www.petersons.com Open in urlscan Pro
52.87.95.65 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://qa-dantes-auth.petersons.com/
Effective URL:
https://www.petersons.com/
Submission: On November 10 via automatic, source certstream-suspicious (November 10th 2021, 12:35:12 am UTC) — Scanned from DE

Summary HTTP 52 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 8 domains to perform 52 HTTP transactions. The main IP is 52.87.95.65, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.petersons.com.
TLS certificate: Issued by Amazon on August 17th 2021. Valid for: a year.

This is the only time www.petersons.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6810:b8f8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 29	52.87.95.65 52.87.95.65	14618 (AMAZON-AES) (AMAZON-AES)
11	2600:9000:215... 2600:9000:2156:5000:4:d54d:1f40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	143.204.98.93 143.204.98.93	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.45 143.204.98.45	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	143.204.98.123 143.204.98.123	16509 (AMAZON-02) (AMAZON-02)
1	54.78.108.238 54.78.108.238	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.62 143.204.98.62	16509 (AMAZON-02) (AMAZON-02)
1	52.212.239.19 52.212.239.19	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:ae07	13335 (CLOUDFLAR...) (CLOUDFLARENET)
52	13

1 2606:4700::6810:b8f8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

qa-dantes-auth.petersons.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 52.87.95.65 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-95-65.compute-1.amazonaws.com

petersons.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.petersons.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:9000:2156:5000:4:d54d:1f40:93a1 (United States)

ASN16509 (AMAZON-02, US)

dist.petersons.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-93.fra50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-45.fra50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-123.fra50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.108.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-108-238.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-62.fra50.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.239.19 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-239-19.eu-west-1.compute.amazonaws.com

ws1.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:ae07 (United States)

ASN13335 (CLOUDFLARENET, US)

sibforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	petersons.com 2 redirects qa-dantes-auth.petersons.com petersons.com www.petersons.com dist.petersons.com	4 MB
5	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com ws1.hotjar.com	63 KB
3	bing.com bat.bing.com	11 KB
1	sibforms.com sibforms.com	198 KB
1	hotjar.io vc.hotjar.io	256 B
1	google-analytics.com www.google-analytics.com	20 KB
1	googletagmanager.com www.googletagmanager.com
1	cloudflare.com cdnjs.cloudflare.com	2 KB
52	8

	Domain	Requested by
28	www.petersons.com	www.petersons.com
11	dist.petersons.com	www.petersons.com
3	bat.bing.com	www.petersons.com bat.bing.com
1	sibforms.com	www.petersons.com
1	ws1.hotjar.com	script.hotjar.com
1	vc.hotjar.io	script.hotjar.com
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	www.google-analytics.com	www.petersons.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	www.petersons.com
1	www.googletagmanager.com	www.petersons.com
1	cdnjs.cloudflare.com	www.petersons.com
1	petersons.com	1 redirects
1	qa-dantes-auth.petersons.com	1 redirects
52	15

This site contains links to these domains. Also see Links.

Domain
apps.apple.com
play.google.com
twitter.com
www.facebook.com
www.youtube.com
support.petersons.com

Subject Issuer	Validity	Valid
petersons.com Amazon	`2021-08-17` - `2022-09-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.hotjar.io Amazon	`2021-08-17` - `2022-09-15`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.petersons.com/
Frame ID: F220BBB120E877DE719CEA172C007621
Requests: 51 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-d09a446edefba0dcce5d5143e1840e9a.html
Frame ID: 657F865F04F52DA780C5BF525B082521
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Test Prep | College Finder | Scholarship Search

Page URL History Show full URLs

https://qa-dantes-auth.petersons.com/ HTTP 302
https://petersons.com/ HTTP 301
https://www.petersons.com/ Page URL

Page Statistics

52
Requests

100 %
HTTPS

50 %
IPv6

8
Domains

15
Subdomains

13
IPs

3
Countries

4410 kB
Transfer

10722 kB
Size

12
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://apps.apple.com/us/app/petersons-test-prep/id1547771930

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.petersons.testprep

Search URL Search Domain Scan URL

URL: https://twitter.com/Petersons

Search URL Search Domain Scan URL

URL: https://www.facebook.com/petersons?ref=bookmarks

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC7nEhBBUJjeArRQUIQc8Dkg

Search URL Search Domain Scan URL

URL: https://support.petersons.com/hc/en-us
Title: Help Center

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://qa-dantes-auth.petersons.com/ HTTP 302
https://petersons.com/ HTTP 301
https://www.petersons.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

52 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.petersons.com/
Redirect Chain

https://qa-dantes-auth.petersons.com/
https://petersons.com/
https://www.petersons.com/

13 KB
5 KB

313ms
312ms

Document
text/html

52.87.95.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.petersons.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.87.95.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-87-95-65.compute-1.amazonaws.com

Software

nginx/1.21.3 / PHP/8.0.12

Resource Hash

32d0d50731dc222b992fa5b36cf4cf6e83db66860c466e676f80a195e19c88af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 10 Nov 2021 00:35:02 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.21.3
x-powered-by: PHP/8.0.12
cache-control: no-cache, private
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip

Redirect headers

server: awselb/2.0
date: Wed, 10 Nov 2021 00:35:01 GMT
content-type: text/html
content-length: 134
location: https://www.petersons.com:443/

GET
H2 200 Roboto-Medium.ttf
dist.petersons.com/fonts/Roboto/ 165 KB
165 KB 57ms
9ms Font
binary/octet-stream 2600:9000:2156:5000:4:d54d:1f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dist.petersons.com/fonts/Roboto/Roboto-Medium.ttf
Requested by: Host: www.petersons.com
URL: https://www.petersons.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5000:4:d54d:1f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4ac8e03606ffa4c37f61a6510a2080f1f37a7054f4726c214887d3b23f72e369

Request headers

Referer: https://www.petersons.com/
Origin: https://www.petersons.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:20:47 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
vary: Origin
age: 76456
x-cache: Hit from cloudfront
content-length: 168644
last-modified: Tue, 20 Jul 2021 12:56:34 GMT
server: AmazonS3
etag: "b2d307df606f23cb14e6483039e2b7fa"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: D39-NFLpXHunhISOF8CVQrqHWvvtdvQ8Lynw5uxJDF0c4IjhIXckwQ==

GET
H2 200 Roboto-Bold.ttf
dist.petersons.com/fonts/Roboto/ 163 KB
164 KB 57ms
10ms Font
binary/octet-stream 2600:9000:2156:5000:4:d54d:1f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dist.petersons.com/fonts/Roboto/Roboto-Bold.ttf
Requested by: Host: www.petersons.com
URL: https://www.petersons.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5000:4:d54d:1f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: baf44ce81636cc927fc27768437e5da853bac699e8aaf832d042f0dfed29b4b4

