get.producersecrets.com Open in urlscan Pro
2606:4700::6810:ec2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://connect.midimoney.com/
Effective URL:
https://get.producersecrets.com/pfs-instant-web-reg-b
Submission: On March 22 via automatic, source certstream-suspicious (March 22nd 2022, 12:49:21 am UTC) — Scanned from DE

Summary HTTP 204 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 43 IPs in 6 countries across 35 domains to perform 204 HTTP transactions. The main IP is 2606:4700::6810:ec2, located in United States and belongs to CLOUDFLARENET, US. The main domain is get.producersecrets.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 29th 2021. Valid for: a year.

This is the only time get.producersecrets.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	2606:4700::68... 2606:4700::6810:dc2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:10c2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 22	2606:4700::68... 2606:4700::6810:ec2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:440... 2606:4700:440e::ac40:9c1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
9	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
16	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1 7	2606:4700::68... 2606:4700::6810:cc2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.247.243.147 162.247.243.147	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	143.204.98.57 143.204.98.57	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	143.204.98.124 143.204.98.124	16509 (AMAZON-02) (AMAZON-02)
2	52.32.96.222 52.32.96.222	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2 10	34.205.136.113 34.205.136.113	14618 (AMAZON-AES) (AMAZON-AES)
2	143.204.98.82 143.204.98.82	16509 (AMAZON-02) (AMAZON-02)
2	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
4	2.16.186.234 2.16.186.234	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	143.204.93.244 143.204.93.244	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:925b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	167.172.49.141 167.172.49.141	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE)
2	143.204.98.33 143.204.98.33	16509 (AMAZON-02) (AMAZON-02)
5	54.161.245.173 54.161.245.173	14618 (AMAZON-AES) (AMAZON-AES)
2	143.204.98.32 143.204.98.32	16509 (AMAZON-02) (AMAZON-02)
4	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
2	143.204.98.81 143.204.98.81	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
5	35.183.138.154 35.183.138.154	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	99.80.58.148 99.80.58.148	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	18.185.191.84 18.185.191.84	16509 (AMAZON-02) (AMAZON-02)
3	151.101.193.21 151.101.193.21	54113 (FASTLY) (FASTLY)
1	2606:4700:20:... 2606:4700:20::ac43:486c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
204	43

14 2606:4700::6810:dc2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

connect.midimoney.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:10c2 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700::6810:ec2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

app.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
get.producersecrets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:cc2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

legionproducers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.147 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-57.fra50.r.cloudfront.net

static.leaddyno.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-124.fra50.r.cloudfront.net

widget.wickedreports.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.32.96.222 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-32-96-222.us-west-2.compute.amazonaws.com

app.marketermagic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.205.136.113 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-136-113.compute-1.amazonaws.com

collector.leaddyno.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-82.fra50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

a.deadlinefunnel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.16.186.234 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-234.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.93.244 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-93-244.fra50.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:925b (United States)

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.172.49.141 (London, United Kingdom) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: inklessideas.co.uk

midimoney.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.226.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-33.fra50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.161.245.173 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-245-173.compute-1.amazonaws.com

c.deadlinefunnel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
deadlinefunnel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-32.fra50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-81.fra50.r.cloudfront.net

cdn.funnelytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.183.138.154 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-183-138-154.ca-central-1.compute.amazonaws.com

track-v2.funnelytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.80.58.148 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-58-148.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:c (United States)

ASN13335 (CLOUDFLARENET, US)

trackcmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.185.191.84 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-191-84.eu-central-1.compute.amazonaws.com

widget.manychat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
manychat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.193.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:486c (United States)

ASN13335 (CLOUDFLARENET, US)

mccdn.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	clickfunnels.com assets.clickfunnels.com — Cisco Umbrella Rank: 63898 app.clickfunnels.com — Cisco Umbrella Rank: 33240 www.clickfunnels.com — Cisco Umbrella Rank: 49985	11 KB
16	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	1 KB
15	midimoney.com 2 redirects connect.midimoney.com midimoney.com	1 MB
12	leaddyno.com 2 redirects static.leaddyno.com — Cisco Umbrella Rank: 48728 collector.leaddyno.com — Cisco Umbrella Rank: 42811	23 KB
12	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	860 KB
9	gstatic.com fonts.gstatic.com	317 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 ajax.googleapis.com — Cisco Umbrella Rank: 251	77 KB
9	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 828	154 KB
8	producersecrets.com 1 redirects get.producersecrets.com	924 KB
8	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 573 script.hotjar.com — Cisco Umbrella Rank: 719 vars.hotjar.com — Cisco Umbrella Rank: 874 in.hotjar.com — Cisco Umbrella Rank: 1636	133 KB
7	funnelytics.io cdn.funnelytics.io — Cisco Umbrella Rank: 61090 track-v2.funnelytics.io — Cisco Umbrella Rank: 50789	8 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	59 KB
7	deadlinefunnel.com a.deadlinefunnel.com — Cisco Umbrella Rank: 52077 c.deadlinefunnel.com — Cisco Umbrella Rank: 52538 deadlinefunnel.com — Cisco Umbrella Rank: 48970	438 KB
7	legionproducers.com 1 redirects legionproducers.com	1 MB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	279 KB
5	paypal.com www.paypal.com — Cisco Umbrella Rank: 2527 t.paypal.com	9 KB
5	google.de www.google.de — Cisco Umbrella Rank: 6433	888 B
5	google.com www.google.com — Cisco Umbrella Rank: 2	888 B
5	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 68 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	2 KB
4	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 971 trc.taboola.com — Cisco Umbrella Rank: 562	37 KB
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 1084	71 KB
3	manychat.com widget.manychat.com — Cisco Umbrella Rank: 32867 manychat.com — Cisco Umbrella Rank: 29984	2 KB
3	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 955	340 B
3	app-us1.com diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 7854 prism.app-us1.com — Cisco Umbrella Rank: 7875	11 KB
3	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1207	16 KB
2	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 1810	33 KB
2	marketermagic.com app.marketermagic.com	1 KB
1	mccdn.me mccdn.me — Cisco Umbrella Rank: 33585	92 KB
1	trackcmp.net trackcmp.net — Cisco Umbrella Rank: 7437	362 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 101	15 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1102	7 KB
1	wickedreports.com widget.wickedreports.com — Cisco Umbrella Rank: 32766	309 B
1	nr-data.net bam-cell.nr-data.net — Cisco Umbrella Rank: 309	725 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 306	14 KB
0	addevent.com Failed track.addevent.com Failed
204	35

	Domain	Requested by
16	www.facebook.com	connect.midimoney.com get.producersecrets.com connect.facebook.net
14	app.clickfunnels.com	connect.midimoney.com legionproducers.com get.producersecrets.com
14	connect.midimoney.com	1 redirects connect.midimoney.com static.cloudflareinsights.com
12	connect.facebook.net	connect.midimoney.com connect.facebook.net legionproducers.com get.producersecrets.com mccdn.me
10	collector.leaddyno.com	2 redirects static.leaddyno.com get.producersecrets.com
9	fonts.gstatic.com	fonts.googleapis.com
9	use.fontawesome.com	connect.midimoney.com use.fontawesome.com legionproducers.com get.producersecrets.com
8	get.producersecrets.com	1 redirects legionproducers.com get.producersecrets.com
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
7	legionproducers.com	1 redirects connect.midimoney.com legionproducers.com static.cloudflareinsights.com
7	fonts.googleapis.com	connect.midimoney.com legionproducers.com get.producersecrets.com client
6	www.googletagmanager.com	legionproducers.com www.googletagmanager.com get.producersecrets.com
5	www.google.de	get.producersecrets.com
5	www.google.com	get.producersecrets.com
5	track-v2.funnelytics.io	cdn.funnelytics.io
4	stats.g.doubleclick.net	www.google-analytics.com
4	analytics.tiktok.com	legionproducers.com analytics.tiktok.com
3	www.paypal.com	get.producersecrets.com www.paypalobjects.com
3	c.deadlinefunnel.com	a.deadlinefunnel.com
3	tr.snapchat.com	sc-static.net
3	static.cloudflareinsights.com	connect.midimoney.com legionproducers.com get.producersecrets.com
2	manychat.com	mccdn.me
2	t.paypal.com	get.producersecrets.com
2	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
2	deadlinefunnel.com	a.deadlinefunnel.com
2	trc.taboola.com	cdn.taboola.com
2	in.hotjar.com	script.hotjar.com
2	cdn.funnelytics.io	connect.midimoney.com
2	cdn.taboola.com	www.googletagmanager.com
2	vars.hotjar.com	static.hotjar.com
2	script.hotjar.com	static.hotjar.com
2	diffuser-cdn.app-us1.com	legionproducers.com get.producersecrets.com
2	a.deadlinefunnel.com	legionproducers.com get.producersecrets.com
2	static.hotjar.com	legionproducers.com get.producersecrets.com
2	ajax.googleapis.com	static.leaddyno.com
2	www.clickfunnels.com	legionproducers.com get.producersecrets.com
2	app.marketermagic.com	legionproducers.com get.producersecrets.com
2	static.leaddyno.com	legionproducers.com get.producersecrets.com
1	mccdn.me	widget.manychat.com
1	widget.manychat.com	get.producersecrets.com
1	trackcmp.net	diffuser-cdn.app-us1.com
1	prism.app-us1.com	diffuser-cdn.app-us1.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	midimoney.com	1 redirects
1	www.googleadservices.com	www.googletagmanager.com
1	sc-static.net	legionproducers.com
1	widget.wickedreports.com	legionproducers.com
1	bam-cell.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	connect.midimoney.com
1	assets.clickfunnels.com	connect.midimoney.com
0	track.addevent.com Failed	connect.midimoney.com legionproducers.com get.producersecrets.com
204	51

This site contains links to these domains. Also see Links.

