upgradeplan.hellotars.com Open in urlscan Pro
34.234.28.35 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://xn--inscrio-2wa9a.hellotars.com/conv/SgzC7j
Effective URL:
https://upgradeplan.hellotars.com/conv/ryBF5K?convid=SgzC7j
Submission: On July 03 via automatic, source phishtank (July 3rd 2024, 8:07:42 am UTC) — Scanned from DE

Summary HTTP 32 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 7 domains to perform 32 HTTP transactions. The main IP is 34.234.28.35, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is upgradeplan.hellotars.com.
TLS certificate: Issued by R3 on May 21st 2024. Valid for: 3 months.

This is the only time upgradeplan.hellotars.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 6	34.234.28.35 34.234.28.35	14618 (AMAZON-AES) (AMAZON-AES)
18	2600:9000:249... 2600:9000:2491:9600:1f:c267:1480:21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2600:9000:20e... 2600:9000:20eb:5600:1f:5acd:8400:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
2	50.19.62.130 50.19.62.130	14618 (AMAZON-AES) (AMAZON-AES)
1	52.219.132.48 52.219.132.48	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
32	10

6 34.234.28.35 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-28-35.compute-1.amazonaws.com

xn--inscrio-2wa9a.hellotars.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
upgradeplan.hellotars.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2600:9000:2491:9600:1f:c267:1480:21 (United States)

ASN16509 (AMAZON-02, US)

d3vcuxamxj0wnm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:5600:1f:5acd:8400:21 (United States)

ASN16509 (AMAZON-02, US)

d1xa9uhfa6nnrk.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.19.62.130 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-62-130.compute-1.amazonaws.com

receive.hellotars.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.132.48 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-1-w.amazonaws.com

tars-file-upload.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	cloudfront.net d3vcuxamxj0wnm.cloudfront.net d1xa9uhfa6nnrk.cloudfront.net	703 KB
8	hellotars.com 2 redirects xn--inscrio-2wa9a.hellotars.com upgradeplan.hellotars.com receive.hellotars.com	19 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	2 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2355
1	amazonaws.com tars-file-upload.s3.amazonaws.com — Cisco Umbrella Rank: 428881	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	102 KB
1	gstatic.com fonts.gstatic.com	16 KB
32	7

	Domain	Requested by
18	d3vcuxamxj0wnm.cloudfront.net	upgradeplan.hellotars.com d3vcuxamxj0wnm.cloudfront.net
5	upgradeplan.hellotars.com	1 redirects upgradeplan.hellotars.com
2	receive.hellotars.com	d3vcuxamxj0wnm.cloudfront.net
2	d1xa9uhfa6nnrk.cloudfront.net	d3vcuxamxj0wnm.cloudfront.net
2	fonts.googleapis.com	d3vcuxamxj0wnm.cloudfront.net upgradeplan.hellotars.com
1	region1.google-analytics.com	www.googletagmanager.com
1	tars-file-upload.s3.amazonaws.com	upgradeplan.hellotars.com
1	www.googletagmanager.com	d3vcuxamxj0wnm.cloudfront.net
1	fonts.gstatic.com	fonts.googleapis.com
1	xn--inscrio-2wa9a.hellotars.com	1 redirects
32	10

This site contains links to these domains. Also see Links.

Domain
hellotars.com

Subject Issuer	Validity	Valid
hellotars.com R3	`2024-05-21` - `2024-08-19`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2024-04-22` - `2025-04-07`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://upgradeplan.hellotars.com/conv/ryBF5K?convid=SgzC7j
Frame ID: 524482FD31019BFE0867329F9720583F
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Upgrade to Pro Plan | TARS

Page URL History Show full URLs

https://xn--inscrio-2wa9a.hellotars.com/conv/SgzC7j HTTP 307
https://upgradeplan.hellotars.com/conv/ryBF5K/?convid=SgzC7j HTTP 308
https://upgradeplan.hellotars.com/conv/ryBF5K?convid=SgzC7j Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

32
Requests

100 %
HTTPS

67 %
IPv6

7
Domains

10
Subdomains

10
IPs

3
Countries

843 kB
Transfer

2859 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://hellotars.com/?utm_campaign=ryBF5K&utm_content=convbot_banner&utm_medium=page_convbot_Desktop&utm_source=hostname
Title: AITARS

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://xn--inscrio-2wa9a.hellotars.com/conv/SgzC7j HTTP 307
https://upgradeplan.hellotars.com/conv/ryBF5K/?convid=SgzC7j HTTP 308
https://upgradeplan.hellotars.com/conv/ryBF5K?convid=SgzC7j Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request ryBF5K Show response
upgradeplan.hellotars.com/conv/
Redirect Chain

https://xn--inscrio-2wa9a.hellotars.com/conv/SgzC7j
https://upgradeplan.hellotars.com/conv/ryBF5K/?convid=SgzC7j
https://upgradeplan.hellotars.com/conv/ryBF5K?convid=SgzC7j

61 KB
14 KB

129ms
129ms

Document
text/html

34.234.28.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://upgradeplan.hellotars.com/conv/ryBF5K?convid=SgzC7j

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.234.28.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-28-35.compute-1.amazonaws.com