Request headers

Referer: https://www.petersons.com/
Origin: https://www.petersons.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:20:48 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
vary: Origin
age: 76455
x-cache: Hit from cloudfront
content-length: 167336
last-modified: Tue, 20 Jul 2021 12:56:33 GMT
server: AmazonS3
etag: "9ece5b48963bbc96309220952cda38aa"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: GLLbawb1piZgjylSGGnj-HNOnnYOuN1k7o_Y4FyfcIsKW-KbH8I_Ig==

GET
H2 200 XRXW3I6Li01BKofAnsSUYevI.woff2
dist.petersons.com/fonts/nunito/fonts/ 19 KB
20 KB 57ms
10ms Font
binary/octet-stream 2600:9000:2156:5000:4:d54d:1f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dist.petersons.com/fonts/nunito/fonts/XRXW3I6Li01BKofAnsSUYevI.woff2
Requested by: Host: www.petersons.com
URL: https://www.petersons.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5000:4:d54d:1f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ebe0d0cda485f842adbf592d4d2094643513984876a517a97e7d726df2b7ece

Request headers

Referer: https://www.petersons.com/
Origin: https://www.petersons.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 14:37:10 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
vary: Origin
age: 2195873
x-cache: Hit from cloudfront
content-length: 19700
last-modified: Thu, 19 Dec 2019 00:06:26 GMT
server: AmazonS3
etag: "895205e22ad7d4d866df7102352077cd"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: HWBWSoqVLZZujzk_sNANg4MfQOeGZIC0egv7U-oLcL2BOfKcZFoHCA==

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
dist.petersons.com/fonts/nunito/fonts/ 20 KB
20 KB 58ms
11ms Font
binary/octet-stream 2600:9000:2156:5000:4:d54d:1f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dist.petersons.com/fonts/nunito/fonts/XRXV3I6Li01BKofINeaB.woff2
Requested by: Host: www.petersons.com
URL: https://www.petersons.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5000:4:d54d:1f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1536408aa8d8caad5b9506d222ab47db8e2905e8237349a4b74391628b77a50

Request headers

Referer: https://www.petersons.com/
Origin: https://www.petersons.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 12:34:38 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
vary: Origin
age: 2808025
x-cache: Hit from cloudfront
content-length: 19976
last-modified: Thu, 19 Dec 2019 00:05:44 GMT
server: AmazonS3
etag: "de6068bf97f40206af0b062e262e6213"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: S43kvmkymGB8Hj96GIqtrrCiR9mTy6tjBDDBsZiu6ELsKKpoqlSAIQ==

GET
H2 200 XRXW3I6Li01BKofA6sKUYevI.woff2
dist.petersons.com/fonts/nunito/fonts/ 20 KB
20 KB 64ms
17ms Font
binary/octet-stream 2600:9000:2156:5000:4:d54d:1f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dist.petersons.com/fonts/nunito/fonts/XRXW3I6Li01BKofA6sKUYevI.woff2
Requested by: Host: www.petersons.com
URL: https://www.petersons.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5000:4:d54d:1f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2c4836be5dda1e3ae2c7afa062c782edd7fe8d738aa27ba95360d0db4b2005e8

Request headers

Referer: https://www.petersons.com/
Origin: https://www.petersons.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 14:37:10 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
vary: Origin
age: 2195873
x-cache: Hit from cloudfront
content-length: 20084
last-modified: Thu, 19 Dec 2019 00:05:56 GMT
server: AmazonS3
etag: "b10ecee279e3a8d11d5ec3193b68d8bf"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: Wbpm5v53I2QOfFY-DtzrznACx_qXMlk8P_F-l58piEgqgUDK_XyYBA==

GET
H2 200 XRXW3I6Li01BKofAjsOUYevI.woff2
dist.petersons.com/fonts/nunito/fonts/ 20 KB
20 KB 57ms
10ms Font
binary/octet-stream 2600:9000:2156:5000:4:d54d:1f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dist.petersons.com/fonts/nunito/fonts/XRXW3I6Li01BKofAjsOUYevI.woff2
Requested by: Host: www.petersons.com
URL: https://www.petersons.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5000:4:d54d:1f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 21c7835df52d38758b6c23bdc5a1190fe967de40ad19fdbfc64075a79afe8041

Request headers

Referer: https://www.petersons.com/
Origin: https://www.petersons.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 14:37:10 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
vary: Origin
age: 2195873
x-cache: Hit from cloudfront
content-length: 20128
last-modified: Thu, 19 Dec 2019 00:06:11 GMT
server: AmazonS3
etag: "91ae827aa880d02ea567979add1da58c"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 9zPVY0lb4rp4oFKaJCICAD1cxuSExmnK6zU4KnQSEdy04kfxvzUGBQ==

GET
H2 200 fontello.woff2
dist.petersons.com/fonts/fontello/fonts/ 3 KB
3 KB 58ms
11ms Font
binary/octet-stream 2600:9000:2156:5000:4:d54d:1f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dist.petersons.com/fonts/fontello/fonts/fontello.woff2
Requested by: Host: www.petersons.com
URL: https://www.petersons.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5000:4:d54d:1f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 819a5a9c231bb866dd29c127758be5dd6d0c54e26e83efffe6a118d930174e6f

Request headers

Referer: https://www.petersons.com/
Origin: https://www.petersons.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:06:32 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
vary: Origin
age: 77311
x-cache: Hit from cloudfront
content-length: 3120
last-modified: Thu, 02 Jan 2020 21:45:50 GMT
server: AmazonS3
etag: "7e14cf9a737ad61203789ed8163e072d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: H1kIMWRWB5PKXM8ysR2leMNSydS7_lPyfP3iy0Gx9PxOCHwdBEQlAA==

GET
H2 200 lozad.min.js Show response
cdnjs.cloudflare.com/ajax/libs/lozad.js/1.16.0/ 3 KB
2 KB 35ms
16ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/lozad.js/1.16.0/lozad.min.js

Requested by

Host: www.petersons.com
URL: https://www.petersons.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98e15110586a9877906d7a4ada5a789c0deaa285600027e1f3c7e925fb4b05b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.petersons.com/
Origin: https://www.petersons.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 00:35:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 101819
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1086
timing-allow-origin: *
last-modified: Sun, 06 Sep 2020 11:22:18 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f54c66a-c17"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nlVup2So3%2FWOHIT7oVJ8f9mBKZE%2Bw9Dysfi8sM0AzoXbhfN6UQH3n4hCxB7m34w77U8x9QHebN7Y8c3QmIR4DWmoOmcG252MqOL3WbHSSGpBVSekCH2uOVLg59mNZcdKAACPGn%2Bq76DXYSPXkf%2FcnWvy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6abb32d3ddc14e14-FRA
expires: Mon, 31 Oct 2022 00:35:02 GMT