Domain
www.termsandcondiitionssample.com
www.privacypolicytemplate.net

Subject Issuer	Validity	Valid
connect.midimoney.com Cloudflare Inc ECC CA-3	`2022-03-22` - `2023-03-22`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-29` - `2022-03-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
legionproducers.com Cloudflare Inc ECC CA-3	`2021-05-13` - `2022-05-12`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
*.leaddyno.com Amazon	`2022-02-01` - `2023-03-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
widget.wickedreports.com Amazon	`2021-08-14` - `2022-09-12`	a year	crt.sh
marketermagic.com Amazon	`2021-10-14` - `2022-11-11`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
a.deadlinefunnel.com R3	`2022-03-18` - `2022-06-16`	3 months	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
get.producersecrets.com Cloudflare Inc ECC CA-3	`2021-08-29` - `2022-08-28`	a year	crt.sh
tr.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-13` - `2023-01-13`	a year	crt.sh
dfimage.com Amazon	`2021-12-01` - `2022-12-28`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.funnelytics.io Amazon	`2021-12-06` - `2023-01-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
widget.manychat.com Sectigo ECC Domain Validation Secure Server CA	`2021-03-18` - `2022-04-18`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-02-11` - `2023-03-14`	a year	crt.sh
mccdn.me Cloudflare Inc ECC CA-3	`2021-05-31` - `2022-05-30`	a year	crt.sh
manychat.com Sectigo ECC Domain Validation Secure Server CA	`2021-05-03` - `2022-06-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://get.producersecrets.com/pfs-instant-web-reg-b
Frame ID: 9FAF613970D61FDE2E7F7E25DF83FF44
Requests: 196 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=5f29241a-0f01-4abf-8e04-75dfdf393da8
Frame ID: 92D9281818EC2AF75F9CEAC0DF9F1964
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: 34B75531DC9708FEC1E0E8026CDBC5C7
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 5156CFB43FC6AFD6DCCC880D088D5EE9
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: 027C231FDE5A5EF207B9D412DF08B683
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 36319F6ACB05B0C9CFE5A697176B2AF5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Producer Training

Page URL History Show full URLs

https://connect.midimoney.com/ HTTP 302
https://connect.midimoney.com/welcome Page URL
http://legionproducers.com/ HTTP 302
https://legionproducers.com/pfs-live-registration-a Page URL
https://midimoney.com/training HTTP 307
https://get.producersecrets.com/pfs-instant-web-reg-2 HTTP 302
https://get.producersecrets.com/pfs-instant-web-reg-b Page URL

Detected technologies

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

ClickFunnels (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

<meta property="cf:app_domain" content="app\.clickfunnels\.com"

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

ManyChat (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

widget\.manychat\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

204
Requests

94 %
HTTPS

47 %
IPv6

35
Domains

51
Subdomains

43
IPs

6
Countries

6242 kB
Transfer

17588 kB
Size

93
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.termsandcondiitionssample.com/live.php?token=8UpVe3o0fKRrIuvIhn1ETiNi0TFjOXes
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://www.privacypolicytemplate.net/live.php?token=PinLskqChwvNVBtHDE7ePXyAVkveVQ7F
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://connect.midimoney.com/ HTTP 302
https://connect.midimoney.com/welcome Page URL
http://legionproducers.com/ HTTP 302
https://legionproducers.com/pfs-live-registration-a Page URL
https://midimoney.com/training HTTP 307
https://get.producersecrets.com/pfs-instant-web-reg-2 HTTP 302
https://get.producersecrets.com/pfs-instant-web-reg-b Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://connect.midimoney.com/ HTTP 302
https://connect.midimoney.com/welcome

Request Chain 35

http://legionproducers.com/ HTTP 302
https://legionproducers.com/pfs-live-registration-a

Request Chain 59

https://collector.leaddyno.com/x?key=cc009cc9268723dcc76b371bb0347ba9e74ce226&ld_fp=3977134471&ld_t=7ed9bc16-4f5e-4bf7-fc42-57de4f75e8f1&ts=1647910157629 HTTP 302
https://collector.leaddyno.com/x?key=cc009cc9268723dcc76b371bb0347ba9e74ce226&ld_fp=3977134471

Request Chain 144

https://collector.leaddyno.com/x?key=cc009cc9268723dcc76b371bb0347ba9e74ce226&ld_fp=3977134471&ld_t=ff24fe1d-ddd1-4051-e8e4-ce1985293a9b&ts=1647910159469 HTTP 302
https://collector.leaddyno.com/x?key=cc009cc9268723dcc76b371bb0347ba9e74ce226&ld_fp=3977134471

204 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

welcome Show response
connect.midimoney.com/
Redirect Chain

https://connect.midimoney.com/
https://connect.midimoney.com/welcome

79 KB
19 KB

142ms
141ms

Document
text/html

2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.midimoney.com/welcome

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

cd8c602fdfb0b1374a9604704cce583099d43f6f3b150643ab3f7c4b4a516b7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 22 Mar 2022 00:49:15 GMT
content-type: text/html; charset=utf-8
cf-ray: 6efaed2608a79a0c-FRA
access-control-allow-origin: *
cache-control: max-age=60, public, s-maxage=600, r-maxage=10
last-modified: Wed, 04 Aug 2021 00:53:43 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200 OK
x-content-digest: 665fbb0eefc97054eba0292be0f7bf9c1a3d6edb
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: fresh
x-request-id: 05901ae368a268c7ae2aef8ad70f7318
x-runtime: 0.303081
server: cloudflare
content-encoding: br

Redirect headers

date: Tue, 22 Mar 2022 00:49:15 GMT
content-type: text/html; charset=utf-8
location: https://connect.midimoney.com/welcome
cf-ray: 6efaed226dd29a0c-FRA
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
pragma: no-cache
status: 302 Found
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 4002b0cc6948bd3793ec376d7bf4983f
x-runtime: 0.160306
server: cloudflare

GET
H2 200 lander.css
connect.midimoney.com/assets/ 425 KB
70 KB 58ms
58ms Stylesheet
text/css 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.midimoney.com/assets/lander.css

Requested by

Host: connect.midimoney.com
URL: https://connect.midimoney.com/welcome

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.midimoney.com/welcome
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 605
last-modified: Wed, 16 Mar 2022 16:41:47 GMT
server: cloudflare
etag: W/"6232134b-6a514"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 6efaed2719939a0c-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 22 Mar 2022 01:09:15 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.9.0/css/ 55 KB
13 KB 31ms
15ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Requested by: Host: connect.midimoney.com
URL: https://connect.midimoney.com/welcome
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.midimoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4798247
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: R6NH4GJ7K569R50W
x-amz-id-2: UMzeQ4xVVEzkt+nMXUeDEUQvy+wpjX5qBC4xjuMDX2OaDkyj9B0Hmp1pqTpRuUYIak+jxrdXODQ=
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
server: cloudflare
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fAdmGPbvn%2B0i6BLHeGgpWCKFpx4Hvcx3%2FTGjA27fO%2B%2FeFYj4JsbmJl0g78oS4X%2FzSFTGAtI%2FKjQ5RvWwatXJyFGH0oj0qOUUJrrpuAijh0g72KL0U2HSZfXMqVrO2PZKRwBF%2BUunqYg%2FCpP%2F0HJyXsDh"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 6efaed272a739211-FRA

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v5.9.0/css/ 26 KB
4 KB 33ms
17ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
Requested by: Host: connect.midimoney.com
URL: https://connect.midimoney.com/welcome
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.midimoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4798152
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: RB5BPRT48JBAE6TP
x-amz-id-2: gCI0BCd4N0Ze41wUUC9fQ5XlRt+jkrB7evHnqcM8HM5N2U+Yr/0Hi6JfxMBuYiohKnNmeTq+oho=
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
server: cloudflare
etag: W/"e140a7d32f343530f016095df3cc2ae4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sANIFgPY37L9XUOWa0SLDDvnC86U7GDT3Kk5Y6p6fMYPso3QLv1%2FP2R8K1d%2F6cjyF0f6sRrGo5nCAcMAz8f1bA7V%2FRbfVmxeMf%2F34ZHt47Wz2MCClQkJtO98Ql24y%2BrXppBqK8%2Be5PEfaI2YDokPvEMk"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 6efaed272a759211-FRA

GET
H2 200 css
fonts.googleapis.com/ 45 KB
2 KB 132ms
49ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700

Requested by

Host: connect.midimoney.com
URL: https://connect.midimoney.com/welcome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d0e6d137466ec7e752df8a3668e0e3a407c603957d940b6451a63853d9d7129f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.midimoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 23:29:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 22 Mar 2022 00:49:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Mar 2022 00:49:15 GMT

GET
H2 200 application.js Show response
connect.midimoney.com/assets/userevents/ 5 KB
2 KB 52ms
51ms Script
application/x-javascript 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.midimoney.com/assets/userevents/application.js