Software

nginx / Next.js

Resource Hash

19e776462a2f4527dad88c3467a4f79f31eb10f1937a2da280eb407fe90cc0d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 03 Jul 2024 08:07:37 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-powered-by: Next.js

Redirect headers

date: Wed, 03 Jul 2024 08:07:37 GMT
location: /conv/ryBF5K?convid=SgzC7j
refresh: 0;url=/conv/ryBF5K?convid=SgzC7j
server: nginx
strict-transport-security: max-age=31536000

GET
H2 200 62ac5373784a5e19.css
d3vcuxamxj0wnm.cloudfront.net/_next/static/css/ 198 KB
32 KB 59ms
9ms Stylesheet
text/css 2600:9000:2491:9600:1f:c267:1480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3vcuxamxj0wnm.cloudfront.net/_next/static/css/62ac5373784a5e19.css
Requested by: Host: upgradeplan.hellotars.com
URL: https://upgradeplan.hellotars.com/conv/ryBF5K?convid=SgzC7j
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:9600:1f:c267:1480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08603c16ecc89a48446d7edb10cca220c166193872193cbacc9468c75411c44c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://upgradeplan.hellotars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 05:28:35 GMT
content-encoding: gzip
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jun 2024 12:33:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 11403
x-amz-server-side-encryption: AES256
etag: W/"d2704a4875c3f45c8a003c96a01b40bb"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: C-M_LG-cFOcLJD3rcnIjn0YIEBr_w9qhUpLhBLEeGZPxHLBAGNkOaA==

GET
H2 200 webpack-a31a98c1bd3bb062.js Show response
d3vcuxamxj0wnm.cloudfront.net/_next/static/chunks/ 3 KB
2 KB 58ms
8ms Script
text/javascript 2600:9000:2491:9600:1f:c267:1480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3vcuxamxj0wnm.cloudfront.net/_next/static/chunks/webpack-a31a98c1bd3bb062.js
Requested by: Host: upgradeplan.hellotars.com
URL: https://upgradeplan.hellotars.com/conv/ryBF5K?convid=SgzC7j
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:9600:1f:c267:1480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f6a9314e4c6fa70f0d4a6971ac2afc113a24bd61c4e20f930481a199378393d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://upgradeplan.hellotars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 00:56:21 GMT
content-encoding: gzip
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jun 2024 12:33:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 70016
x-amz-server-side-encryption: AES256
etag: W/"52efa9db82eda642d4f7af52b10d9663"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: hNPYvezzuFoaXMmxxntGG5DzgLkTHYAkV7falpL_47WMOzEHElaQHA==

GET
H2 200 framework-715a76d8b0695da7.js Show response
d3vcuxamxj0wnm.cloudfront.net/_next/static/chunks/ 138 KB
43 KB 12ms
12ms Script
text/javascript 2600:9000:2491:9600:1f:c267:1480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3vcuxamxj0wnm.cloudfront.net/_next/static/chunks/framework-715a76d8b0695da7.js
Requested by: Host: upgradeplan.hellotars.com
URL: https://upgradeplan.hellotars.com/conv/ryBF5K?convid=SgzC7j
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:9600:1f:c267:1480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d7f01243816138ef54fc3e5211b3023bd7c2298e0338928d775a42cbad0dedc5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://upgradeplan.hellotars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 11:58:11 GMT
content-encoding: br
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2024 11:47:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 72566
x-amz-server-side-encryption: AES256
etag: W/"cd5d4cfd99f0f8d62718a4a6e937221e"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: aZ76z0_UVu6J25DWyZWxD5Mb4CUpRXdhn7GtZ_3TQwkMOgk2_mAa6A==

GET
H2 200 main-b355b9c39b50a4eb.js Show response
d3vcuxamxj0wnm.cloudfront.net/_next/static/chunks/ 104 KB
29 KB 15ms
15ms Script
text/javascript 2600:9000:2491:9600:1f:c267:1480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3vcuxamxj0wnm.cloudfront.net/_next/static/chunks/main-b355b9c39b50a4eb.js
Requested by: Host: upgradeplan.hellotars.com
URL: https://upgradeplan.hellotars.com/conv/ryBF5K?convid=SgzC7j
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:9600:1f:c267:1480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2061af4d98d4ccfff2a953334f8098afaf3899dad20d2c67d186e9fbc6f9f91a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://upgradeplan.hellotars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 11:53:45 GMT
content-encoding: br
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2024 11:47:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 72833
x-amz-server-side-encryption: AES256
etag: W/"375dd0f098f69387ebb3ba38bc002f48"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: d17uo-QvEWLtV9iUCy-ZQqOe6_EqFXVaIfizHln-tq7SHopEXACtRA==

