&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=98420794&gjid=1504902652&cid=413594914.1722811798&tid=UA-115177999-1&_gid=954951740.1722811798&_r=1&_slc=1&gtm=45He47v0n81WW8CJ4Vv810868787za200&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=95250753&npa=1&z=743643558

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://affiliates.gohighlevel.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 22:49:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://affiliates.gohighlevel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 41ms
15ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HSZW8WNR22&gtm=45je47v0v886251662z8810868787za200zb810868787&_p=1722811797698&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&cid=413594914.1722811798&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1722811797&sct=1&seg=0&dl=https%3A%2F%2Faffiliates.gohighlevel.com%2F&dt=HighLevel%20-%20Affiliate%20link&en=page_view&_fv=1&_ss=1&tfd=540
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HSZW8WNR22&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://affiliates.gohighlevel.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 22:49:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://affiliates.gohighlevel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 690137b.js Show response
affiliates.gohighlevel.com/_nuxt/ 5 KB
2 KB 201ms
201ms Script
text/javascript 2606:4700::6812:16d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliates.gohighlevel.com/_nuxt/690137b.js
Requested by: Host: affiliates.gohighlevel.com
URL: https://affiliates.gohighlevel.com/_nuxt/448713b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e57c34e5e0352c94790fc0f876ec37020851ca3cc0bfab79ea126bfff63ddcb

Request headers

Referer: https://affiliates.gohighlevel.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 22:49:58 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
etag: "uq6s_A"
vary: Accept-Encoding
content-type: text/javascript
x-cloud-trace-context: eec5c903b55efcf3be03307360bd16e8
cache-control: public, max-age=7200
cf-ray: 8ae21a88eda81c7f-FRA
expires: Mon, 05 Aug 2024 00:49:58 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 15 B
35 B 14ms
14ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=576525316&t=pageview&_s=1&dl=https%3A%2F%2Faffiliates.gohighlevel.com%2F&dp=affiliate-frontend&ul=de-de&de=UTF-8&dt=HighLevel%20-%20Affiliate%20link&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAACAAI~&jid=1824546895&gjid=824887329&cid=413594914.1722811798&tid=UA-115177999-2&_gid=954951740.1722811798&_r=1&_slc=1&z=1828430430

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5440e6b7020d83291d0316775b88cfc908b1ae8076d5ad54b3036acd0ca4b795

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://affiliates.gohighlevel.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 22:49:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://affiliates.gohighlevel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 3D56 0
0 19ms
7ms Document
text/html 18.245.46.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-32.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://affiliates.gohighlevel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1285
alt-svc: h3=":443"; ma=86400
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 04 Aug 2024 22:28:33 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Mon, 29 Jul 2024 20:02:37 GMT
origin-agent-cluster: ?1
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 b83db9a9904a8f97beb31f810804b6e4.cloudfront.net (CloudFront)
x-amz-cf-id: SaEnPglmg_zb9rjLMtXozv8I140J_BJTtSYHnLUfi6Rk4R8RBnKMAA==
x-amz-cf-pop: FRA56-P9
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 253 KB
90 KB 42ms
42ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MX6Z1X7L8K&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

76cd5ce6ad269000ca5678775b63be1a97248bd0c0abfe4247b74a58f5da74bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://affiliates.gohighlevel.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 22:49:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91797
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 04 Aug 2024 22:49:57 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 44ms
11ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=598563093923086&ev=PageView&dl=https%3A%2F%2Faffiliates.gohighlevel.com%2F&rl=&if=false&ts=1722811797975&sw=1600&sh=1200&v=2.9.164&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1722811797973.107308093629539113&cs_est=true&ler=empty&cdl=API_unavailable&it=1722811797809&coo=false&tm=1&rqm=GET

Requested by

Host: affiliates.gohighlevel.com
URL: https://affiliates.gohighlevel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://affiliates.gohighlevel.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2810, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 04 Aug 2024 22:49:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 203ms
170ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=598563093923086&ev=PageView&dl=https%3A%2F%2Faffiliates.gohighlevel.com%2F&rl=&if=false&ts=1722811797975&sw=1600&sh=1200&v=2.9.164&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1722811797973.107308093629539113&cs_est=true&ler=empty&cdl=API_unavailable&it=1722811797809&coo=false&tm=1&rqm=FGET