GET
H2 200 smartbanner.min.js Show response
dist.petersons.com/js/ 13 KB
4 KB 46ms
9ms Script
application/javascript 2600:9000:2156:5000:4:d54d:1f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dist.petersons.com/js/smartbanner.min.js
Requested by: Host: www.petersons.com
URL: https://www.petersons.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5000:4:d54d:1f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 682a17f0b5673976fc1af4c8c54b0941bb4b8f7c46745f56a33f8cc7ada4a2cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:06:37 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 13:38:39 GMT
server: AmazonS3
age: 77306
etag: W/"aa5aa71f62c948ebfc0ebff1675a1c36"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: nc8Z-Cqm92aTlrZHlyqKTu4OX0rwychdVyBYHWcyP8vAVlgb_riHtw==

GET
H2 200 app.js Show response
www.petersons.com/js/ 317 KB
103 KB 262ms
261ms Script
application/javascript 52.87.95.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.petersons.com/js/app.js?id=e94e1405559c33a904e9
Requested by: Host: www.petersons.com
URL: https://www.petersons.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.87.95.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-87-95-65.compute-1.amazonaws.com
Software: nginx/1.21.3 /
Resource Hash: 9ea20a7806a7a629a473588de98bf00fc85ebc9b3e456c564b9f0425cbf7f596

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Wed, 10 Nov 2021 00:35:02 GMT
content-encoding: gzip
last-modified: Mon, 08 Nov 2021 13:08:55 GMT
server: nginx/1.21.3
etag: W/"61892167-4f25d"
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
expires: Fri, 10 Dec 2021 00:35:02 GMT

GET
H2 200 index.js Show response
www.petersons.com/new/ 317 KB
95 KB 262ms
261ms Script
application/javascript 52.87.95.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.petersons.com/new/index.js?id=56c589d3ef7e88e294ec
Requested by: Host: www.petersons.com
URL: https://www.petersons.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.87.95.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-87-95-65.compute-1.amazonaws.com
Software: nginx/1.21.3 /
Resource Hash: a924409969a6307f081757237e7fd0127aa79fec1312c04f924df5c121304ac4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Wed, 10 Nov 2021 00:35:02 GMT
content-encoding: gzip
last-modified: Mon, 08 Nov 2021 13:08:41 GMT
server: nginx/1.21.3
etag: W/"61892159-4f32f"
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
expires: Fri, 10 Dec 2021 00:35:02 GMT

GET
H2 200 header.js Show response
www.petersons.com/new/ 488 KB
122 KB 106ms
106ms Script
application/javascript 52.87.95.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.petersons.com/new/header.js?id=005ea452fcd4cb594b88
Requested by: Host: www.petersons.com
URL: https://www.petersons.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.87.95.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-87-95-65.compute-1.amazonaws.com
Software: nginx/1.21.3 /
Resource Hash: 7c9617f0e01379eb1b4bd734aff92dd38cc1281fb243994d4f173e4b1a9220d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Wed, 10 Nov 2021 00:35:02 GMT
content-encoding: gzip
last-modified: Mon, 08 Nov 2021 13:08:41 GMT
server: nginx/1.21.3
etag: W/"61892159-79f90"
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
expires: Fri, 10 Dec 2021 00:35:02 GMT

GET
H2 200 footer.js Show response
www.petersons.com/new/ 239 KB
55 KB 262ms
261ms Script
application/javascript 52.87.95.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.petersons.com/new/footer.js?id=35c338e303c5c1e055cf
Requested by: Host: www.petersons.com
URL: https://www.petersons.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.87.95.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-87-95-65.compute-1.amazonaws.com
Software: nginx/1.21.3 /
Resource Hash: 232ae4e313785f220ee9979190fd3e8faaf009eaa28a5dc6151f6dacfa250471

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Wed, 10 Nov 2021 00:35:02 GMT
content-encoding: gzip
last-modified: Mon, 08 Nov 2021 13:08:41 GMT
server: nginx/1.21.3
etag: W/"61892159-3bda7"
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
expires: Fri, 10 Dec 2021 00:35:02 GMT

GET
H2 200 nunito.min.css
dist.petersons.com/fonts/nunito/css/ 1 KB
630 B 47ms
10ms Stylesheet
text/css 2600:9000:2156:5000:4:d54d:1f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dist.petersons.com/fonts/nunito/css/nunito.min.css
Requested by: Host: www.petersons.com
URL: https://www.petersons.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5000:4:d54d:1f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e40389f878f50865466a79dcef78a1c001ccb8c24ff07aa8b85a07b86011e2cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 10:19:06 GMT
content-encoding: gzip
last-modified: Thu, 19 Dec 2019 00:05:11 GMT
server: AmazonS3
age: 2211357
etag: W/"67134f4407faad199175495f4c1a723a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ip8pmtioN-yx_IRTXk2ra7sFSEX3JjZ4kpD11m0jkki8TRlkeampmQ==

GET
H2 200 fontello.min.css
dist.petersons.com/fonts/fontello/css/ 922 B
1 KB 47ms
10ms Stylesheet
text/css 2600:9000:2156:5000:4:d54d:1f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dist.petersons.com/fonts/fontello/css/fontello.min.css
Requested by: Host: www.petersons.com
URL: https://www.petersons.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5000:4:d54d:1f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d796a9681529bcd30f2b5721d36310a98c6583eda35f7fa0b9be9a38700b83db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:55:29 GMT
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
last-modified: Fri, 03 Jan 2020 16:47:21 GMT
server: AmazonS3
age: 74374
etag: "c1ce0861f2f87f7d41c31ae3964b41bc"
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 922
x-amz-cf-id: WDUTmo_XTV-sFKZgzV_vMx81MudXlsHRm4LTxJ7zzQq3kuYUvsdrRQ==

GET
H2 200 smartbanner.min.css
dist.petersons.com/css/ 3 KB
1 KB 46ms
9ms Stylesheet
text/css 2600:9000:2156:5000:4:d54d:1f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dist.petersons.com/css/smartbanner.min.css
Requested by: Host: www.petersons.com
URL: https://www.petersons.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5000:4:d54d:1f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 111d5349381a9e8f6e2fb551a06de98feb7b7957ba1eff38443f9e696519683b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 06:32:16 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 13:39:47 GMT
server: AmazonS3
age: 69287
etag: W/"3eef0e2bb5662f5d01c4d4d2cca64768"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: tLvVJksA2JSG50oQHTYnrZE7PLvk1fOrarysdOqw4WPHIPyP7bHPKQ==

GET
H2 200 gtm.js
www.googletagmanager.com/ 15 KB
0 991ms
193ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5LVGLH7

Requested by

Host: www.petersons.com
URL: https://www.petersons.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 00:35:03 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67073
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 10 Nov 2021 00:35:03 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 35 KB
10 KB 70ms
35ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.petersons.com
URL: https://www.petersons.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d068af5c09c1417e301e13b2c90fa877e0a24e0baae8160b6b77f1650486eb13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 00:35:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 17:40:42 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5A1E11D810724049882F098FFBCB80C3 Ref B: FRAEDGE1313 Ref C: 2021-11-10T00:35:02Z
etag: "08933ecd9d0d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10202