GET
H2 200 _app-dde429d7c327a91d.js Show response
d3vcuxamxj0wnm.cloudfront.net/_next/static/chunks/pages/ 28 KB
8 KB 13ms
11ms Script
text/javascript 2600:9000:2491:9600:1f:c267:1480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3vcuxamxj0wnm.cloudfront.net/_next/static/chunks/pages/_app-dde429d7c327a91d.js
Requested by: Host: upgradeplan.hellotars.com
URL: https://upgradeplan.hellotars.com/conv/ryBF5K?convid=SgzC7j
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:9600:1f:c267:1480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab56e9ca0491c6492ab70cf39f4e5f8ad2ac3d1c4f8f6e807eb7fa8ce33686c8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://upgradeplan.hellotars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 11:45:03 GMT
content-encoding: br
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2024 11:47:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 73355
x-amz-server-side-encryption: AES256
etag: W/"ffa9b9c2e85ab791139ec0347269c3ff"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: 2CX9ZoyaXSku1yKOJpnKLfInfTFUKWeIU9ZmH2qiPb6y1Hhy4ZLFeQ==

GET
H2 200 23918f63-3c7945d77ecfaff6.js Show response
d3vcuxamxj0wnm.cloudfront.net/_next/static/chunks/ 5 KB
2 KB 23ms
21ms Script
text/javascript 2600:9000:2491:9600:1f:c267:1480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3vcuxamxj0wnm.cloudfront.net/_next/static/chunks/23918f63-3c7945d77ecfaff6.js
Requested by: Host: upgradeplan.hellotars.com
URL: https://upgradeplan.hellotars.com/conv/ryBF5K?convid=SgzC7j
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:9600:1f:c267:1480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 481a9dc7ae5156b2b3f1995b784c093145196ebe3d14dbc141aacb04eb0dd40f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://upgradeplan.hellotars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 12:38:20 GMT
content-encoding: br
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jun 2024 12:33:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 70158
x-amz-server-side-encryption: AES256
etag: W/"9d128defd6a4e249b864c1aea58cf3ae"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: eY64s6oa07qg3c4O2fzWRYGTl3qvGvseVMiyfRJc2eMhBenpp10PIQ==

GET
H2 200 fec483df-78a2dd942a5c2897.js Show response
d3vcuxamxj0wnm.cloudfront.net/_next/static/chunks/ 318 KB
82 KB 14ms
13ms Script
text/javascript 2600:9000:2491:9600:1f:c267:1480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3vcuxamxj0wnm.cloudfront.net/_next/static/chunks/fec483df-78a2dd942a5c2897.js
Requested by: Host: upgradeplan.hellotars.com
URL: https://upgradeplan.hellotars.com/conv/ryBF5K?convid=SgzC7j
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:9600:1f:c267:1480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e6589666f4232b47d3f53ed746919ef76a4b8a8e3f0fcab330919811481ff6ab

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://upgradeplan.hellotars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 12:38:20 GMT
content-encoding: br
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jun 2024 12:33:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 70158
x-amz-server-side-encryption: AES256
etag: W/"ed9b0f2c5d166708a9ea26f1627eebbf"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: 8roglg84pU6UxwMkrdmnzcqP2wI9NXUW5NggTlYIVizFVSodzzHX-A==

GET
H2 200 75fc9c18-3148a20e1df1e518.js Show response
d3vcuxamxj0wnm.cloudfront.net/_next/static/chunks/ 58 KB
19 KB 16ms
14ms Script
text/javascript 2600:9000:2491:9600:1f:c267:1480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3vcuxamxj0wnm.cloudfront.net/_next/static/chunks/75fc9c18-3148a20e1df1e518.js
Requested by: Host: upgradeplan.hellotars.com
URL: https://upgradeplan.hellotars.com/conv/ryBF5K?convid=SgzC7j
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:9600:1f:c267:1480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c8531c8f6afc4784f9650806756aa4f6a4aba3e4381590960f0dba8b5f93ba5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://upgradeplan.hellotars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 05:28:35 GMT
content-encoding: gzip
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2024 11:47:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 72872
x-amz-server-side-encryption: AES256
etag: W/"b35417eec5f8641a7c5d78abebd2123b"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: piSJAZylkHSAwIobzDTtQ5DGBxCl15NNIWcVffjkyLA9lFXXLYkySQ==

GET
H2 200 61606cbd-356c1b16842ffec9.js Show response
d3vcuxamxj0wnm.cloudfront.net/_next/static/chunks/ 84 KB
26 KB 14ms
13ms Script
text/javascript 2600:9000:2491:9600:1f:c267:1480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3vcuxamxj0wnm.cloudfront.net/_next/static/chunks/61606cbd-356c1b16842ffec9.js
Requested by: Host: upgradeplan.hellotars.com
URL: https://upgradeplan.hellotars.com/conv/ryBF5K?convid=SgzC7j
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:9600:1f:c267:1480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ca58508349795de04620cc743dd6b19ad82edee0210f723ab18e16c00212a38

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://upgradeplan.hellotars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 05:28:35 GMT
content-encoding: gzip
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2024 11:47:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 72620
x-amz-server-side-encryption: AES256
etag: W/"237e36be50196ea4dc8d2ae284072768"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: aYZc3GVGNvgThHHsbGCZkKUgxjfItIIV_f065_FTRNrezp8YB6AM2Q==