Requested by

Host: affiliates.gohighlevel.com
URL: https://affiliates.gohighlevel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://affiliates.gohighlevel.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x5a738998f29fe2ef","source_keys":["1","2"]}],"aggregatable_values":{"1":10922,"2":0},"filters":{"2":["24:6721816404547390","24:6192322427469867","7830:6721816404547390","7830:6192322427469867","10853:6721816404547390","10853:6192322427469867","41:6721816404547390","41:6192322427469867","8046:6721816404547390","8046:6192322427469867"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sun, 04 Aug 2024 22:49:58 GMT
x-fb-server-load: 25
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7399420331014071810", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=3127, tp=-1, tpl=-1, uplat=163, ullat=0
pragma: no-cache
x-fb-debug: /Tbh2/3FFnuRD+5Q3La/lmkq9SjQeSAVFr8RgGGKdPxAVBFdjwppX1UmCgreoDvzVTMy94YkMui/mkytj++nAA==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7399420331014071810"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 355016951.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 35ms
35ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/355016951.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

710f14ea997bd4a16a919e0fa0d2e72e3907ae71014cc6344ff899c0cbe797ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://affiliates.gohighlevel.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Sun, 04 Aug 2024 22:49:57 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 53D7CF1A400341E19F88764F9FA64441 Ref B: FRAEDGE1808 Ref C: 2024-08-04T22:49:57Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 200 355016951 Show response
www.clarity.ms/tag/uet/ 980 B
1 KB 782ms
181ms Script
application/x-javascript 13.107.246.60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/355016951
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/355016951.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6c55051d23221133fb547d8817ce8b5f39f08a36441739525b6aa3ef79cab6bb

Request headers

Referer: https://affiliates.gohighlevel.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
date: Sun, 04 Aug 2024 22:49:58 GMT
x-azure-ref: 20240804T224958Z-17c6d98bfb4k5ll7u74c1tdh4400000002bg00000000fd90
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 980
expires: -1

GET
H2 204 0
bat.bing.com/action/ 0
177 B 32ms
31ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=355016951&tm=gtm002&Ver=2&mid=e43e7abd-e8e9-4ef9-bebb-7d37278e67e4&gtm_tag_source=1&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=HighLevel%20-%20Affiliate%20link&p=https%3A%2F%2Faffiliates.gohighlevel.com%2F&r=&lt=582&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=486399

Requested by

Host: affiliates.gohighlevel.com
URL: https://affiliates.gohighlevel.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://affiliates.gohighlevel.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 04 Aug 2024 22:49:57 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 170F12BCC45B4950B1D1D3937F6E97E2 Ref B: FRAEDGE1808 Ref C: 2024-08-04T22:49:58Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 14ms
13ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MX6Z1X7L8K&gtm=45je47v0v9122605147za200&_p=1722811797698&gcd=13l3l3l2l2&npa=0&dma_cps=syphamo&dma=1&tag_exp=95250752&ul=de-de&sr=1600x1200&cid=413594914.1722811798&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Faffiliates.gohighlevel.com%2F&dp=affiliate-frontend&dt=HighLevel%20-%20Affiliate%20link&sid=1722811798&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=700
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MX6Z1X7L8K&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://affiliates.gohighlevel.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 22:49:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://affiliates.gohighlevel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mqdefault.webp
i.ytimg.com/vi_webp/w5Rvbbx3Mao/ 5 KB
5 KB 42ms
15ms Other
image/webp 2a00:1450:4001:806::2016
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://i.ytimg.com/vi_webp/w5Rvbbx3Mao/mqdefault.webp

Requested by

Host: affiliates.gohighlevel.com
URL: https://affiliates.gohighlevel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c1f9d5db38c6abfe86fb284c94babf5df299d821689c8338ba98fb6f3df6a98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://affiliates.gohighlevel.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 22:49:58 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5072
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 05 Aug 2024 00:49:58 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.41/ 62 KB
26 KB 82ms
81ms Script
application/javascript 13.107.246.60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.41/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/355016951
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69

Request headers

Referer: https://affiliates.gohighlevel.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 22:49:58 GMT
content-encoding: br
last-modified: Thu, 01 Aug 2024 19:54:07 GMT
etag: W/"0x8DCB263B4239D88"
vary: Accept-Encoding
x-azure-ref: 20240804T224958Z-17c6d98bfb4k5ll7u74c1tdh4400000002bg00000000fd97
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 5adb8338-101e-0065-59b7-e4809f000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=EC0417FA11944BABA38D76D7674A033A&RedC=c.clarity.ms&MXFR=21F2B7CEC0586D053E85A31FC45863AA
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=EC0417FA11944BABA38D76D7674A033A&MUID=16CD8001E81B6BEA111594D0E91B6A68