GET
H2 200 hotjar-1205644.js Show response
static.hotjar.com/c/ 4 KB
2 KB 66ms
42ms Script
application/javascript 143.204.98.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1205644.js?sv=6

Requested by

Host: www.petersons.com
URL: https://www.petersons.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-93.fra50.r.cloudfront.net

Software

Resource Hash

763f40d3516ee0551955c24b1dd9d51c80816f9ab544255f69e95589444eb5d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 00:35:02 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA50-C1
etag: W/a7cc3930b3a740bc345f86baa4a2702e
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
content-length: 1950
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-id: LADdkRbD-0Ch2-6divRhDfoSrgTasQpw1A2RoFPd1QJ3mzAeJG4qhg==

GET
H2 200 modules.d4630e91cffbd6b56a37.js Show response
script.hotjar.com/ 222 KB
59 KB 42ms
10ms Script
application/javascript 143.204.98.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.d4630e91cffbd6b56a37.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1205644.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-45.fra50.r.cloudfront.net

Software

Resource Hash

dd8bce41d0be6d4e5449bef910b493bcf872a4189a361451102996bfe0082f3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:04:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 124203
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 59861
access-control-allow-origin: *
last-modified: Mon, 01 Nov 2021 08:24:59 GMT
etag: "fe2e85deda154f5a6e0e0112bec8a18c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: UBOzguI9hWz7-RxLDWf3LucnvFlVtOr1YkVbGvPE7he1uLOwjBKvQw==

GET
H2 204 56334870.js Show response
bat.bing.com/p/action/ 0
93 B 132ms
132ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/56334870.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 10 Nov 2021 00:35:02 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9F129C3B4BA74BDE876995CFBE7312EA Ref B: FRAEDGE1313 Ref C: 2021-11-10T00:35:02Z
x-cache: CONFIG_NOCACHE

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 1416ms
875ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.petersons.com
URL: https://www.petersons.com/new/header.js?id=005ea452fcd4cb594b88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2037
date: Wed, 10 Nov 2021 00:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 10 Nov 2021 02:01:06 GMT

GET
H2 200 is-logged Show response
www.petersons.com/ 56 B
954 B 422ms
422ms XHR
application/json 52.87.95.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.petersons.com/is-logged

Requested by

Host: www.petersons.com
URL: https://www.petersons.com/new/header.js?id=005ea452fcd4cb594b88

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.87.95.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-87-95-65.compute-1.amazonaws.com

Software

nginx/1.21.3 / PHP/8.0.12

Resource Hash

bceca204ef507572fc0db3b666b8288784372735b20b072ac387e052ff59d9c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.petersons.com/
X-XSRF-TOKEN: eyJpdiI6IkVRc0RjL1haSEdMNWtMa0szaVYwbFE9PSIsInZhbHVlIjoiSlhVK21sVFVidzczZm5CdFR6encrQy80NCt5UlNlRGFTM211TDBRVEtFWVo2VENxdlBEVy8vNVNKVStkQWcyRURMc0JuMGxsMnprN2tkNjJveSs4Vy92ZUZOQUdqYVQ1UHE0RXZ3SHp6TDhJRThtSHZhd1h2Y016b1JvSEpObzMiLCJtYWMiOiI2MGM0NmE4YjIzZWRlYjFkZDdlNGJhNGU3ZTZkOWZlMzFiNzZkZGE5Mzc2MjY0YzBiMzNkOGYyNDRjYjAyYjY5IiwidGFnIjoiIn0=
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 00:35:03 GMT
x-content-type-options: nosniff
server: nginx/1.21.3
x-powered-by: PHP/8.0.12
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 Roboto-Medium.ttf
www.petersons.com/new/fonts/Roboto/ 165 KB
165 KB 98ms
97ms Font
application/octet-stream 52.87.95.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.petersons.com/new/fonts/Roboto/Roboto-Medium.ttf
Requested by: Host: www.petersons.com
URL: https://www.petersons.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.87.95.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-87-95-65.compute-1.amazonaws.com
Software: nginx/1.21.3 /
Resource Hash: 4ac8e03606ffa4c37f61a6510a2080f1f37a7054f4726c214887d3b23f72e369

Request headers

Referer: https://www.petersons.com/
Origin: https://www.petersons.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Wed, 10 Nov 2021 00:35:02 GMT
last-modified: Mon, 08 Nov 2021 13:08:41 GMT
server: nginx/1.21.3
etag: "61892159-292c4"
content-type: application/octet-stream
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 168644
expires: Fri, 10 Dec 2021 00:35:02 GMT

GET
H2 200 Roboto-Bold.ttf
www.petersons.com/new/fonts/Roboto/ 163 KB
164 KB 114ms
113ms Font
application/octet-stream 52.87.95.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.petersons.com/new/fonts/Roboto/Roboto-Bold.ttf
Requested by: Host: www.petersons.com
URL: https://www.petersons.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.87.95.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-87-95-65.compute-1.amazonaws.com
Software: nginx/1.21.3 /
Resource Hash: baf44ce81636cc927fc27768437e5da853bac699e8aaf832d042f0dfed29b4b4

Request headers

Referer: https://www.petersons.com/
Origin: https://www.petersons.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Wed, 10 Nov 2021 00:35:02 GMT
last-modified: Mon, 08 Nov 2021 13:08:41 GMT
server: nginx/1.21.3
etag: "61892159-28da8"
content-type: application/octet-stream
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 167336
expires: Fri, 10 Dec 2021 00:35:02 GMT

GET
H2 200 fontello.woff2
www.petersons.com/new/fonts/Fontello/ 5 KB
5 KB 113ms
113ms Font
font/woff2 52.87.95.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.petersons.com/new/fonts/Fontello/fontello.woff2?17271532
Requested by: Host: www.petersons.com
URL: https://www.petersons.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.87.95.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-87-95-65.compute-1.amazonaws.com
Software: nginx/1.21.3 /
Resource Hash: 995082248b00dbe01d0619ebbef582858248c9f741bab46f3eaf8e66480779de

Request headers

Referer: https://www.petersons.com/
Origin: https://www.petersons.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Wed, 10 Nov 2021 00:35:02 GMT
last-modified: Mon, 08 Nov 2021 13:08:41 GMT
server: nginx/1.21.3
etag: "61892159-1498"
content-type: font/woff2
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 5272
expires: Fri, 10 Dec 2021 00:35:02 GMT

GET
H2 200 NunitoSans-Regular.ttf
www.petersons.com/new/fonts/NunitoSans/ 89 KB
90 KB 127ms
127ms Font
application/octet-stream 52.87.95.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.petersons.com/new/fonts/NunitoSans/NunitoSans-Regular.ttf
Requested by: Host: www.petersons.com
URL: https://www.petersons.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.87.95.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-87-95-65.compute-1.amazonaws.com
Software: nginx/1.21.3 /
Resource Hash: 13ad641781e6dd5f2134fcfc9b1589e3c66902b69ccbb68b74d3bd139c1e324e