GET
H2 200 9f96d65d-3203b5a8e0cc1b7d.js Show response
d3vcuxamxj0wnm.cloudfront.net/_next/static/chunks/ 131 KB
29 KB 17ms
16ms Script
text/javascript 2600:9000:2491:9600:1f:c267:1480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3vcuxamxj0wnm.cloudfront.net/_next/static/chunks/9f96d65d-3203b5a8e0cc1b7d.js
Requested by: Host: upgradeplan.hellotars.com
URL: https://upgradeplan.hellotars.com/conv/ryBF5K?convid=SgzC7j
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:9600:1f:c267:1480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7a39e4c79e5a16c893276dd01bef12e191372ea825657d576b8331fcbb5fd405

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://upgradeplan.hellotars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 05:28:35 GMT
content-encoding: gzip
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jun 2024 12:33:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 10022
x-amz-server-side-encryption: AES256
etag: W/"aebd8417b04ab2d61712696834472f92"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: B6hCnyGW8vYYc5UpTi3na7gwS_WE76IGMktvY_uS41B-rcDg_wbSpw==

GET
H2 200 c810e66d-5d09cb3785b5acec.js Show response
d3vcuxamxj0wnm.cloudfront.net/_next/static/chunks/ 199 KB
59 KB 18ms
16ms Script
text/javascript 2600:9000:2491:9600:1f:c267:1480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3vcuxamxj0wnm.cloudfront.net/_next/static/chunks/c810e66d-5d09cb3785b5acec.js
Requested by: Host: upgradeplan.hellotars.com
URL: https://upgradeplan.hellotars.com/conv/ryBF5K?convid=SgzC7j
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:9600:1f:c267:1480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e6c130a40411ff16386c8be98ebfcefecbd386719e43d2683038268a51c6a3fc

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://upgradeplan.hellotars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 05:28:35 GMT
content-encoding: gzip
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2024 11:47:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 10022
x-amz-server-side-encryption: AES256
etag: W/"6c8a7a40e73245abc4584c9ed6ebe9a6"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: JpOk2tJm_KYy4NxTxy3EVWnO9-XgSR0LXPXMmDIbE4mEoxSSHS6soQ==

GET
H2 200 547-7e46c1e6109e711c.js Show response
d3vcuxamxj0wnm.cloudfront.net/_next/static/chunks/ 725 KB
223 KB 21ms
20ms Script
text/javascript 2600:9000:2491:9600:1f:c267:1480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3vcuxamxj0wnm.cloudfront.net/_next/static/chunks/547-7e46c1e6109e711c.js
Requested by: Host: upgradeplan.hellotars.com
URL: https://upgradeplan.hellotars.com/conv/ryBF5K?convid=SgzC7j
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:9600:1f:c267:1480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1c24a0806924bc2903a4ee1c71e40f08d769595f2f786e7a54e5edf3d53bbde0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://upgradeplan.hellotars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 05:28:35 GMT
content-encoding: gzip
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jun 2024 12:33:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 11472
x-amz-server-side-encryption: AES256
etag: W/"0b77bec413c387c7731033f3ebf1bba5"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: LeSlYZug6Z_IguWhTs0dcKM--jPvCYYQ1SVNABEIU5DYPxl084yZDA==

GET
H2 200 %5Bconvid%5D-351551e41bfe1b4f.js Show response
d3vcuxamxj0wnm.cloudfront.net/_next/static/chunks/pages/conv/ 399 KB
99 KB 46ms
45ms Script
text/javascript 2600:9000:2491:9600:1f:c267:1480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3vcuxamxj0wnm.cloudfront.net/_next/static/chunks/pages/conv/%5Bconvid%5D-351551e41bfe1b4f.js
Requested by: Host: upgradeplan.hellotars.com
URL: https://upgradeplan.hellotars.com/conv/ryBF5K?convid=SgzC7j
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:9600:1f:c267:1480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6006ce74fce99fbdc57d7f1d04f6f8c0958dc93cb3bc992de5a3a8c4b23506fe

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://upgradeplan.hellotars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 11:57:07 GMT
content-encoding: br
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
last-modified: Tue, 02 Jul 2024 11:54:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 72631
etag: W/"e802c78708d0a0c0e278694a2a4513e8"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: -hYGx0HdHy5yM75JNkd73-zix_EOjp-VbHBBv5IGZfAEenIl-Gr74w==

GET
H2 200 _buildManifest.js Show response
d3vcuxamxj0wnm.cloudfront.net/_next/static/Abnt2tov0_UxZpxiiavtJ/ 683 B
1 KB 21ms
20ms Script
text/javascript 2600:9000:2491:9600:1f:c267:1480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3vcuxamxj0wnm.cloudfront.net/_next/static/Abnt2tov0_UxZpxiiavtJ/_buildManifest.js
Requested by: Host: upgradeplan.hellotars.com
URL: https://upgradeplan.hellotars.com/conv/ryBF5K?convid=SgzC7j
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:9600:1f:c267:1480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1a2e6e00abb65d678bc2507232521c955f4bdeff48aa52c82c1e19d077e5b39f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://upgradeplan.hellotars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 14:13:08 GMT
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
last-modified: Tue, 02 Jul 2024 11:54:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 64470
etag: "c9bbeaf617b039feb6d715c37626aab2"
x-amz-server-side-encryption: AES256
vary: Origin
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 683
x-amz-cf-id: ckQhYNPh5JswD9Ot6N3MADpw1lIIo-eT1KYGlN6bJ5gxAGqXuhsSzg==