42 B
442 B

88ms
88ms

Image
image/gif

13.74.129.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=EC0417FA11944BABA38D76D7674A033A&MUID=16CD8001E81B6BEA111594D0E91B6A68
Protocol: H2
Server: 13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://affiliates.gohighlevel.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 22:49:58 GMT
last-modified: Thu, 01 Aug 2024 17:45:27 GMT
server: Microsoft-IIS/10.0
etag: "43fd8f983ae4da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 04 Aug 2024 22:49:58 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 128409FA8CE64BDFA0E1E841736179CB Ref B: FRAEDGE1808 Ref C: 2024-08-04T22:49:59Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=EC0417FA11944BABA38D76D7674A033A&MUID=16CD8001E81B6BEA111594D0E91B6A68
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H2 204 rum Show response
affiliates.gohighlevel.com/cdn-cgi/ 0
172 B 15ms
13ms XHR
text/plain 2606:4700::6812:16d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://affiliates.gohighlevel.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:16d5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://affiliates.gohighlevel.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Sun, 04 Aug 2024 22:49:59 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://affiliates.gohighlevel.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8ae21a8fcbd61c7f-FRA

GET
H2 200 favicon.ico
affiliates.gohighlevel.com/favicon/ 15 KB
3 KB 248ms
248ms Other
image/vnd.microsoft.icon 2606:4700::6812:16d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliates.gohighlevel.com/favicon/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77874bb2bb4bb3542e061fbeee2016b76cfbd02ef404c568cb048a21e7879ff8

Request headers

Referer: https://affiliates.gohighlevel.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 22:49:59 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
etag: "uq6s_A"
vary: Accept-Encoding
content-type: image/vnd.microsoft.icon
x-cloud-trace-context: 34b106812896e060e6a6b2761c7026a6
cache-control: public, max-age=7200
cf-ray: 8ae21a8fcbdc1c7f-FRA
expires: Mon, 05 Aug 2024 00:49:59 GMT

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
290 B 449ms
198ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.41/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://affiliates.gohighlevel.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://affiliates.gohighlevel.com
Date: Sun, 04 Aug 2024 22:49:59 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: ekwdUuVUOew
.youtube.com/	1970-01-21 02:52:43	Name: VISITOR_INFO1_LIVE Value: BTPm92Lpoio
.youtube.com/	1970-01-21 02:52:43	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgIg%3D%3D
.gohighlevel.com/	1970-01-21 00:43:07	Name: _gcl_au Value: 1.1.897765633.1722811798
.gohighlevel.com/	1970-01-20 22:34:58	Name: _gid Value: GA1.2.954951740.1722811798
.gohighlevel.com/	1970-01-20 22:33:31	Name: _gat_UA-115177999-1 Value: 1
.gohighlevel.com/	1970-01-21 08:09:31	Name: _ga Value: GA1.2.413594914.1722811798
.gohighlevel.com/	1970-01-20 22:33:31	Name: _gat Value: 1
.gohighlevel.com/	1970-01-21 08:09:31	Name: _ga_HSZW8WNR22 Value: GS1.1.1722811797.1.0.1722811797.0.0.0
.gohighlevel.com/	1970-01-21 00:43:07	Name: _fbp Value: fb.1.1722811797973.107308093629539113
.gohighlevel.com/	1970-01-21 08:09:31	Name: _ga_MX6Z1X7L8K Value: GS1.2.1722811798.1.0.1722811798.0.0.0
m.stripe.com/	1970-01-21 08:09:31	Name: m Value: 3c9c97c0-f61d-438b-a73a-b5bfda3d3154fdb104
.affiliates.gohighlevel.com/	1970-01-21 07:19:07	Name: __stripe_mid Value: 4d8013ad-ca21-475a-adca-0430c02e68c4d9407f
.affiliates.gohighlevel.com/	1970-01-20 22:33:33	Name: __stripe_sid Value: 786d92a4-d33f-4d1f-9a76-1ae77b05a9e84e4b14
www.clarity.ms/	1970-01-21 07:19:07	Name: CLID Value: 43029e82a1c94b098bf9a48cc292e60e.20240804.20250804
.gohighlevel.com/	1970-01-21 07:19:07	Name: _clck Value: 10kiqdx%7C2%7Cfo1%7C0%7C1677
.bing.com/	1970-01-21 07:55:07	Name: MUID Value: 16CD8001E81B6BEA111594D0E91B6A68
.c.bing.com/	1970-01-20 22:43:36	Name: MR Value: 0
.c.bing.com/	1970-01-21 07:55:07	Name: SRM_B Value: 16CD8001E81B6BEA111594D0E91B6A68
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 07:55:07	Name: MUID Value: 16CD8001E81B6BEA111594D0E91B6A68
.c.clarity.ms/	1970-01-20 22:43:36	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 22:33:32	Name: ANONCHK Value: 0
.gohighlevel.com/	1970-01-20 22:34:58	Name: _clsk Value: 1164hgz%7C1722811799545%7C1%7C1%7Co.clarity.ms%2Fcollect