Request headers

Referer: https://www.petersons.com/
Origin: https://www.petersons.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Wed, 10 Nov 2021 00:35:03 GMT
last-modified: Mon, 08 Nov 2021 13:08:41 GMT
server: nginx/1.21.3
etag: "61892159-16544"
content-type: application/octet-stream
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 91460
expires: Fri, 10 Dec 2021 00:35:03 GMT

GET
H2 200 Roboto-Regular.ttf
www.petersons.com/new/fonts/Roboto/ 164 KB
165 KB 101ms
100ms Font
application/octet-stream 52.87.95.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.petersons.com/new/fonts/Roboto/Roboto-Regular.ttf
Requested by: Host: www.petersons.com
URL: https://www.petersons.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.87.95.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-87-95-65.compute-1.amazonaws.com
Software: nginx/1.21.3 /
Resource Hash: 319cff6e7a31f0f2a41c475dca42890aa5d19fe16017e2290f8c1d4e14f76481

Request headers

Referer: https://www.petersons.com/
Origin: https://www.petersons.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Wed, 10 Nov 2021 00:35:03 GMT
last-modified: Mon, 08 Nov 2021 13:08:41 GMT
server: nginx/1.21.3
etag: "61892159-29144"
content-type: application/octet-stream
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 168260
expires: Fri, 10 Dec 2021 00:35:03 GMT

GET
H2 200 hero-image.png
www.petersons.com/new/images/pages/home/ 509 KB
510 KB 112ms
110ms Image
image/png 52.87.95.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.petersons.com/new/images/pages/home/hero-image.png
Requested by: Host: www.petersons.com
URL: https://www.petersons.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.87.95.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-87-95-65.compute-1.amazonaws.com
Software: nginx/1.21.3 /
Resource Hash: 8318a91e558506df17a7a89c5fdee0f27145982d3692c152642eb4ef865675a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Wed, 10 Nov 2021 00:35:03 GMT
last-modified: Mon, 08 Nov 2021 13:08:41 GMT
server: nginx/1.21.3
etag: "61892159-7f569"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 521577
expires: Fri, 10 Dec 2021 00:35:03 GMT

GET
H2 200 flashcard.gif
www.petersons.com/new/images/pages/home/ 1 MB
1 MB 99ms
98ms Image
image/gif 52.87.95.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.petersons.com/new/images/pages/home/flashcard.gif
Requested by: Host: www.petersons.com
URL: https://www.petersons.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.87.95.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-87-95-65.compute-1.amazonaws.com
Software: nginx/1.21.3 /
Resource Hash: 78688676db5a114e6bdc268151665df859d530aae85c5249c6a148e437833a2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Wed, 10 Nov 2021 00:35:03 GMT
last-modified: Mon, 08 Nov 2021 13:08:41 GMT
server: nginx/1.21.3
etag: "61892159-126f67"
content-type: image/gif
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1208167
expires: Fri, 10 Dec 2021 00:35:03 GMT

GET
H2 200 app-store.png
www.petersons.com/new/images/pages/home/ 1 KB
1 KB 265ms
264ms Image
image/png 52.87.95.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.petersons.com/new/images/pages/home/app-store.png
Requested by: Host: www.petersons.com
URL: https://www.petersons.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.87.95.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-87-95-65.compute-1.amazonaws.com
Software: nginx/1.21.3 /
Resource Hash: cfc88f6d53103b57ceba4b4889a8787ff3ea0cfff1809e6d5b9d42a43e9225e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Wed, 10 Nov 2021 00:35:03 GMT
last-modified: Mon, 08 Nov 2021 13:08:41 GMT
server: nginx/1.21.3
etag: "61892159-4d4"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1236
expires: Fri, 10 Dec 2021 00:35:03 GMT

GET
H2 200 google-play.png
www.petersons.com/new/images/pages/home/ 2 KB
2 KB 188ms
187ms Image
image/png 52.87.95.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.petersons.com/new/images/pages/home/google-play.png
Requested by: Host: www.petersons.com
URL: https://www.petersons.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.87.95.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-87-95-65.compute-1.amazonaws.com
Software: nginx/1.21.3 /
Resource Hash: 87a95cdb8d9473560db35a49f5a364199c3de55a058581bbb081a7d05518966e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Wed, 10 Nov 2021 00:35:03 GMT
last-modified: Mon, 08 Nov 2021 13:08:41 GMT
server: nginx/1.21.3
etag: "61892159-900"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 2304
expires: Fri, 10 Dec 2021 00:35:03 GMT

GET
H2 200 gale-logo.svg
www.petersons.com/new/images/pages/home/ 5 KB
5 KB 182ms
182ms Image
image/svg+xml 52.87.95.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.petersons.com/new/images/pages/home/gale-logo.svg
Requested by: Host: www.petersons.com
URL: https://www.petersons.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.87.95.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-87-95-65.compute-1.amazonaws.com
Software: nginx/1.21.3 /
Resource Hash: 4613d557e48d629b93641f9157252846cd892aac57c4c5cf8c76c925bbe0058e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Wed, 10 Nov 2021 00:35:03 GMT
last-modified: Mon, 08 Nov 2021 13:08:41 GMT
server: nginx/1.21.3
etag: "61892159-122f"
content-type: image/svg+xml
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 4655
expires: Fri, 10 Dec 2021 00:35:03 GMT

GET
H2 200 military-com-logo.svg
www.petersons.com/new/images/pages/home/ 2 KB
2 KB 106ms
105ms Image
image/svg+xml 52.87.95.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.petersons.com/new/images/pages/home/military-com-logo.svg
Requested by: Host: www.petersons.com
URL: https://www.petersons.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.87.95.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-87-95-65.compute-1.amazonaws.com
Software: nginx/1.21.3 /
Resource Hash: d4b79f448f265f30c339b00bdc15626a880793d7ce284deb27c2c58879fede8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Wed, 10 Nov 2021 00:35:03 GMT
last-modified: Mon, 08 Nov 2021 13:08:41 GMT
server: nginx/1.21.3
etag: "61892159-835"
content-type: image/svg+xml
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 2101
expires: Fri, 10 Dec 2021 00:35:03 GMT

GET
H2 200 kiplinger-logo.svg
www.petersons.com/new/images/pages/home/ 1 KB
2 KB 99ms
96ms Image
image/svg+xml 52.87.95.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.petersons.com/new/images/pages/home/kiplinger-logo.svg
Requested by: Host: www.petersons.com
URL: https://www.petersons.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.87.95.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-87-95-65.compute-1.amazonaws.com
Software: nginx/1.21.3 /
Resource Hash: adfe6346eeffd540e838d17511202121d75758f0fc9686fefe298529b8a2035c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Wed, 10 Nov 2021 00:35:03 GMT
last-modified: Mon, 08 Nov 2021 13:08:41 GMT
server: nginx/1.21.3
etag: "61892159-589"
content-type: image/svg+xml
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1417
expires: Fri, 10 Dec 2021 00:35:03 GMT