GET
H2 200 _ssgManifest.js Show response
d3vcuxamxj0wnm.cloudfront.net/_next/static/Abnt2tov0_UxZpxiiavtJ/ 76 B
445 B 53ms
53ms Script
text/javascript 2600:9000:2491:9600:1f:c267:1480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3vcuxamxj0wnm.cloudfront.net/_next/static/Abnt2tov0_UxZpxiiavtJ/_ssgManifest.js
Requested by: Host: upgradeplan.hellotars.com
URL: https://upgradeplan.hellotars.com/conv/ryBF5K?convid=SgzC7j
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:9600:1f:c267:1480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e182e3257a3b5564f7bfb9fb1c6a1e13f8f7c9a3fa0dd6e39ccf473ef8d4f960

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://upgradeplan.hellotars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 14:13:08 GMT
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
last-modified: Tue, 02 Jul 2024 11:54:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 64470
etag: "5352cb582146311d1540f6075d1f265e"
x-amz-server-side-encryption: AES256
vary: Origin
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 76
x-amz-cf-id: BXxOR8sYGCO4tUU45LzGtSyYUyBVSFq8V-OnDOSoMnrxjHoeQJa44w==

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 50ms
22ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@600&family=Roboto:wght@500&display=swap

Requested by

Host: d3vcuxamxj0wnm.cloudfront.net
URL: https://d3vcuxamxj0wnm.cloudfront.net/_next/static/css/62ac5373784a5e19.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

11105baea7711fac9ec1477901f361e9db607bcd17d83862e11cdbe21f98d3f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d3vcuxamxj0wnm.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 03 Jul 2024 08:07:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 03 Jul 2024 08:07:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Jul 2024 08:07:37 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
531 B 30ms
23ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;700;900&display=swap

Requested by

Host: upgradeplan.hellotars.com
URL: https://upgradeplan.hellotars.com/conv/ryBF5K?convid=SgzC7j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

068dbf60db8661712813ea8707d3dd1293db283e1c5ab083ed04ed39d1c92c27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://upgradeplan.hellotars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 03 Jul 2024 08:07:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 03 Jul 2024 07:58:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Jul 2024 08:07:37 GMT

GET
DATA 200
OK truncated
/ 77 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 951f73ff02b0d893f19722f4d860eba78730610869a284c86fe9d136220ce44e

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 DefaultHeader.png
upgradeplan.hellotars.com/images/ 2 KB
2 KB 93ms
92ms Image
image/png 34.234.28.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upgradeplan.hellotars.com/images/DefaultHeader.png

Requested by

Host: upgradeplan.hellotars.com
URL: https://upgradeplan.hellotars.com/conv/ryBF5K?convid=SgzC7j

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.234.28.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-28-35.compute-1.amazonaws.com

Software

nginx /

Resource Hash

9a411ce94c33663784086f9e802ad61f878c0776fcbcfb9c0845fb52b466e990

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://upgradeplan.hellotars.com/conv/ryBF5K?convid=SgzC7j
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 08:07:37 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 14 Apr 2024 02:29:56 GMT
server: nginx
etag: W/"7ee-18eda709a17"
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 2030

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 42ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@600&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://upgradeplan.hellotars.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 20:58:55 GMT
x-content-type-options: nosniff
age: 472122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 20:58:55 GMT

GET
H2 200 HelveticaNeue-Regular.woff
d1xa9uhfa6nnrk.cloudfront.net/chatbot-frontend/ 15 KB
15 KB 55ms
17ms Font
application/font-woff 2600:9000:20eb:5600:1f:5acd:8400:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1xa9uhfa6nnrk.cloudfront.net/chatbot-frontend/HelveticaNeue-Regular.woff
Requested by: Host: d3vcuxamxj0wnm.cloudfront.net
URL: https://d3vcuxamxj0wnm.cloudfront.net/_next/static/css/62ac5373784a5e19.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5600:1f:5acd:8400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 815eeadca2db0a292757809989c68a84ed3ff820a9cd4bf7272164cf06ab7563

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d3vcuxamxj0wnm.cloudfront.net/
Origin: https://upgradeplan.hellotars.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 04:48:48 GMT
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
age: 2171930
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 15020
last-modified: Tue, 02 May 2023 10:14:19 GMT
server: AmazonS3
etag: "88b7a427cf1aec1984382459d5ca12e0"
access-control-allow-methods: GET, POST, PUT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: d4nisjqU70sY1DeYBIxcfJ4EFSq6sIMJGrHgIAs0LJ51hVDl9uvInw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 306 KB
102 KB 351ms
329ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0PT49NDTSN

Requested by

Host: d3vcuxamxj0wnm.cloudfront.net
URL: https://d3vcuxamxj0wnm.cloudfront.net/_next/static/chunks/main-b355b9c39b50a4eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a6cc893b93409db11bcec1e5754482cf1960fb083eab7c344d7082c4bda0248

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://upgradeplan.hellotars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 08:07:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104067
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 03 Jul 2024 08:07:38 GMT