Requested by

Host: connect.midimoney.com
URL: https://connect.midimoney.com/welcome

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

004e3565fa58bd4ff0cbf31deb5451508a5ec7d46c4480f9bfa23326f187a158

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.midimoney.com/welcome
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 580
last-modified: Wed, 16 Mar 2022 16:41:47 GMT
server: cloudflare
etag: W/"6232134b-1353"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 6efaed2719999a0c-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 22 Mar 2022 01:09:15 GMT

GET
H2 200 closemodal.png
assets.clickfunnels.com/images/ 672 B
1 KB 92ms
52ms Image
image/webp 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.clickfunnels.com/images/closemodal.png

Requested by

Host: connect.midimoney.com
URL: https://connect.midimoney.com/welcome

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.midimoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:15 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 10039
cf-polished: origFmt=png, origSize=788
content-disposition: inline; filename="closemodal.webp"
content-length: 672
last-modified: Wed, 16 Mar 2022 16:41:47 GMT
server: cloudflare
etag: "6232134b-314"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 22 Apr 2022 00:49:15 GMT
cache-control: public, max-age=2678400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6efaed282b6a5c4a-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-bgj: imgq:100,h2pri

GET
H2 200 MM.small_icon_white.png
connect.midimoney.com/hosted/images/b0/30a200691f11e89fe1259ce9683d59/ 5 KB
5 KB 123ms
122ms Image
image/png 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://connect.midimoney.com/hosted/images/b0/30a200691f11e89fe1259ce9683d59/MM.small_icon_white.png
Requested by: Host: connect.midimoney.com
URL: https://connect.midimoney.com/welcome
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6423062322d120d3a6bba602f3d394a3007484b3792fd5502494fa0a3c85c1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.midimoney.com/welcome
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:15 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Jun 2018 00:22:28 GMT
server: cloudflare
x-amz-cf-pop: DUS51-P1
etag: "898eeb545e63f782cfa98e7c838860fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6efaed27ea479a0c-FRA
content-length: 4666

GET
H2 200 MM_HEADER-_2-4-19_.png
connect.midimoney.com/hosted/images/79/ee202028a311e98cc4fd70791f7db2/ 357 KB
357 KB 736ms
734ms Image
image/png 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://connect.midimoney.com/hosted/images/79/ee202028a311e98cc4fd70791f7db2/MM_HEADER-_2-4-19_.png
Requested by: Host: connect.midimoney.com
URL: https://connect.midimoney.com/welcome
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdd0370e28b63f5f5a784f9273bd6d5a57e8bd08af9ac071dca9b00d40583d8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.midimoney.com/welcome
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:16 GMT
cf-cache-status: MISS
last-modified: Mon, 04 Feb 2019 17:37:05 GMT
server: cloudflare
x-amz-cf-pop: DUS51-P1
etag: "b6d22467aeb4bd07c7fb251bf36f4897"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6efaed27ea499a0c-FRA
content-length: 365469

GET
H2 200 MM-FB-review---lx-xander.jpg
connect.midimoney.com/hosted/images/cf/3f98e1f14111e88548d9f594cae7a8/ 12 KB
12 KB 539ms
537ms Image
image/jpeg 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://connect.midimoney.com/hosted/images/cf/3f98e1f14111e88548d9f594cae7a8/MM-FB-review---lx-xander.jpg
Requested by: Host: connect.midimoney.com
URL: https://connect.midimoney.com/welcome
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 361bd7ced0b116cf064d9730eafc0a76cf46ad866cc49cef0c36a548e156e4b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.midimoney.com/welcome
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:16 GMT
cf-cache-status: MISS
last-modified: Mon, 26 Nov 2018 06:09:22 GMT
server: cloudflare
x-amz-cf-pop: DUS51-P1
etag: "c3515fd3618f416b54c54c0b185a034d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6efaed27ea4a9a0c-FRA
content-length: 11789

GET
H2 200 MM-FB-review---my-bff-jacob.jpg
connect.midimoney.com/hosted/images/99/4cde01f14111e88548d9f594cae7a8/ 24 KB
24 KB 606ms
605ms Image
image/jpeg 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://connect.midimoney.com/hosted/images/99/4cde01f14111e88548d9f594cae7a8/MM-FB-review---my-bff-jacob.jpg
Requested by: Host: connect.midimoney.com
URL: https://connect.midimoney.com/welcome
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3276f26fb2af15e583a1848504c04162fecfc15a83e6ea5284e4b715202a8fdf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.midimoney.com/welcome
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:16 GMT
cf-cache-status: MISS
last-modified: Mon, 26 Nov 2018 06:07:50 GMT
server: cloudflare
x-amz-cf-pop: DUS51-P1
etag: "5e1ecd31cc53c903a0b8218f194a51c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6efaed27ea4c9a0c-FRA
content-length: 24319

GET
H2 200 MM-FB-review---magus.jpg
connect.midimoney.com/hosted/images/24/5ed391f14211e8a9411fd927cb65b3/ 8 KB
8 KB 471ms
470ms Image
image/jpeg 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://connect.midimoney.com/hosted/images/24/5ed391f14211e8a9411fd927cb65b3/MM-FB-review---magus.jpg
Requested by: Host: connect.midimoney.com
URL: https://connect.midimoney.com/welcome
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a57e892b0bb03090c698f63b5c1031851e0d67e562f6dc9332a850b73231256

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.midimoney.com/welcome
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:15 GMT
cf-cache-status: MISS
last-modified: Mon, 26 Nov 2018 06:11:44 GMT
server: cloudflare
x-amz-cf-pop: DUS51-P1
etag: "41664385bda61e80a931f6171dc227c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6efaed27ea4e9a0c-FRA
content-length: 8535

GET
H2 200 MIDIMONEY-black-text.png
connect.midimoney.com/hosted/images/96/33b1606a9d11e89c52c5f428e9dcff/ 9 KB
9 KB 522ms
521ms Image
image/png 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://connect.midimoney.com/hosted/images/96/33b1606a9d11e89c52c5f428e9dcff/MIDIMONEY-black-text.png
Requested by: Host: connect.midimoney.com
URL: https://connect.midimoney.com/welcome
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a746aa6f6461b4d9118d2c04d2af7a7e9af9884771226f515e9c477bd1d0770

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.midimoney.com/welcome
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:16 GMT
cf-cache-status: MISS
last-modified: Thu, 07 Jun 2018 21:56:12 GMT
server: cloudflare
x-amz-cf-pop: DUS51-P1
etag: "649c54c07e536bdc7c9be8fa083af8c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6efaed27ea4f9a0c-FRA
content-length: 9041

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 57ms
48ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Serif%7CSyncopate%7CPT+Serif%7CSyncopate%7CPT+Serif%7CPT+Sans%7CPT+Serif%7CPT+Sans%7CPT+Serif%7CPT+Sans%7CPT+Serif%7CPT+Sans%7CPT+Sans%7C

Requested by

Host: connect.midimoney.com
URL: https://connect.midimoney.com/welcome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8723864726dc82363e805267f24d781bb2249588d71db59876ea1c25c4aa1604

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.midimoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 00:49:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 22 Mar 2022 00:49:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Mar 2022 00:49:15 GMT

GET
H2 200 lander.js Show response
connect.midimoney.com/assets/ 2 MB
663 KB 59ms
58ms Script
application/x-javascript 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.midimoney.com/assets/lander.js

Requested by

Host: connect.midimoney.com
URL: https://connect.midimoney.com/welcome

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc1ad839306357e24afe0a9e6fadbf0f60f724fde80b1878c33d38caead92210

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.midimoney.com/welcome
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 353
last-modified: Wed, 16 Mar 2022 16:45:28 GMT
server: cloudflare
etag: W/"62321428-238190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 6efaed27ea429a0c-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 22 Mar 2022 01:09:15 GMT

GET
H2 200 pushcrew.js Show response
app.clickfunnels.com/assets/ 637 B
1 KB 72ms
40ms Script
application/x-javascript 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/assets/pushcrew.js

Requested by

Host: connect.midimoney.com
URL: https://connect.midimoney.com/welcome

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.midimoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 191
last-modified: Wed, 16 Mar 2022 16:41:46 GMT
server: cloudflare
etag: W/"6232134a-27d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 6efaed281c7b9293-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 22 Mar 2022 01:09:15 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 75ms
45ms Script
text/javascript 2606:4700:440e::ac40:9c1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: connect.midimoney.com
URL: https://connect.midimoney.com/welcome
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://connect.midimoney.com/
Origin: https://connect.midimoney.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:15 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6efaed281f4f9030-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: connect.midimoney.com
URL: https://connect.midimoney.com/welcome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.midimoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26320
x-xss-protection: 0
pragma: public
x-fb-debug: s1MOwS5cluvf9UPA3QuwNkviOOuGQ490h11nCo0T1lTsCdHF0MRg//V/8+m+CWc64MC9ti30rSkkcSQUB7H3Yw==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Tue, 22 Mar 2022 00:49:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v16/ 29 KB
29 KB 126ms
40ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v16/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://connect.midimoney.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:43:14 GMT
x-content-type-options: nosniff
age: 450361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29492
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:11:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:43:14 GMT