GET
H2 200 money-logo.svg
www.petersons.com/new/images/pages/home/ 1 KB
2 KB 100ms
97ms Image
image/svg+xml 52.87.95.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.petersons.com/new/images/pages/home/money-logo.svg
Requested by: Host: www.petersons.com
URL: https://www.petersons.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.87.95.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-87-95-65.compute-1.amazonaws.com
Software: nginx/1.21.3 /
Resource Hash: 36dba47f28504cd5147c557de355284b27650d3fb33200498125ad6b023f0519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Wed, 10 Nov 2021 00:35:03 GMT
last-modified: Mon, 08 Nov 2021 13:08:41 GMT
server: nginx/1.21.3
etag: "61892159-51c"
content-type: image/svg+xml
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1308
expires: Fri, 10 Dec 2021 00:35:03 GMT

GET
H2 200 prometric-logo.svg
www.petersons.com/new/images/pages/home/ 10 KB
11 KB 100ms
97ms Image
image/svg+xml 52.87.95.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.petersons.com/new/images/pages/home/prometric-logo.svg
Requested by: Host: www.petersons.com
URL: https://www.petersons.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.87.95.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-87-95-65.compute-1.amazonaws.com
Software: nginx/1.21.3 /
Resource Hash: 8e7de05ec48a08f2b8c826f8c5caaa6b360abd0860abeb1aac51ad1a08481729

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Wed, 10 Nov 2021 00:35:03 GMT
last-modified: Mon, 08 Nov 2021 13:08:41 GMT
server: nginx/1.21.3
etag: "61892159-2963"
content-type: image/svg+xml
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 10595
expires: Fri, 10 Dec 2021 00:35:03 GMT

GET
H2 200 3.js Show response
www.petersons.com/new/ 455 B
707 B 105ms
102ms Script
application/javascript 52.87.95.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.petersons.com/new/3.js?id=6276dedd0c47ce13e96a
Requested by: Host: www.petersons.com
URL: https://www.petersons.com/new/index.js?id=56c589d3ef7e88e294ec
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.87.95.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-87-95-65.compute-1.amazonaws.com
Software: nginx/1.21.3 /
Resource Hash: 46e4898d81d55cf2df6d963e0a30738cfdee016672941e22f21066e44a6de365

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Wed, 10 Nov 2021 00:35:03 GMT
last-modified: Mon, 08 Nov 2021 13:08:41 GMT
server: nginx/1.21.3
etag: "61892159-1c7"
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 455
expires: Fri, 10 Dec 2021 00:35:03 GMT

GET
H2 200 video-courses.gif
www.petersons.com/new/images/pages/home/ 923 KB
924 KB 107ms
104ms Image
image/gif 52.87.95.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.petersons.com/new/images/pages/home/video-courses.gif
Requested by: Host: www.petersons.com
URL: https://www.petersons.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.87.95.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-87-95-65.compute-1.amazonaws.com
Software: nginx/1.21.3 /
Resource Hash: ecb6a2c56ac39e3877babab568ab6b566f078f8f10285d9977a250b9335b0f90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Wed, 10 Nov 2021 00:35:03 GMT
last-modified: Mon, 08 Nov 2021 13:08:41 GMT
server: nginx/1.21.3
etag: "61892159-e6a70"
content-type: image/gif
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 944752
expires: Fri, 10 Dec 2021 00:35:03 GMT

GET
H2 204 0
bat.bing.com/action/ 0
150 B 31ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=56334870&Ver=2&mid=d84797e9-64dd-4161-ac38-ad667c619b94&sid=0b49ea1041be11ec94045da7ec66ee12&vid=0b49fb3041be11ecaf780fb6ba9b56e1&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Test%20Prep%20%7C%20College%20Finder%20%7C%20Scholarship%20Search&p=https%3A%2F%2Fwww.petersons.com%2F&r=&lt=1643&evt=pageLoad&msclkid=N&sv=1&rn=536927
Requested by: Host: www.petersons.com
URL: https://www.petersons.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 00:35:02 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 47D77C5A4429490CA82C0B5EC6A1FB9C Ref B: FRAEDGE1313 Ref C: 2021-11-10T00:35:03Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-d09a446edefba0dcce5d5143e1840e9a.html Show response
vars.hotjar.com/ Frame 657F 2 KB
1 KB 90ms
13ms Document
text/html 143.204.98.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-d09a446edefba0dcce5d5143e1840e9a.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1205644.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-123.fra50.r.cloudfront.net
Software: /
Resource Hash: 69ae95b7f73e2899d0c398ed4fb9faba242bbec4d0a58b182e4dd0e7808f01ac

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.petersons.com/

Response headers

content-type: text/html
content-length: 1044
date: Mon, 08 Nov 2021 14:05:11 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "63e08f928469ab67d9dac30c065ed182"
last-modified: Mon, 01 Nov 2021 08:24:59 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: qWTYTB6Taof_6-qDKaMNH1Z1eNH6YI9AA_UVecqrcEsKxUZsd-6AwA==
age: 124192

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1205644/ 146 B
323 B 173ms
35ms XHR
application/json 54.78.108.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1205644/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.d4630e91cffbd6b56a37.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.108.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-108-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1f93261e6db2c54e59dd3384dbb44d59a47c0118c3526bec3a3e5f52925e5243

Request headers

Referer: https://www.petersons.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 10 Nov 2021 00:35:03 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 204 1205644 Show response
vc.hotjar.io/sessions/ 0
256 B 162ms
36ms XHR
text/plain 143.204.98.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/1205644?s=0.25&r=0.2307419524888321
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.d4630e91cffbd6b56a37.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-62.fra50.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 00:35:03 GMT
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: 0By5wjxev3NWyXfUIezrz3bY3ghaS7T93yHrfVI7MPE7Wv25E4lnug==

POST
H/1.1 200
OK content Show response
ws1.hotjar.com/api/v2/sites/1205644/recordings/ 66 B
396 B 664ms
427ms XHR
application/json 52.212.239.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws1.hotjar.com/api/v2/sites/1205644/recordings/content
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.d4630e91cffbd6b56a37.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.239.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-239-19.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 0e6b5759ad9e25fb34c2ba130b18a263a04135deacb1a4f5f5beb1024ddcc1f6

Request headers

Referer: https://www.petersons.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

Date: Wed, 10 Nov 2021 00:35:03 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2 206 best-in-class.mp4
www.petersons.com/new/images/pages/home/ 76 KB
0 257ms
256ms Media
video/mp4 52.87.95.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.petersons.com/new/images/pages/home/best-in-class.mp4

Requested by

Host: www.petersons.com
URL: https://www.petersons.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.87.95.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-87-95-65.compute-1.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.petersons.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 10 Nov 2021 00:35:03 GMT
x-content-type-options: nosniff
last-modified: Mon, 08 Nov 2021 13:08:41 GMT
server: nginx/1.21.3
etag: "61892159-6103c0"
x-frame-options: SAMEORIGIN
content-type: video/mp4
Content-Range: bytes 0-6357951/6357952
Content-Length: 6357952
x-xss-protection: 1; mode=block