GET
H2 200 435.3e75f39af11adcb7.js Show response
d3vcuxamxj0wnm.cloudfront.net/_next/static/chunks/ 41 KB
16 KB 8ms
8ms Script
text/javascript 2600:9000:2491:9600:1f:c267:1480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3vcuxamxj0wnm.cloudfront.net/_next/static/chunks/435.3e75f39af11adcb7.js
Requested by: Host: d3vcuxamxj0wnm.cloudfront.net
URL: https://d3vcuxamxj0wnm.cloudfront.net/_next/static/chunks/webpack-a31a98c1bd3bb062.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:9600:1f:c267:1480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f869cae4d3ba9cfc2b03664d72124d04bec26a139732695f0a77c9ad1d1a8ca7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://upgradeplan.hellotars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 05:28:06 GMT
content-encoding: gzip
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jun 2024 12:33:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 11469
x-amz-server-side-encryption: AES256
etag: W/"9be1d1e4ee6a09a51fc7b79a6bdaab44"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: yizjI2333rU1LicJHxt3Z5EUD6xOdO94xcVasowN8tw8RZL304pzJw==

GET
H2 200 759.eaf1db541b4c4409.js Show response
d3vcuxamxj0wnm.cloudfront.net/_next/static/chunks/ 135 B
522 B 9ms
9ms Script
text/javascript 2600:9000:2491:9600:1f:c267:1480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3vcuxamxj0wnm.cloudfront.net/_next/static/chunks/759.eaf1db541b4c4409.js
Requested by: Host: d3vcuxamxj0wnm.cloudfront.net
URL: https://d3vcuxamxj0wnm.cloudfront.net/_next/static/chunks/webpack-a31a98c1bd3bb062.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:9600:1f:c267:1480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fda5834ee65687fbb68ab1afd7c709ec144f42018d4a3766dc914816dbec19a9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://upgradeplan.hellotars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 11:45:34 GMT
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2024 11:47:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 73324
x-amz-server-side-encryption: AES256
etag: "f0312af130337bb714f0ef683c1a251b"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 135
x-amz-cf-id: lTsxHl0su6YJNArsHvQPwAjxyaPh4QY6CuSYu_MIJrH0lRDWyBg-rg==

GET
H2 200 conv_data.1630167407031.json Show response
d3vcuxamxj0wnm.cloudfront.net/ryBF5K/ 3 KB
1 KB 554ms
538ms XHR
application/json 2600:9000:2491:9600:1f:c267:1480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3vcuxamxj0wnm.cloudfront.net/ryBF5K/conv_data.1630167407031.json
Requested by: Host: d3vcuxamxj0wnm.cloudfront.net
URL: https://d3vcuxamxj0wnm.cloudfront.net/_next/static/chunks/547-7e46c1e6109e711c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:9600:1f:c267:1480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a27a826508445b955972c578c00353a13b0d59d80f5a807f73c19ad23179ceb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://upgradeplan.hellotars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 08:07:39 GMT
content-encoding: gzip
via: 1.1 4a95385e61c9df8f5f8de6338a3fe59a.cloudfront.net (CloudFront)
last-modified: Sat, 28 Aug 2021 16:16:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
etag: "33720a752abc73686e223e561ec2ae7a"
vary: Accept-Encoding, Origin
x-cache: RefreshHit from cloudfront
content-type: application/json
access-control-allow-origin: https://upgradeplan.hellotars.com
cache-control: no-cache
accept-ranges: bytes
content-length: 954
x-amz-cf-id: Jpxv4KhLlga3d45yOPTIK7QVg54lxkfp2-QeFk8Y6-IKjFL_xZwpQw==

POST
H/1.1 200
OK 98ugzwoq Show response
receive.hellotars.com/conv/ryBF5K/tempdoc/ 7 B
462 B 551ms
113ms XHR
text/html 50.19.62.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://receive.hellotars.com/conv/ryBF5K/tempdoc/98ugzwoq

Requested by

Host: d3vcuxamxj0wnm.cloudfront.net
URL: https://d3vcuxamxj0wnm.cloudfront.net/_next/static/chunks/547-7e46c1e6109e711c.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.19.62.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-19-62-130.compute-1.amazonaws.com

Software

nginx / Express

Resource Hash

c88a0b907419a70c27ab7c1f8e5fb54441a4d9c3567e4c928fa7b2091194aecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://upgradeplan.hellotars.com/
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 08:07:38 GMT
Strict-Transport-Security: max-age=31536000
Server: nginx
X-Powered-By: Express
ETag: W/"7-Qqj2Udef0AXurAYS32RCuYOgEYQ"
Vary: X-HTTP-Method-Override, Accept-Encoding
Access-Control-Allow-Methods: OPTIONS,GET,POST
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://upgradeplan.hellotars.com
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 7

GET
H/1.1 206
Partial Content ba6e1f909206adeb4f22676a756d597a--blop.mp3
tars-file-upload.s3.amazonaws.com/sBZgmZ/ 2 KB
2 KB 1121ms
261ms Media
audio/mp3 52.219.132.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tars-file-upload.s3.amazonaws.com/sBZgmZ/ba6e1f909206adeb4f22676a756d597a--blop.mp3
Requested by: Host: upgradeplan.hellotars.com
URL: https://upgradeplan.hellotars.com/conv/ryBF5K?convid=SgzC7j
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.219.132.48 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: abd654a8166d2b6f943fc64404eea5eb58cceffe8bcded73560b243c28532f16