GET
H2 200 EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v16/ 32 KB
32 KB 167ms
81ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v16/EJRVQgYoZZY2vCFuvAFWzr8.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://connect.midimoney.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:38:15 GMT
x-content-type-options: nosniff
age: 450660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32900
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:09:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:38:15 GMT

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v16/ 44 KB
44 KB 201ms
141ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v16/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://connect.midimoney.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:41:16 GMT
x-content-type-options: nosniff
age: 450479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45300
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:57:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:41:16 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v16/ 46 KB
46 KB 185ms
125ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v16/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://connect.midimoney.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:41:16 GMT
x-content-type-options: nosniff
age: 450479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47048
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:57:46 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:41:16 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.9.0/webfonts/ 74 KB
75 KB 139ms
123ms Font
font/woff2 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

Referer: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Origin: https://connect.midimoney.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:15 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: HBTRAZHRZ4V0Q68S
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75440
x-amz-id-2: nt/xCZdjx1X5hlrwDJBOtYNP2IYmtbs4dHVhb8WA0yyX8MS5+QO5ULbMkGLA81CjIK+m1FqGG80=
last-modified: Wed, 30 Jun 2021 15:48:27 GMT
server: cloudflare
etag: "b5cf8ae26748570d8fb95a47f46b69e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZi4KV8ga0pTVpRkmCZ5L1Zcfa0NZDxLIAwvqrwAqBV5FEB3vecjNeG4XyGaKdGWJK%2B9rbzneM6QB79QnxSHkuWwGwaFQGvH6D%2B%2Flafyb%2BfT56vVhNZNJETkZHXvM2gyX3iLMdlZ07248hLp9N%2FHCRrB"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 6efaed28484b9199-FRA

GET
H2 200 pe0sMIuPIYBCpEV5eFdCBfe_.woff2
fonts.gstatic.com/s/syncopate/v17/ 32 KB
32 KB 165ms
106ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/syncopate/v17/pe0sMIuPIYBCpEV5eFdCBfe_.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif%7CSyncopate%7CPT+Serif%7CSyncopate%7CPT+Serif%7CPT+Sans%7CPT+Serif%7CPT+Sans%7CPT+Serif%7CPT+Sans%7CPT+Serif%7CPT+Sans%7CPT+Sans%7C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b57f964dfec15bc7e94db5c8930e02d2f4031c284a8e852b23b81a29450dbd14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://connect.midimoney.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 21:59:00 GMT
x-content-type-options: nosniff
age: 10215
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32344
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 19:41:40 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 21 Mar 2023 21:59:00 GMT

GET
H3 200 606954326304688 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 64ms
55ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/606954326304688?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c80ca5e629c36e6624177204f362eb5cae65a6dcd10fea337857d8da9bd42701

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.midimoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: n/hRdpyo+w6Ije3ViUpgxnlPVEeX2/IJLvmsFNYME09ETfG9l3/VUrZDeEdbM2E190S0+KpoLCAqoa6oDnvZeQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 22 Mar 2022 00:49:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 vendor.js Show response
connect.midimoney.com/ 18 KB
6 KB 233ms
232ms Script
application/javascript 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.midimoney.com/vendor.js

Requested by

Host: connect.midimoney.com
URL: https://connect.midimoney.com/welcome

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.midimoney.com/welcome
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:16 GMT
content-encoding: br
cf-cache-status: MISS
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 200 OK
strict-transport-security: max-age=0
x-request-id: f4d589bb3ce8c7d8303d9b450d08a014
x-runtime: 0.017281
x-content-digest: 581e49c9b7bdd06dab54c00931f4256b223e620e
server: cloudflare
x-frame-options: ALLOWALL
etag: W/"7422e50efbaea439fda7ef3b0eb54ee1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, public
access-control-allow-credentials: true
cf-ray: 6efaed29bbc89a0c-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: stale, valid, store

GET /
track.addevent.com/atc/ 0
0

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
813 B 222ms
192ms XHR
text/html 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/userevents/?funnel_id=aUJCbjhOVlZTSk00N2t2VWFKRXBRQT09LS05dG5KVHBRSnlISE50NkwzaCtzeHpRPT0%3D--4c146de1003a623b65a4e374b6ed65227b695919&page_id=NWd0NUVidmJidCtpKzFSbCsrVHdhQT09LS1hSGNwd1Z4eTJCbU9HOFVIdlU5eGFBPT0%3D--f79058aa8eab823489328e89bcc522b7fe27584a&funnel_step_id=RWR1cmRjSjVZQnBoTW1TZXAyOUtHUT09LS0rK2tRVmUzN05RZUpJVzZyZkdNMVRnPT0%3D--dc73c9ffc2c3e1ddb526867331ed34f6b1b47d33&user_id=YzJIdnVsYjBiS05wdUNRdFRLVytZQT09LS1jUXhidFBxdzJiRlByU29OeDQ3RXp3PT0%3D--b93f44ad6765c75435e9b53de8affa54691f7ae0&account_id=cnhaMGVHY0JNR0hObTlQZzVlUi9nZz09LS1VOE9PaldRQllZOXFWS2lVQWhjcStnPT0%3D--8712b76eecd26e0ee77b7f3c12bd6c0df3242320&page_code=MjE2NjI2NDI%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::PageviewsCreatedSummary&nonce=64844429-284c-480a-8dbb-56467b23ad12&url=https%3A%2F%2Fconnect.midimoney.com%2Fwelcome

Requested by

Host: connect.midimoney.com
URL: https://connect.midimoney.com/assets/userevents/application.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.midimoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:16 GMT
access-control-request-method: *
cf-cache-status: BYPASS
access-control-allow-origin: *
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 202 Accepted
strict-transport-security: max-age=0
x-request-id: 824a35f598aa12267c00dc2bdcb68050
x-runtime: 0.029868
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
pragma: no-cache
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 6efaed2a0b368fc8-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: miss

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
304 B 225ms
196ms XHR
text/html 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/userevents/?funnel_id=aUJCbjhOVlZTSk00N2t2VWFKRXBRQT09LS05dG5KVHBRSnlISE50NkwzaCtzeHpRPT0%3D--4c146de1003a623b65a4e374b6ed65227b695919&page_id=NWd0NUVidmJidCtpKzFSbCsrVHdhQT09LS1hSGNwd1Z4eTJCbU9HOFVIdlU5eGFBPT0%3D--f79058aa8eab823489328e89bcc522b7fe27584a&funnel_step_id=RWR1cmRjSjVZQnBoTW1TZXAyOUtHUT09LS0rK2tRVmUzN05RZUpJVzZyZkdNMVRnPT0%3D--dc73c9ffc2c3e1ddb526867331ed34f6b1b47d33&user_id=YzJIdnVsYjBiS05wdUNRdFRLVytZQT09LS1jUXhidFBxdzJiRlByU29OeDQ3RXp3PT0%3D--b93f44ad6765c75435e9b53de8affa54691f7ae0&account_id=cnhaMGVHY0JNR0hObTlQZzVlUi9nZz09LS1VOE9PaldRQllZOXFWS2lVQWhjcStnPT0%3D--8712b76eecd26e0ee77b7f3c12bd6c0df3242320&page_code=MjE2NjI2NDI%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniquePageviewsCreatedSummary&nonce=25062444-665c-43b6-b461-7311afc97cd3&url=https%3A%2F%2Fconnect.midimoney.com%2Fwelcome

Requested by

Host: connect.midimoney.com
URL: https://connect.midimoney.com/assets/userevents/application.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.midimoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:16 GMT
access-control-request-method: *
cf-cache-status: BYPASS
access-control-allow-origin: *
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 202 Accepted
strict-transport-security: max-age=0
x-request-id: e1c830c701c900209515df593d2ce43f
x-runtime: 0.031784
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
pragma: no-cache
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 6efaed2a0b388fc8-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: miss

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
308 B 222ms
194ms XHR
text/html 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/userevents/?funnel_id=aUJCbjhOVlZTSk00N2t2VWFKRXBRQT09LS05dG5KVHBRSnlISE50NkwzaCtzeHpRPT0%3D--4c146de1003a623b65a4e374b6ed65227b695919&page_id=NWd0NUVidmJidCtpKzFSbCsrVHdhQT09LS1hSGNwd1Z4eTJCbU9HOFVIdlU5eGFBPT0%3D--f79058aa8eab823489328e89bcc522b7fe27584a&funnel_step_id=RWR1cmRjSjVZQnBoTW1TZXAyOUtHUT09LS0rK2tRVmUzN05RZUpJVzZyZkdNMVRnPT0%3D--dc73c9ffc2c3e1ddb526867331ed34f6b1b47d33&user_id=YzJIdnVsYjBiS05wdUNRdFRLVytZQT09LS1jUXhidFBxdzJiRlByU29OeDQ3RXp3PT0%3D--b93f44ad6765c75435e9b53de8affa54691f7ae0&account_id=cnhaMGVHY0JNR0hObTlQZzVlUi9nZz09LS1VOE9PaldRQllZOXFWS2lVQWhjcStnPT0%3D--8712b76eecd26e0ee77b7f3c12bd6c0df3242320&page_code=MjE2NjI2NDI%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniqueVisitorsCreatedSummary&nonce=287bc2c1-2614-448a-ac59-506c0e90eacd&url=https%3A%2F%2Fconnect.midimoney.com%2Fwelcome