GET
H2 206 best-in-class.mp4
www.petersons.com/new/images/pages/home/ 65 KB
65 KB 384ms
384ms Media
video/mp4 52.87.95.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.petersons.com/new/images/pages/home/best-in-class.mp4

Requested by

Host: www.petersons.com
URL: https://www.petersons.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.87.95.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-87-95-65.compute-1.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

f243a09b1cc48584a8742470547409531ec30149e912a002157557f9642f5a2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.petersons.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=6291456-

Response headers

date: Wed, 10 Nov 2021 00:35:03 GMT
x-content-type-options: nosniff
last-modified: Mon, 08 Nov 2021 13:08:41 GMT
server: nginx/1.21.3
etag: "61892159-6103c0"
x-frame-options: SAMEORIGIN
content-type: video/mp4
Content-Range: bytes 6291456-6357951/6357952
Content-Length: 66496
x-xss-protection: 1; mode=block

GET
H2 206 hero-video.mp4
www.petersons.com/new/images/pages/home/ 68 KB
0 99ms
99ms Media
video/mp4 52.87.95.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.petersons.com/new/images/pages/home/hero-video.mp4

Requested by

Host: www.petersons.com
URL: https://www.petersons.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.87.95.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-87-95-65.compute-1.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.petersons.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 10 Nov 2021 00:35:04 GMT
x-content-type-options: nosniff
last-modified: Mon, 08 Nov 2021 13:08:41 GMT
server: nginx/1.21.3
etag: "61892159-fcb11"
x-frame-options: SAMEORIGIN
content-type: video/mp4
Content-Range: bytes 0-1035024/1035025
Content-Length: 1035025
x-xss-protection: 1; mode=block

GET
H2 206 best-in-class.mp4
www.petersons.com/new/images/pages/home/ 3 MB
0 196ms
196ms Media
video/mp4 52.87.95.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.petersons.com/new/images/pages/home/best-in-class.mp4

Requested by

Host: www.petersons.com
URL: https://www.petersons.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.87.95.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-87-95-65.compute-1.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.petersons.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=65536-

Response headers

date: Wed, 10 Nov 2021 00:35:04 GMT
x-content-type-options: nosniff
last-modified: Mon, 08 Nov 2021 13:08:41 GMT
server: nginx/1.21.3
etag: "61892159-6103c0"
x-frame-options: SAMEORIGIN
content-type: video/mp4
Content-Range: bytes 65536-6357951/6357952
Content-Length: 6292416
x-xss-protection: 1; mode=block

GET
H2 206 hero-video.mp4
www.petersons.com/new/images/pages/home/ 19 KB
19 KB 419ms
418ms Media
video/mp4 52.87.95.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.petersons.com/new/images/pages/home/hero-video.mp4

Requested by

Host: www.petersons.com
URL: https://www.petersons.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.87.95.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-87-95-65.compute-1.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

4b863884619d29ae00e3a4222089cd2b5132605f93fada717f2834eb7c03bd25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.petersons.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=1015808-

Response headers

date: Wed, 10 Nov 2021 00:35:04 GMT
x-content-type-options: nosniff
last-modified: Mon, 08 Nov 2021 13:08:41 GMT
server: nginx/1.21.3
etag: "61892159-fcb11"
x-frame-options: SAMEORIGIN
content-type: video/mp4
Content-Range: bytes 1015808-1035024/1035025
Content-Length: 19217
x-xss-protection: 1; mode=block

GET
H2 206 hero-video.mp4
www.petersons.com/new/images/pages/home/ 947 KB
0 331ms
331ms Media
video/mp4 52.87.95.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.petersons.com/new/images/pages/home/hero-video.mp4

Requested by

Host: www.petersons.com
URL: https://www.petersons.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.87.95.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-87-95-65.compute-1.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.petersons.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=65536-

Response headers

date: Wed, 10 Nov 2021 00:35:04 GMT
x-content-type-options: nosniff
last-modified: Mon, 08 Nov 2021 13:08:41 GMT
server: nginx/1.21.3
etag: "61892159-fcb11"
x-frame-options: SAMEORIGIN
content-type: video/mp4
Content-Range: bytes 65536-1035024/1035025
Content-Length: 969489
x-xss-protection: 1; mode=block

GET
H2 200 main.js Show response
sibforms.com/forms/end-form/build/ 853 KB
198 KB 45ms
18ms Script
application/javascript 2606:4700::6812:ae07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sibforms.com/forms/end-form/build/main.js

Requested by

Host: www.petersons.com
URL: https://www.petersons.com/new/footer.js?id=35c338e303c5c1e055cf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ae07 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfd81e8bbd2e42a486d2fa0292c4b899cd7b9da21dd25d611b2a86e13f9b25ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 00:35:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5661
x-xss-protection: 1
x-sib-server: SENDINBLUE-srv-pr-rancher-worker-10
last-modified: Mon, 08 Nov 2021 05:49:06 GMT
server: cloudflare
etag: "d55f2-5d0408d05b880-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 6abb32eaf85d1f19-FRA
expires: Wed, 10 Nov 2021 04:35:06 GMT

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bing.com/	1970-01-20 07:56:40	Name: MUID Value: 20805D5493DE612E01934DBF920C607A
.petersons.com/	1970-01-20 07:20:40	Name: _hjid Value: b32694d0-7dce-4eee-b1e6-ce97c6ad6285
.petersons.com/	1970-01-19 22:35:06	Name: _hjFirstSeen Value: 1
.petersons.com/	1970-01-19 22:36:30	Name: _uetsid Value: 0b49ea1041be11ec94045da7ec66ee12
.petersons.com/	1970-01-20 07:56:40	Name: _uetvid Value: 0b49fb3041be11ecaf780fb6ba9b56e1
www.petersons.com/	1970-01-19 22:35:04	Name: _hjIncludedInPageviewSample Value: 1
.petersons.com/	1970-01-19 22:35:06	Name: _hjAbsoluteSessionInProgress Value: 1
www.petersons.com/	1970-01-19 22:35:04	Name: _hjIncludedInSessionSample Value: 1
www.petersons.com/	1970-01-19 22:35:11	Name: XSRF-TOKEN Value: eyJpdiI6Im83VE9ubzhVOUtsU3NaMXlKR3JXOUE9PSIsInZhbHVlIjoiK0VtL25qOXV2Y0JaT3BuR2JOczkwQ3RVcE5WOXpMSG9NZ3hSb0taL3o0UVZLL2laelRRQXYwSGd2dE05YTJsdWFDaXVWU0FSM2ZRN09ySTNUWGdCQm8vRnVCMWZxTnByZVAxWEtLUFVGdlU1NEp1NUxMVFREcG1VdkVBbXd6NXMiLCJtYWMiOiJhYTI3Y2I3NDY2OThmYjA2MzI2YjdjYmEwMDQxYjg2N2RiZjMyNjU1Yjg1ZGJhOWM1ZjBkMjUxOWVhN2YxNGQxIiwidGFnIjoiIn0%3D
www.petersons.com/	1970-01-19 22:35:11	Name: pcom_session Value: eyJpdiI6IlJLcDVWZFB0T2htdTJjbTcvOW92NFE9PSIsInZhbHVlIjoiOEhNUWdCT2l0QTVIRWVCeC8yNUQ0QlpUWDNnZzJSWDBpVVFBVk8zTjR6QStWZ3lpK2lWMjdQb0J2RWVTSHVBcGkrRG92TlFCNHJqZFRCdnNJenJMMEpsOG1kQkdSY0hYaDhuaDF1MWlsVXVrNitaQmdIVFhHNjRMcURkeXdQam4iLCJtYWMiOiIxYzAyNTYyZmZiNjI2NzZiMTg5MGJiZjIxOGNiYTk5MGRlZDk5Y2YwYTMwY2ExZTZmZTNhMmI4NWI3NmJkMjgwIiwidGFnIjoiIn0%3D
.petersons.com/	1970-01-20 16:06:16	Name: _ga Value: GA1.2.178234368.1636504508
.petersons.com/	1970-01-19 22:36:30	Name: _gid Value: GA1.2.1189245439.1636504508