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://affiliates.gohighlevel.com/ Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

affiliates.gohighlevel.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.firstpromoter.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
i.ytimg.com
js.stripe.com
o.clarity.ms
region1.google-analytics.com
static.cloudflareinsights.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.youtube.com
13.107.246.60
13.74.129.1
18.245.46.32
18.245.46.86
2001:4860:4802:34::36
2600:9000:266e:5c00:1e:b6b6:9ac0:93a1
2606:4700::6810:5049
2606:4700::6812:16d5
2620:1ec:c11::237
2a00:1450:4001:806::2016
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2003
2a00:1450:4001:82f::2008
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
52.152.143.207
13d1a4b5d61053564df4b9c320d790dd611f834e33890645fabf1313887bc1f2
1573c274939f605badaf4619e86e485d05710e1453376336e241205d4a5855aa
17fbe55d2eac74967c38dd9f9ab9db2147496831434ffa01b00c641292bb97a8
1c9c5272136c7ebb6df65a9f5f7e30afe147971ec8d417412e7e5cbc3c51b77c
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
40716fe3e9847e3029f89d6df5fad45b47aae67cbac5e8c44d0d8b26f6dc7ed2
446ec5b4a0287354841b1caeae88c852da6bfdcd1c8e632d898f25df94413dce
497ee27c6f60377464d8322e0340da31ff5cf1c41907e62c23359eb3406bb11f
4c1f9d5db38c6abfe86fb284c94babf5df299d821689c8338ba98fb6f3df6a98
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
5440e6b7020d83291d0316775b88cfc908b1ae8076d5ad54b3036acd0ca4b795
5853227c3b313cf65c5b5f834345e4ffb8c6b181cf9e5317fc24da04f483919e
5ad82296107760df9f786a7359ac806853d5d113aa6d6c790629923b84bdcf07
5ff7684bf2a6f46bab27749b8cac51607ad3285c5b8856ebcfc8da8fc4142fa9
63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69
6c55051d23221133fb547d8817ce8b5f39f08a36441739525b6aa3ef79cab6bb
6e57c34e5e0352c94790fc0f876ec37020851ca3cc0bfab79ea126bfff63ddcb
6ed306ef606e05f3cb4761fdea007e14d80d8343a0d025ab92118fb13dbf760d
710f14ea997bd4a16a919e0fa0d2e72e3907ae71014cc6344ff899c0cbe797ab
76cd5ce6ad269000ca5678775b63be1a97248bd0c0abfe4247b74a58f5da74bd
77874bb2bb4bb3542e061fbeee2016b76cfbd02ef404c568cb048a21e7879ff8
7c54966f3b2f23c13c4ebc544804f5314a18e206501b3c0c82e0b1f7d34fb532
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a6760631fecfe59ed152aeb2c51fdcb515ac00cd4755449016b5b34813735d00
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
b1275a15e24eb4d9365bd04ffa2921bf9a12d62fdcc15e6ac965450bdcd80a18
c8c4dde1b82b1849a248f22f01def9a2ed14185aa3669b47f8295e2f0d90675e
d0bd50f053b85a7df372c94aa76b805c734b24bd4a9d159a82dae23717ac9ac7
d1cf74f81fb5eabaaf807b344f76e9e4d0a26c254f1c654bff38ecc92f13585e
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e941e7c2c88f18a1a36d0cb58e9196e42cdc3e93d9f798a430cbf65cbb53d6f2
f4602b083181bf931b5ab428a4fe12536309c50de41755ec18d12a39d8f09c52
ffcd84fda44e78250d7658159a152faa16dfa75f47f9873f36ccf2cebb98464e

affiliates.gohighlevel.com Open in urlscan Pro 2606:4700::6812:16d5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

98 %HTTPS

72 %IPv6

14 Domains

18 Subdomains

19 IPs

3 Countries

1086 kBTransfer

3181 kBSize

24 Cookies

0 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

affiliates.gohighlevel.com Open in urlscan Pro
2606:4700::6812:16d5 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

98 %
HTTPS

72 %
IPv6

14
Domains

18
Subdomains

19
IPs

3
Countries

1086 kB
Transfer

3181 kB
Size

24
Cookies

44 HTTP transactions
3 data transactions