Requested by

Host: connect.midimoney.com
URL: https://connect.midimoney.com/assets/userevents/application.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.midimoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:16 GMT
access-control-request-method: *
cf-cache-status: BYPASS
access-control-allow-origin: *
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 202 Accepted
strict-transport-security: max-age=0
x-request-id: 9efebe95946198951aa5692fcb63a8b3
x-runtime: 0.032884
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
pragma: no-cache
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 6efaed2a0b378fc8-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: miss

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 23ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=606954326304688&ev=PageView&dl=https%3A%2F%2Fconnect.midimoney.com%2Fwelcome&rl=&if=false&ts=1647910155871&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22351714805934517%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22additionalType%22%3A%22vehicle%22%2C%22offers%22%3A%7B%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%221222569891459779%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%2C%22productID%22%3A%22%22%7D%7D&fbp=fb.1.1647910155870.1428297430&it=1647910155585&coo=false&rqm=GET

Requested by

Host: connect.midimoney.com
URL: https://connect.midimoney.com/welcome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.midimoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Tue, 22 Mar 2022 00:49:15 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 16ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=606954326304688&ev=Microdata&dl=https%3A%2F%2Fconnect.midimoney.com%2Fwelcome&rl=&if=false&ts=1647910156374&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Midi%20Money%22%2C%22meta%3Adescription%22%3A%22Services%22%2C%22meta%3Akeywords%22%3A%22clickfunnels%2C%20landing%20page%2C%20web%20site%20editor%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fconnect.midimoney.com%2Fhosted%2Fimages%2Fd8%2F744770685811e896b651f351740827%2FMIDIMONEY.red.transp.png%22%2C%22og%3Atitle%22%3A%22Midi%20Money%22%2C%22og%3Adescription%22%3A%22Services%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fconnect.midimoney.com%2Fwelcome%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1647910155870.1428297430&it=1647910155585&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: connect.midimoney.com
URL: https://connect.midimoney.com/welcome

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.midimoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 22 Mar 2022 00:49:16 GMT

GET
H2 200 nr-1215.min.js Show response
js-agent.newrelic.com/ 36 KB
14 KB 21ms
6ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1215.min.js
Requested by: Host: connect.midimoney.com
URL: https://connect.midimoney.com/welcome
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18395fd1ef75de4f03f701f5a5020563aed55e1539b3200605053f2c924211bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.midimoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: mrZZlI3m.d3cabi4HqLBBkr4pQ2c77UF
content-encoding: gzip
etag: "615035bb6557b191e767e19087efabaf"
fastly-original-body-size: 13666
x-amz-request-id: PDCMQ59YAFMXEN34
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 13666
x-amz-id-2: 9btxAJjrmdiWj8wkODRr+hfwtpEWTXdJUg7LNwZX2Z1zP776qB/ZluXzRfxIXYJa6bFy0bfh2Fo=
x-served-by: cache-hhn4036-HHN
last-modified: Mon, 24 Jan 2022 22:13:53 GMT
server: AmazonS3
x-timer: S1647910156.452405,VS0,VE0
date: Tue, 22 Mar 2022 00:49:16 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 457

GET
H2 200 background.png Show response
connect.midimoney.com/images/ 117 B
282 B 176ms
175ms XHR
text/javascript 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.midimoney.com/images/background.png?_unique=0.8917357014723872&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//connect.midimoney.com/welcome&_title=Midi%20Money&_key=eiuz97b1&_page_key=79l3mka6x3pi7yms&_fid=5743889&_fspos=1&_fvrs=5&_funnel_stat=1&_location=https://connect.midimoney.com/welcome&_referrer=

Requested by

Host: connect.midimoney.com
URL: https://connect.midimoney.com/vendor.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

f3749f19be5eeaa35ff85212bc9fe3a811e52d1c855d21afcad28152ca73d60f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.midimoney.com/welcome
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:16 GMT
access-control-request-method: *
cf-cache-status: DYNAMIC
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 200 OK
strict-transport-security: max-age=0
content-encoding: br
x-request-id: 0813d30b7b2dc1b8464e14824391d613
x-runtime: 0.018248
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
cf-ray: 6efaed2dcfbb9a0c-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: miss

POST
H2 200 rum
connect.midimoney.com/cdn-cgi/ 0
180 B 28ms
28ms XHR
text/plain 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.midimoney.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://connect.midimoney.com/welcome
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: application/json

Response headers

date: Tue, 22 Mar 2022 00:49:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://connect.midimoney.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6efaed2e68369a0c-FRA
vary: Origin

GET
H2

200

pfs-live-registration-a Show response
legionproducers.com/
Redirect Chain

http://legionproducers.com/
https://legionproducers.com/pfs-live-registration-a

130 KB
25 KB

362ms
331ms

Document
text/html

2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://legionproducers.com/pfs-live-registration-a

Requested by

Host: connect.midimoney.com
URL: https://connect.midimoney.com/assets/lander.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

081da152c2232061fff306c1cb7232595fef81566b2468747289633d882a4a6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 22 Mar 2022 00:49:17 GMT
content-type: text/html; charset=utf-8
cf-ray: 6efaed325cff924d-FRA
access-control-allow-origin: *
cache-control: no-cache
last-modified: Tue, 22 Mar 2022 00:49:17 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200 OK
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: stale, invalid
x-request-id: 3cd7c22f0f9b94375264355832ba4e4c
x-runtime: 0.178463
server: cloudflare
content-encoding: br

Redirect headers

Date: Tue, 22 Mar 2022 00:49:17 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://legionproducers.com/pfs-live-registration-a
CF-Ray: 6efaed2fef949006-FRA
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Vary: Accept-Encoding
CF-Cache-Status: BYPASS
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Access-Control-Request-Method: *
Pragma: no-cache
Status: 302 Found
X-Frame-Options: ALLOWALL
X-Powered-By: Phusion Passenger Enterprise 6.0.7
X-Rack-Cache: miss
X-Request-Id: e4f65ab9b24e89403bca7fc7a0a64f2b
X-Runtime: 0.196419
Server: cloudflare

GET
H/1.1 200
OK NRJS-fc902efb332119fff33
bam-cell.nr-data.net/1/ 49 B
725 B 520ms
481ms Script
text/javascript 162.247.243.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1215.1253ab8&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=2188&ck=1&ref=https://connect.midimoney.com/welcome&ap=308&be=801&fe=1866&dc=1240&perf=%7B%22timing%22:%7B%22of%22:1647910154568,%22n%22:0,%22r%22:0,%22re%22:636,%22f%22:636,%22dn%22:636,%22dne%22:636,%22c%22:636,%22ce%22:636,%22rq%22:637,%22rp%22:778,%22rpe%22:781,%22dl%22:782,%22di%22:1238,%22ds%22:1240,%22de%22:1290,%22dc%22:1865,%22l%22:1865,%22le%22:1973%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fp=976&fcp=976&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1215.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.midimoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 22 Mar 2022 00:49:17 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 6efaed2ffd939b98-FRA

POST NRJS-fc902efb332119fff33
bam-cell.nr-data.net/events/1/ 0
0

POST NRJS-fc902efb332119fff33
bam-cell.nr-data.net/jserrors/1/ 0
0

POST rum
connect.midimoney.com/cdn-cgi/ 0
0

GET
H2 200 lander.css
legionproducers.com/assets/ 425 KB
70 KB 39ms
37ms Stylesheet
text/css 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://legionproducers.com/assets/lander.css

Requested by

Host: legionproducers.com
URL: https://legionproducers.com/pfs-live-registration-a

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/pfs-live-registration-a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 995
last-modified: Wed, 16 Mar 2022 16:41:47 GMT
server: cloudflare
etag: W/"6232134b-6a514"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 6efaed348f00924d-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 22 Mar 2022 01:09:17 GMT

GET
H3 200 all.css
use.fontawesome.com/releases/v5.9.0/css/ 55 KB
13 KB 36ms
20ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Requested by: Host: legionproducers.com
URL: https://legionproducers.com/pfs-live-registration-a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1845322
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 6Y8PV89KC9XPDZ8T
x-amz-id-2: CFX12FCvmZfEL+oB8PSM7BkmXntBiIF/Cy4Nwcxa2rCvbH0f99j2xL2eaLpYcI1CUjOY8b8jPi8=
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
server: cloudflare
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8uYvzjRet%2FPVXlP1XXodLcPpenYPQ0pZbSaJHA8yl7Z4CtSVbAPdQj%2BbA7ZDZ2qFfkavSm4YR44y7GnrgNctFMzxaM8LjLFh5ryMY0CmiPPvIEtVHBkAEMr5uSirIFF4%2BxuDC4GXgeqlsczBI%2BrxMAEJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 6efaed34ad5e90fb-FRA

GET
H3 200 v4-shims.css
use.fontawesome.com/releases/v5.9.0/css/ 26 KB
5 KB 49ms
34ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
Requested by: Host: legionproducers.com
URL: https://legionproducers.com/pfs-live-registration-a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1845290
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 3ZFDB02TPD04KVSM
x-amz-id-2: Q+Yh9NWtHdNxTeGbi5Jy5M0eTfqcF+g9vq1am4/JhekyhOp4pfLm/0vFAqiRelD4miD66BZWdjI=
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
server: cloudflare
etag: W/"e140a7d32f343530f016095df3cc2ae4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JLjTLvS9KeNmmWnkwXpnjszSos2eTM30CpPQD51OZfjeGEnxmPkwWgL2%2BeJYZaSEGUXuSAyMYmT52Ep9xraQG7dMjnlr59H0xBzfsNyl%2B7kS7bLDb6ZKkLleLeP4V4kpQh%2FSH6dlQFRdd%2BRk9WOIo%2FWn"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 6efaed34ad5f90fb-FRA