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://upgradeplan.hellotars.com/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 08:07:40 GMT
Last-Modified: Thu, 25 Nov 2021 10:20:00 GMT
Server: AmazonS3
x-amz-request-id: GPAPDS9WNN1PDDWA
ETag: "627c0e8b5b8ef0417ace4d759284a51d"
Content-Type: audio/mp3
Content-Range: bytes 0-1991/1992
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 1992
x-amz-id-2: qrRWq0it2OT8ega6nyxteYJmytgbdQ2266CLTL5hcic4QLEspANl1ZOwdqtUMSmjfRDPpNJOq0U=

GET
H2 200 tars_brand_lightning.svg
upgradeplan.hellotars.com/icons/ 275 B
441 B 384ms
384ms Image
image/svg+xml 34.234.28.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upgradeplan.hellotars.com/icons/tars_brand_lightning.svg

Requested by

Host: upgradeplan.hellotars.com
URL: https://upgradeplan.hellotars.com/conv/ryBF5K?convid=SgzC7j

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.234.28.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-28-35.compute-1.amazonaws.com

Software

nginx /

Resource Hash

2cc57b8fa46aea15edfe7b01cb6ed7653360c2ee34262877313d72949b1e1b07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://upgradeplan.hellotars.com/conv/ryBF5K?convid=SgzC7j
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 08:07:38 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 12:49:40 GMT
server: nginx
etag: W/"113-187c2c32119"
vary: Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 64ms
23ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-0PT49NDTSN&gtm=45je4710v9127279359za200&_p=1719994057971&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1053148101.1719994058&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1719994058&sct=1&seg=0&dl=https%3A%2F%2Fupgradeplan.hellotars.com%2Fconv%2FryBF5K%3Fconvid%3DSgzC7j&dt=Upgrade%20to%20Pro%20Plan%20%7C%20TARS&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1517&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0PT49NDTSN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://upgradeplan.hellotars.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 03 Jul 2024 08:07:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://upgradeplan.hellotars.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK 98ugzwoq Show response
receive.hellotars.com/conv/ryBF5K/tempdoc/ 7 B
462 B 106ms
106ms XHR
text/html 50.19.62.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://receive.hellotars.com/conv/ryBF5K/tempdoc/98ugzwoq

Requested by

Host: d3vcuxamxj0wnm.cloudfront.net
URL: https://d3vcuxamxj0wnm.cloudfront.net/_next/static/chunks/547-7e46c1e6109e711c.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.19.62.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-19-62-130.compute-1.amazonaws.com

Software

nginx / Express

Resource Hash

c88a0b907419a70c27ab7c1f8e5fb54441a4d9c3567e4c928fa7b2091194aecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://upgradeplan.hellotars.com/
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 08:07:39 GMT
Strict-Transport-Security: max-age=31536000
Server: nginx
X-Powered-By: Express
ETag: W/"7-Qqj2Udef0AXurAYS32RCuYOgEYQ"
Vary: X-HTTP-Method-Override, Accept-Encoding
Access-Control-Allow-Methods: OPTIONS,GET,POST
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://upgradeplan.hellotars.com
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 7

GET
H2 200 favicon.ico
upgradeplan.hellotars.com/ 749 B
960 B 94ms
93ms Other
image/x-icon 34.234.28.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://upgradeplan.hellotars.com/favicon.ico

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.234.28.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-28-35.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d21fa7db820c299cf9bb9902920f35908d5ceae5be9672f6ad619a815d56c7b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://upgradeplan.hellotars.com/conv/ryBF5K?convid=SgzC7j
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 08:07:39 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 27 Apr 2023 12:49:40 GMT
server: nginx
etag: W/"2ed-187c2c32115"
vary: Accept-Encoding
content-type: image/x-icon
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 749

GET
H2 200 HelveticaNeue-Bold.woff
d1xa9uhfa6nnrk.cloudfront.net/chatbot-frontend/ 14 KB
15 KB 10ms
10ms Font
application/font-woff 2600:9000:20eb:5600:1f:5acd:8400:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1xa9uhfa6nnrk.cloudfront.net/chatbot-frontend/HelveticaNeue-Bold.woff
Requested by: Host: d3vcuxamxj0wnm.cloudfront.net
URL: https://d3vcuxamxj0wnm.cloudfront.net/_next/static/css/62ac5373784a5e19.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5600:1f:5acd:8400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b56ed93be705b87d836b9dfd92e3752c1d90dcd604656974d7d70a8f4fc22928

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d3vcuxamxj0wnm.cloudfront.net/
Origin: https://upgradeplan.hellotars.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 16:16:12 GMT
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
age: 1439488
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 14724
last-modified: Tue, 02 May 2023 10:14:18 GMT
server: AmazonS3
etag: "190b4e095db9510029445bb90080aa77"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: NHgDcM_pJe0i7d2WLCr261IP3Xs0nXCkQr8vgpRueoiKwLNCscJ-6w==