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
cdnjs.cloudflare.com
dist.petersons.com
in.hotjar.com
petersons.com
qa-dantes-auth.petersons.com
script.hotjar.com
sibforms.com
static.hotjar.com
vars.hotjar.com
vc.hotjar.io
ws1.hotjar.com
www.google-analytics.com
www.googletagmanager.com
www.petersons.com
143.204.98.123
143.204.98.45
143.204.98.62
143.204.98.93
2600:9000:2156:5000:4:d54d:1f40:93a1
2606:4700::6810:125e
2606:4700::6810:b8f8
2606:4700::6812:ae07
2620:1ec:c11::200
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::200e
52.212.239.19
52.87.95.65
54.78.108.238
0e6b5759ad9e25fb34c2ba130b18a263a04135deacb1a4f5f5beb1024ddcc1f6
111d5349381a9e8f6e2fb551a06de98feb7b7957ba1eff38443f9e696519683b
13ad641781e6dd5f2134fcfc9b1589e3c66902b69ccbb68b74d3bd139c1e324e
1f93261e6db2c54e59dd3384dbb44d59a47c0118c3526bec3a3e5f52925e5243
21c7835df52d38758b6c23bdc5a1190fe967de40ad19fdbfc64075a79afe8041
232ae4e313785f220ee9979190fd3e8faaf009eaa28a5dc6151f6dacfa250471
2c4836be5dda1e3ae2c7afa062c782edd7fe8d738aa27ba95360d0db4b2005e8
319cff6e7a31f0f2a41c475dca42890aa5d19fe16017e2290f8c1d4e14f76481
32d0d50731dc222b992fa5b36cf4cf6e83db66860c466e676f80a195e19c88af
36dba47f28504cd5147c557de355284b27650d3fb33200498125ad6b023f0519
4613d557e48d629b93641f9157252846cd892aac57c4c5cf8c76c925bbe0058e
46e4898d81d55cf2df6d963e0a30738cfdee016672941e22f21066e44a6de365
4ac8e03606ffa4c37f61a6510a2080f1f37a7054f4726c214887d3b23f72e369
4b863884619d29ae00e3a4222089cd2b5132605f93fada717f2834eb7c03bd25
682a17f0b5673976fc1af4c8c54b0941bb4b8f7c46745f56a33f8cc7ada4a2cc
69ae95b7f73e2899d0c398ed4fb9faba242bbec4d0a58b182e4dd0e7808f01ac
6ebe0d0cda485f842adbf592d4d2094643513984876a517a97e7d726df2b7ece
763f40d3516ee0551955c24b1dd9d51c80816f9ab544255f69e95589444eb5d1
78688676db5a114e6bdc268151665df859d530aae85c5249c6a148e437833a2f
7c9617f0e01379eb1b4bd734aff92dd38cc1281fb243994d4f173e4b1a9220d5
819a5a9c231bb866dd29c127758be5dd6d0c54e26e83efffe6a118d930174e6f
8318a91e558506df17a7a89c5fdee0f27145982d3692c152642eb4ef865675a6
87a95cdb8d9473560db35a49f5a364199c3de55a058581bbb081a7d05518966e
8e7de05ec48a08f2b8c826f8c5caaa6b360abd0860abeb1aac51ad1a08481729
98e15110586a9877906d7a4ada5a789c0deaa285600027e1f3c7e925fb4b05b7
995082248b00dbe01d0619ebbef582858248c9f741bab46f3eaf8e66480779de
9ea20a7806a7a629a473588de98bf00fc85ebc9b3e456c564b9f0425cbf7f596
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a924409969a6307f081757237e7fd0127aa79fec1312c04f924df5c121304ac4
adfe6346eeffd540e838d17511202121d75758f0fc9686fefe298529b8a2035c
baf44ce81636cc927fc27768437e5da853bac699e8aaf832d042f0dfed29b4b4
bceca204ef507572fc0db3b666b8288784372735b20b072ac387e052ff59d9c4
c1536408aa8d8caad5b9506d222ab47db8e2905e8237349a4b74391628b77a50
cfc88f6d53103b57ceba4b4889a8787ff3ea0cfff1809e6d5b9d42a43e9225e4
cfd81e8bbd2e42a486d2fa0292c4b899cd7b9da21dd25d611b2a86e13f9b25ba
d068af5c09c1417e301e13b2c90fa877e0a24e0baae8160b6b77f1650486eb13
d4b79f448f265f30c339b00bdc15626a880793d7ce284deb27c2c58879fede8c
d796a9681529bcd30f2b5721d36310a98c6583eda35f7fa0b9be9a38700b83db
dd8bce41d0be6d4e5449bef910b493bcf872a4189a361451102996bfe0082f3a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40389f878f50865466a79dcef78a1c001ccb8c24ff07aa8b85a07b86011e2cb
ecb6a2c56ac39e3877babab568ab6b566f078f8f10285d9977a250b9335b0f90
f243a09b1cc48584a8742470547409531ec30149e912a002157557f9642f5a2c

www.petersons.com Open in urlscan Pro 52.87.95.65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

52 Requests

100 %HTTPS

50 %IPv6

8 Domains

15 Subdomains

13 IPs

3 Countries

4410 kBTransfer

10722 kBSize

12 Cookies

6 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.petersons.com Open in urlscan Pro
52.87.95.65 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

100 %
HTTPS

50 %
IPv6

8
Domains

15
Subdomains

13
IPs

3
Countries

4410 kB
Transfer

10722 kB
Size

12
Cookies

52 HTTP transactions
0 data transactions