GET
H3 200 css
fonts.googleapis.com/ 45 KB
2 KB 94ms
48ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: legionproducers.com
URL: https://legionproducers.com/pfs-live-registration-a

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d0e6d137466ec7e752df8a3668e0e3a407c603957d940b6451a63853d9d7129f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 23:07:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 22 Mar 2022 00:49:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Mar 2022 00:49:17 GMT

GET
H2 200 application.js Show response
legionproducers.com/assets/userevents/ 5 KB
2 KB 36ms
35ms Script
application/x-javascript 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://legionproducers.com/assets/userevents/application.js

Requested by

Host: legionproducers.com
URL: https://legionproducers.com/pfs-live-registration-a

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

004e3565fa58bd4ff0cbf31deb5451508a5ec7d46c4480f9bfa23326f187a158

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/pfs-live-registration-a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 615
last-modified: Wed, 16 Mar 2022 16:41:47 GMT
server: cloudflare
etag: W/"6232134b-1353"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 6efaed348f02924d-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 22 Mar 2022 01:09:17 GMT

GET
H2 200 js Show response
static.leaddyno.com/ 41 KB
10 KB 40ms
8ms Script
application/javascript 143.204.98.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leaddyno.com/js
Requested by: Host: legionproducers.com
URL: https://legionproducers.com/pfs-live-registration-a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-57.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 259c4207a413e9b1ed73ba62a775ee5134d1bb1b086379ab98f82f8814f6beaf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 19:28:30 GMT
content-encoding: gzip
last-modified: Fri, 11 Mar 2022 15:29:07 GMT
server: AmazonS3
age: 45217
etag: W/"8832f334a0c0c9974b3a4fe34e5b46fd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 6asqcCXCi0srQ3WCdbnd6SVheU5bHWqBKLVu7LgxUaKPC0QYKhJpbA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 92 KB
36 KB 140ms
54ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-161465558-2

Requested by

Host: legionproducers.com
URL: https://legionproducers.com/pfs-live-registration-a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8d0fb3904baffb378e78446e30f1d3e50f1210d82fa713e9d21a127132ac3ed5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:17 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36854
x-xss-protection: 0
expires: Tue, 22 Mar 2022 00:49:17 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
39 KB 100ms
54ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1013875938

Requested by

Host: legionproducers.com
URL: https://legionproducers.com/pfs-live-registration-a

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

acb5ace4af5402946726d0f1748740c11798d4eb91632413de3b72e7d5ae49d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:18 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40275
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 22 Mar 2022 00:49:18 GMT

GET
H2 200 wr-c6c8dbb68a1f743f489d532a3ce4aa49.js
widget.wickedreports.com/v2/3308/ 0
309 B 435ms
404ms Script
text/javascript 143.204.98.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.wickedreports.com/v2/3308/wr-c6c8dbb68a1f743f489d532a3ce4aa49.js
Requested by: Host: legionproducers.com
URL: https://legionproducers.com/pfs-live-registration-a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-124.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:19 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
last-modified: Wed, 02 Sep 2020 12:17:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Miss from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 0
x-amz-cf-id: d07P2GvZglChtbTirmHVJsQa4JFLvH2EIdv7yFuwJx58Y0eMsPuTEQ==

GET
H2 200 8aa7672d-2d4-aceb4 Show response
app.marketermagic.com/api/clickproof/1062c2e8-0b1-cd075/ 16 B
655 B 601ms
233ms Script
text/html 52.32.96.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.marketermagic.com/api/clickproof/1062c2e8-0b1-cd075/8aa7672d-2d4-aceb4
Requested by: Host: legionproducers.com
URL: https://legionproducers.com/pfs-live-registration-a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.96.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-96-222.us-west-2.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: da9422432aef50808228f7f81e8102425401fc0b642cd460bc0070a622584bae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:18 GMT
server: Apache/2.4.29 (Ubuntu)
x-ratelimit-remaining: 59
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
x-ratelimit-limit: 60
access-control-allow-headers: X-Requested-With, Content-Type, X-Token-Auth, Authorization, X-CSRF-TOKEN
content-length: 16

GET
H2 200 closemodal.png
www.clickfunnels.com/images/ 672 B
789 B 67ms
62ms Image
image/webp 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.clickfunnels.com/images/closemodal.png

Requested by

Host: legionproducers.com
URL: https://legionproducers.com/pfs-live-registration-a

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:18 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 10053
cf-polished: origFmt=png, origSize=788
content-disposition: inline; filename="closemodal.webp"
last-modified: Wed, 16 Mar 2022 16:41:47 GMT
server: cloudflare
etag: "6232134b-314"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 22 Apr 2022 00:49:18 GMT
cache-control: public, max-age=2678400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6efaed385fbb5c4a-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-bgj: imgq:100,h2pri

GET
H2 200 GABE-ANNO-title-comp-3-5-20.png
legionproducers.com/hosted/images/63/ac4ce49ba2432282a20b3c8cf34fa9/ 704 KB
705 KB 52ms
48ms Image
image/png 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://legionproducers.com/hosted/images/63/ac4ce49ba2432282a20b3c8cf34fa9/GABE-ANNO-title-comp-3-5-20.png
Requested by: Host: legionproducers.com
URL: https://legionproducers.com/pfs-live-registration-a
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/pfs-live-registration-a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:18 GMT
cf-cache-status: MISS
last-modified: Fri, 06 Mar 2020 17:15:56 GMT
server: cloudflare
x-amz-cf-pop: FRA50-C1
etag: "da5758be3a4d616551de4c4a2480092a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6efaed385a86924d-FRA
content-length: 721083

GET
H3 200 css
fonts.googleapis.com/ 2 KB
519 B 48ms
48ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway%7CRaleway%7C

Requested by

Host: legionproducers.com
URL: https://legionproducers.com/pfs-live-registration-a

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4bbb558bcc73c6ec7de1a3bfee854935d2acb54b5055f49347a47fff164c2ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 00:49:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 22 Mar 2022 00:49:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Mar 2022 00:49:17 GMT

GET
H2 200 lander.js Show response
legionproducers.com/assets/ 2 MB
663 KB 33ms
33ms Script
application/x-javascript 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://legionproducers.com/assets/lander.js

Requested by

Host: legionproducers.com
URL: https://legionproducers.com/pfs-live-registration-a

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc1ad839306357e24afe0a9e6fadbf0f60f724fde80b1878c33d38caead92210

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/pfs-live-registration-a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 865
last-modified: Wed, 16 Mar 2022 16:45:28 GMT
server: cloudflare
etag: W/"62321428-238190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 6efaed357fd0924d-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 22 Mar 2022 01:09:17 GMT

GET
H2 200 mailcheck.min.js
app.clickfunnels.com/ 3 KB
1 KB 43ms
39ms Script
application/x-javascript 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/mailcheck.min.js

Requested by

Host: legionproducers.com
URL: https://legionproducers.com/pfs-live-registration-a

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 6725
last-modified: Wed, 16 Mar 2022 16:41:47 GMT
server: cloudflare
etag: W/"6232134b-a8d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 6efaed385fed9293-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H2 200 pushcrew.js
app.clickfunnels.com/assets/ 637 B
469 B 38ms
34ms Script
application/x-javascript 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/assets/pushcrew.js

Requested by

Host: legionproducers.com
URL: https://legionproducers.com/pfs-live-registration-a

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 194
last-modified: Wed, 16 Mar 2022 16:41:46 GMT
server: cloudflare
etag: W/"6232134a-27d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 6efaed385fee9293-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 22 Mar 2022 01:09:18 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 39ms
35ms Script
text/javascript 2606:4700:440e::ac40:9c1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: legionproducers.com
URL: https://legionproducers.com/pfs-live-registration-a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://legionproducers.com/
Origin: https://legionproducers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:18 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6efaed385a139030-FRA

GET
H2 200 jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 132ms
41ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: static.leaddyno.com
URL: https://static.leaddyno.com/js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 11:16:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 567198
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Mar 2023 11:16:00 GMT

GET
H2 200 visit
collector.leaddyno.com/ 46 B
227 B 403ms
105ms Script
application/javascript 34.205.136.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.leaddyno.com/visit?url=https%3A%2F%2Flegionproducers.com%2Fpfs-live-registration-a&referrer=&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&js=true&ld_t=7ed9bc16-4f5e-4bf7-fc42-57de4f75e8f1&ld_ext=&ld_fp=3977134471&channel=&key=cc009cc9268723dcc76b371bb0347ba9e74ce226&callback=__LDCB_1647910157628_917194

Requested by

Host: static.leaddyno.com
URL: https://static.leaddyno.com/js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.205.136.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-205-136-113.compute-1.amazonaws.com

Software

nginx/1.10.3 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 22 Mar 2022 00:49:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.10.3
content-type: application/javascript;charset=utf-8