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hellotars.com/	1970-01-21 07:22:34	Name: ugid Value: ucxgu1h8
upgradeplan.hellotars.com/	1970-01-21 07:22:34	Name: ugid Value: ucxgu1h8
.hellotars.com/	1970-01-21 07:22:34	Name: _ga Value: GA1.1.1053148101.1719994058
.hellotars.com/	1970-01-21 07:22:34	Name: _ga_0PT49NDTSN Value: GS1.1.1719994058.1.0.1719994058.0.0.0
.hellotars.com/	1970-01-21 07:22:34	Name: csidObj Value: {"ryBF5K":"tmcpdfy6"}
upgradeplan.hellotars.com/	1970-01-21 07:22:34	Name: csidObj Value: {"ryBF5K":"tmcpdfy6"}

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d1xa9uhfa6nnrk.cloudfront.net
d3vcuxamxj0wnm.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
receive.hellotars.com
region1.google-analytics.com
tars-file-upload.s3.amazonaws.com
upgradeplan.hellotars.com
www.googletagmanager.com
xn--inscrio-2wa9a.hellotars.com
2001:4860:4802:34::36
2600:9000:20eb:5600:1f:5acd:8400:21
2600:9000:2491:9600:1f:c267:1480:21
2a00:1450:4001:800::200a
2a00:1450:4001:829::2003
2a00:1450:4001:830::2008
34.234.28.35
50.19.62.130
52.219.132.48
068dbf60db8661712813ea8707d3dd1293db283e1c5ab083ed04ed39d1c92c27
08603c16ecc89a48446d7edb10cca220c166193872193cbacc9468c75411c44c
11105baea7711fac9ec1477901f361e9db607bcd17d83862e11cdbe21f98d3f6
19e776462a2f4527dad88c3467a4f79f31eb10f1937a2da280eb407fe90cc0d4
1a2e6e00abb65d678bc2507232521c955f4bdeff48aa52c82c1e19d077e5b39f
1c24a0806924bc2903a4ee1c71e40f08d769595f2f786e7a54e5edf3d53bbde0
2061af4d98d4ccfff2a953334f8098afaf3899dad20d2c67d186e9fbc6f9f91a
2cc57b8fa46aea15edfe7b01cb6ed7653360c2ee34262877313d72949b1e1b07
3c8531c8f6afc4784f9650806756aa4f6a4aba3e4381590960f0dba8b5f93ba5
481a9dc7ae5156b2b3f1995b784c093145196ebe3d14dbc141aacb04eb0dd40f
4f6a9314e4c6fa70f0d4a6971ac2afc113a24bd61c4e20f930481a199378393d
6006ce74fce99fbdc57d7f1d04f6f8c0958dc93cb3bc992de5a3a8c4b23506fe
7a39e4c79e5a16c893276dd01bef12e191372ea825657d576b8331fcbb5fd405
815eeadca2db0a292757809989c68a84ed3ff820a9cd4bf7272164cf06ab7563
8a6cc893b93409db11bcec1e5754482cf1960fb083eab7c344d7082c4bda0248
8ca58508349795de04620cc743dd6b19ad82edee0210f723ab18e16c00212a38
951f73ff02b0d893f19722f4d860eba78730610869a284c86fe9d136220ce44e
9a27a826508445b955972c578c00353a13b0d59d80f5a807f73c19ad23179ceb
9a411ce94c33663784086f9e802ad61f878c0776fcbcfb9c0845fb52b466e990
ab56e9ca0491c6492ab70cf39f4e5f8ad2ac3d1c4f8f6e807eb7fa8ce33686c8
abd654a8166d2b6f943fc64404eea5eb58cceffe8bcded73560b243c28532f16
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b56ed93be705b87d836b9dfd92e3752c1d90dcd604656974d7d70a8f4fc22928
c88a0b907419a70c27ab7c1f8e5fb54441a4d9c3567e4c928fa7b2091194aecf
d21fa7db820c299cf9bb9902920f35908d5ceae5be9672f6ad619a815d56c7b5
d7f01243816138ef54fc3e5211b3023bd7c2298e0338928d775a42cbad0dedc5
e182e3257a3b5564f7bfb9fb1c6a1e13f8f7c9a3fa0dd6e39ccf473ef8d4f960
e6589666f4232b47d3f53ed746919ef76a4b8a8e3f0fcab330919811481ff6ab
e6c130a40411ff16386c8be98ebfcefecbd386719e43d2683038268a51c6a3fc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f869cae4d3ba9cfc2b03664d72124d04bec26a139732695f0a77c9ad1d1a8ca7
fda5834ee65687fbb68ab1afd7c709ec144f42018d4a3766dc914816dbec19a9

upgradeplan.hellotars.com Open in urlscan Pro 34.234.28.35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

32 Requests

100 %HTTPS

67 %IPv6

7 Domains

10 Subdomains

10 IPs

3 Countries

843 kBTransfer

2859 kBSize

6 Cookies

1 Outgoing links

Page URL History

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

upgradeplan.hellotars.com Open in urlscan Pro
34.234.28.35 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

100 %
HTTPS

67 %
IPv6

7
Domains

10
Subdomains

10
IPs

3
Countries

843 kB
Transfer

2859 kB
Size

6
Cookies

32 HTTP transactions
2 data transactions