GET
H2

200

x
collector.leaddyno.com/
Redirect Chain

https://collector.leaddyno.com/x?key=cc009cc9268723dcc76b371bb0347ba9e74ce226&ld_fp=3977134471&ld_t=7ed9bc16-4f5e-4bf7-fc42-57de4f75e8f1&ts=1647910157629
https://collector.leaddyno.com/x?key=cc009cc9268723dcc76b371bb0347ba9e74ce226&ld_fp=3977134471

5 B
204 B

105ms
104ms

Script
application/javascript

34.205.136.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.leaddyno.com/x?key=cc009cc9268723dcc76b371bb0347ba9e74ce226&ld_fp=3977134471

Protocol

Server

34.205.136.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-205-136-113.compute-1.amazonaws.com

Software

nginx/1.10.3 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:18 GMT
cache-control: private, must-revalidate, proxy-revalidate
x-content-type-options: nosniff
server: nginx/1.10.3
etag: 0eef6773-47ab-4650-9075-8819b6b42b72
content-length: 5
content-type: application/javascript;charset=utf-8

Redirect headers

date: Tue, 22 Mar 2022 00:49:18 GMT
x-content-type-options: nosniff
server: nginx/1.10.3
x-frame-options: SAMEORIGIN
content-type: text/html;charset=utf-8
location: https://collector.leaddyno.com/x?key=cc009cc9268723dcc76b371bb0347ba9e74ce226&ld_fp=3977134471
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 clickstream
collector.leaddyno.com/ 46 B
227 B 412ms
114ms Script
application/javascript 34.205.136.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.leaddyno.com/clickstream?url=https%3A%2F%2Flegionproducers.com%2Fpfs-live-registration-a&referrer=&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&js=true&ld_t=7ed9bc16-4f5e-4bf7-fc42-57de4f75e8f1&ld_ext=&ld_fp=3977134471&channel=&key=cc009cc9268723dcc76b371bb0347ba9e74ce226&callback=__LDCB_1647910157629_979752&page_url=https%3A%2F%2Flegionproducers.com%2Fpfs-live-registration-a&page_referrer=

Requested by

Host: static.leaddyno.com
URL: https://static.leaddyno.com/js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.205.136.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-205-136-113.compute-1.amazonaws.com

Software

nginx/1.10.3 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 22 Mar 2022 00:49:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.10.3
content-type: application/javascript;charset=utf-8

GET
H3 200 fbevents.js
connect.facebook.net/en_US/ 99 KB
26 KB 9ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: legionproducers.com
URL: https://legionproducers.com/pfs-live-registration-a

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26320
x-xss-protection: 0
pragma: public
x-fb-debug: s1MOwS5cluvf9UPA3QuwNkviOOuGQ490h11nCo0T1lTsCdHF0MRg//V/8+m+CWc64MC9ti30rSkkcSQUB7H3Yw==
x-frame-options: DENY
date: Tue, 22 Mar 2022 00:49:18 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-1414462.js
static.hotjar.com/c/ 6 KB
3 KB 59ms
38ms Script
application/javascript 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1414462.js?sv=6

Requested by

Host: legionproducers.com
URL: https://legionproducers.com/pfs-live-registration-a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:18 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA50-C1
etag: W/68a30434e86b0e33b3c34393b0a43f7e
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: ndfHoNUvrpD_pgaF8p28_7Qtv0fsKfqnziKQKWXwisNQ6EY4y82PTg==
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)

GET
H2 200 reactunified.bundle.js
a.deadlinefunnel.com/unified/ 630 KB
213 KB 75ms
19ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.deadlinefunnel.com/unified/reactunified.bundle.js?userIdHash=eyJpdiI6IkNsRHF1XC84amlRbUh0T2RiU3RQZTVBPT0iLCJ2YWx1ZSI6IjNmclNoTiszOXNlUTdUdkYzdkt2RUE9PSIsIm1hYyI6ImUxYTAzNWYxZWI0ZWFlMDM5MzNhMzM4Mjk0NmRhODU1ZTcyMmIzOWI5ODM3MTZkYzAxZWY4NTNkOWMyMzU4NWUifQ==&pageFromUrl=aHR0cHM6Ly9sZWdpb25wcm9kdWNlcnMuY29tL3Bmcy1saXZlLXJlZ2lzdHJhdGlvbi1h&parentPageFromUrl=
Requested by: Host: legionproducers.com
URL: https://legionproducers.com/pfs-live-registration-a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:18 GMT
content-encoding: gzip
last-modified: Mon, 14 Mar 2022 14:41:16 GMT
server: AmazonS3
x-amz-request-id: WMPYFT2AJ3ZD5HWS
etag: "b30716af80f670fadc6444f2e1066e26"
x-hw: 1647910158.cds277.am5.hn,1647910158.cds129.am5.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 217234
x-amz-id-2: u6519rtL4QLy6XJbk8foAPkAvGFTv2qps2J+09SSd89Pd+ZeeNFuHI7h/1YUN41xbnqfn/VqJnI=

GET
H3 200 gtm.js
www.googletagmanager.com/ 180 KB
64 KB 68ms
66ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M49FWS6

Requested by

Host: legionproducers.com
URL: https://legionproducers.com/pfs-live-registration-a

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:18 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65449
x-xss-protection: 0
expires: Tue, 22 Mar 2022 00:49:18 GMT

GET
H2 200 sdk.js
analytics.tiktok.com/i18n/pixel/ 137 KB
39 KB 137ms
108ms Script
application/javascript 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BV1D962D4EIVEV2IMTRG
Requested by: Host: legionproducers.com
URL: https://legionproducers.com/pfs-live-registration-a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 00:49:18 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20220322004918010113006069164CF9B3
vary: Accept-Encoding
x-cache: TCP_MISS from a2-16-186-230.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3.1-40349883) (-)
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 99,2.16.186.230
x-tt-trace-host: 018debac48b254c96e084d365932782b4d67c0f8ff341894f53305141dc494f73447776d68770dd9db7d23e884dd97317d9c3204a4dc38138cd8e55ecf8d7126fb7dffcc10558a352d5fea79960a461d2ecbd4cde9bf2c5dd7ef7b8af7c75f6f49
server-timing: inner; dur=1, cdn-cache; desc=MISS, edge; dur=1, origin; dur=99
x-akamai-request-id: 19a9a568
expires: Tue, 22 Mar 2022 00:49:18 GMT

GET
H2 200 scevent.min.js
sc-static.net/ 17 KB
7 KB 50ms
22ms Script
application/javascript 143.204.93.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: legionproducers.com
URL: https://legionproducers.com/pfs-live-registration-a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.244 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-244.fra50.r.cloudfront.net
Software: CloudFront /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:18 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: FRA50-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 6336
via: 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
x-amz-cf-id: Lnxw09g3k8GyvnNzLLuN1GDSKxxrrswO7FThkr0k01L_XvcI7q1QXg==

GET
H2 200 analytics.js
www.google-analytics.com/ 49 KB
20 KB 133ms
40ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-161465558-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4468
date: Mon, 21 Mar 2022 23:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 22 Mar 2022 01:34:50 GMT

GET
H3 200 js
www.googletagmanager.com/gtag/ 99 KB
39 KB 54ms
52ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1013875938&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-161465558-2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:18 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40285
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 22 Mar 2022 00:49:18 GMT

GET
H2 200 conversion_async.js
www.googleadservices.com/pagead/ 39 KB
15 KB 281ms
51ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1013875938

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14884
x-xss-protection: 0
server: cafe
etag: 4198181851688197673
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 22 Mar 2022 00:49:18 GMT

GET
H3 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v26/ 46 KB
46 KB 88ms
40ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v26/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://legionproducers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 06:13:05 GMT
x-content-type-options: nosniff
age: 585373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47312
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:15:33 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Mar 2023 06:13:05 GMT

GET
H3 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
fonts.gstatic.com/s/raleway/v26/ 21 KB
21 KB 62ms
43ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v26/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway%7CRaleway%7C

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://legionproducers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 11:47:54 GMT
x-content-type-options: nosniff
age: 478884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21028
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:17:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 11:47:54 GMT

GET
H3 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.9.0/webfonts/ 13 KB
14 KB 322ms
321ms Font
font/woff2 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/webfonts/fa-regular-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Origin: https://legionproducers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:18 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: A3CXQ5RH009YPGS6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13580
x-amz-id-2: roGfGLAiwiZU80FucVQPt6Bf/Wi6a27cAtaaPmIsu4pEa00rnnHf6NTHu8ycnu/zT5RyFUnwSgA=
last-modified: Wed, 30 Jun 2021 15:48:27 GMT
server: cloudflare
etag: "e07d9e40b26048d9abe2ef966cd6e263"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PGAnYpQe%2Fn72m3Qfy6YHsG0cXPo7tD6l4akbiAdWSvqLb2%2BV4EF7Z8WgIGkwUVW8PXhNoLbZE3wc1sf5OyV7bCtvhO67Kik8N1QZaP%2F%2BR5pB%2FSy5hoACNuPIZ7cBmAq8A38Os9Hq0vuoh%2FCl7SpleVgi"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 6efaed389a3e9030-FRA

GET
H2 200 vendor.js
legionproducers.com/ 18 KB
6 KB 143ms
143ms Script
application/javascript 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://legionproducers.com/vendor.js

Requested by

Host: legionproducers.com
URL: https://legionproducers.com/pfs-live-registration-a

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/pfs-live-registration-a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:18 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 200 OK
strict-transport-security: max-age=0
x-request-id: aec330f0d557e3f9b262e4dfc80ffdf5
x-runtime: 0.071766
x-content-digest: 581e49c9b7bdd06dab54c00931f4256b223e620e
server: cloudflare
x-frame-options: ALLOWALL
etag: W/"7422e50efbaea439fda7ef3b0eb54ee1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, public
access-control-allow-credentials: true
cf-ray: 6efaed39aba6924d-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: stale, valid, store

GET
H2 200 diffuser.js
diffuser-cdn.app-us1.com/diffuser/ 24 KB
6 KB 112ms
27ms Script
application/javascript 2606:4700::6811:925b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Requested by: Host: legionproducers.com
URL: https://legionproducers.com/pfs-live-registration-a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:18 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 117
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 21 Oct 2021 17:42:06 GMT
server: cloudflare
etag: W/"4d482a43613d3966f353ec9d97452e0c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 81f818adbacff6b703252be1c8922598.cloudfront.net (CloudFront)
cache-control: public, max-age=300
x-amz-cf-pop: SFO5-P1
cf-ray: 6efaed3a391d9c07-FRA
x-amz-cf-id: RRtcUxdFza08mdoAfIDDqsBl9Tf4JraKVX4aSiX-y4oIvZ2ktvNd9g==

GET /
track.addevent.com/atc/ 0
0

GET
H3 200 606954326304688
connect.facebook.net/signals/config/ 307 KB
87 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/606954326304688?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 89341
x-xss-protection: 0
pragma: public
x-fb-debug: n/hRdpyo+w6Ije3ViUpgxnlPVEeX2/IJLvmsFNYME09ETfG9l3/VUrZDeEdbM2E190S0+KpoLCAqoa6oDnvZeQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 22 Mar 2022 00:49:18 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 202 /
app.clickfunnels.com/userevents/ 0
333 B 184ms
184ms XHR
text/html 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/userevents/?funnel_id=bldiaktzY3hUVDBKK2NQQ0owK29sZz09LS1vUUlNWlFxai9mZVFOdExraTdqaTZRPT0%3D--f4b0d17e8ef7461471336779848ca1c2f452b6e8&page_id=eCtLNzEyWnBoUGtucTk4dTl3bmx3Zz09LS11TTdCS1pJYWVNNlpJeXJqdUhDVjlBPT0%3D--847ee94de91716bc11fab89697c25e324f3031eb&funnel_step_id=TVd1UnE4VEovMjY0NWgxdEZOQXRudz09LS1zdnVuR1l0SkdGcmFTQk5abWxiVTlRPT0%3D--446c479386c009f12c1ca5de51a3e1981d13d6da&user_id=NVZCMVNsR0gxSkFia3N3WjUyN3ZTUT09LS1HbWR5Z2krUTF2V0tNZCtrWEQ3eEp3PT0%3D--36dcc6f0250bb86f0e3b34909653c88a1a7a7b65&account_id=RHZ3dDJlYWt1ZVg0MjdibDRLMjZLUT09LS1sSnlrQWZzQThtQURVRE84R2JhWTJBPT0%3D--bd8a81b1dcc39aced7f609ea0b83b0a1a093b606&page_code=MzcwNTExNzg%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::PageviewsCreatedSummary&nonce=9f1b033c-04ae-415c-847b-963a6187e579&url=https%3A%2F%2Flegionproducers.com%2Fpfs-live-registration-a

Requested by

Host: legionproducers.com
URL: https://legionproducers.com/assets/userevents/application.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:18 GMT
access-control-request-method: *
cf-cache-status: BYPASS
access-control-allow-origin: *
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 202 Accepted
strict-transport-security: max-age=0
x-request-id: 2b0c54d44a8aa2d8b07f48456d33071a
x-runtime: 0.030343
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
pragma: no-cache
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 6efaed39dd588fc8-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: miss

GET
H2 202 /
app.clickfunnels.com/userevents/ 0
309 B 209ms
209ms XHR
text/html 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/userevents/?funnel_id=bldiaktzY3hUVDBKK2NQQ0owK29sZz09LS1vUUlNWlFxai9mZVFOdExraTdqaTZRPT0%3D--f4b0d17e8ef7461471336779848ca1c2f452b6e8&page_id=eCtLNzEyWnBoUGtucTk4dTl3bmx3Zz09LS11TTdCS1pJYWVNNlpJeXJqdUhDVjlBPT0%3D--847ee94de91716bc11fab89697c25e324f3031eb&funnel_step_id=TVd1UnE4VEovMjY0NWgxdEZOQXRudz09LS1zdnVuR1l0SkdGcmFTQk5abWxiVTlRPT0%3D--446c479386c009f12c1ca5de51a3e1981d13d6da&user_id=NVZCMVNsR0gxSkFia3N3WjUyN3ZTUT09LS1HbWR5Z2krUTF2V0tNZCtrWEQ3eEp3PT0%3D--36dcc6f0250bb86f0e3b34909653c88a1a7a7b65&account_id=RHZ3dDJlYWt1ZVg0MjdibDRLMjZLUT09LS1sSnlrQWZzQThtQURVRE84R2JhWTJBPT0%3D--bd8a81b1dcc39aced7f609ea0b83b0a1a093b606&page_code=MzcwNTExNzg%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniquePageviewsCreatedSummary&nonce=e657b4b6-790b-4520-bae6-52d7a2424810&url=https%3A%2F%2Flegionproducers.com%2Fpfs-live-registration-a

Requested by

Host: legionproducers.com
URL: https://legionproducers.com/assets/userevents/application.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:18 GMT
access-control-request-method: *
cf-cache-status: BYPASS
access-control-allow-origin: *
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 202 Accepted
strict-transport-security: max-age=0
x-request-id: 61a336fee1e3e691830c921c8f2c2060
x-runtime: 0.031381
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
pragma: no-cache
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 6efaed39dd598fc8-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: miss

GET
H2 202 /
app.clickfunnels.com/userevents/ 0
308 B 207ms
207ms XHR
text/html 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/userevents/?funnel_id=bldiaktzY3hUVDBKK2NQQ0owK29sZz09LS1vUUlNWlFxai9mZVFOdExraTdqaTZRPT0%3D--f4b0d17e8ef7461471336779848ca1c2f452b6e8&page_id=eCtLNzEyWnBoUGtucTk4dTl3bmx3Zz09LS11TTdCS1pJYWVNNlpJeXJqdUhDVjlBPT0%3D--847ee94de91716bc11fab89697c25e324f3031eb&funnel_step_id=TVd1UnE4VEovMjY0NWgxdEZOQXRudz09LS1zdnVuR1l0SkdGcmFTQk5abWxiVTlRPT0%3D--446c479386c009f12c1ca5de51a3e1981d13d6da&user_id=NVZCMVNsR0gxSkFia3N3WjUyN3ZTUT09LS1HbWR5Z2krUTF2V0tNZCtrWEQ3eEp3PT0%3D--36dcc6f0250bb86f0e3b34909653c88a1a7a7b65&account_id=RHZ3dDJlYWt1ZVg0MjdibDRLMjZLUT09LS1sSnlrQWZzQThtQURVRE84R2JhWTJBPT0%3D--bd8a81b1dcc39aced7f609ea0b83b0a1a093b606&page_code=MzcwNTExNzg%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniqueVisitorsCreatedSummary&nonce=530570f4-9867-4f32-8e5b-9441b0afb9ce&url=https%3A%2F%2Flegionproducers.com%2Fpfs-live-registration-a

Requested by

Host: legionproducers.com
URL: https://legionproducers.com/assets/userevents/application.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:18 GMT
access-control-request-method: *
cf-cache-status: BYPASS
access-control-allow-origin: *
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 202 Accepted
strict-transport-security: max-age=0
x-request-id: 40d68b310fa21a91ef925d19a6956c47
x-runtime: 0.053399
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
pragma: no-cache
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 6efaed39dd5b8fc8-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: miss

GET
H2

200

Primary Request pfs-instant-web-reg-b Show response
get.producersecrets.com/
Redirect Chain

https://midimoney.com/training
https://get.producersecrets.com/pfs-instant-web-reg-2
https://get.producersecrets.com/pfs-instant-web-reg-b

130 KB
24 KB

219ms
219ms

Document
text/html

2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://get.producersecrets.com/pfs-instant-web-reg-b

Requested by

Host: legionproducers.com
URL: https://legionproducers.com/assets/lander.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

6648f926e5fd7ee02dca5b9b42b67bdc62d35d0c594b1216f038724a538d367e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/pfs-live-registration-a

Response headers

date: Tue, 22 Mar 2022 00:49:19 GMT
content-type: text/html; charset=utf-8
cf-ray: 6efaed3eb8b0916b-FRA
access-control-allow-origin: *
cache-control: max-age=60, public, s-maxage=600, r-maxage=10
last-modified: Fri, 25 Feb 2022 16:21:38 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: REVALIDATED
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200 OK
x-content-digest: f7ba8c2e8e2e79ce2e6d3f9f05a1ec24d7eb4191
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: stale, valid, store
x-request-id: 3e627e6b2ab200530cf511bfa5ec96fa
x-runtime: 0.313328
server: cloudflare
content-encoding: br

Redirect headers

date: Tue, 22 Mar 2022 00:49:19 GMT
content-type: text/html; charset=utf-8
location: https://get.producersecrets.com/pfs-instant-web-reg-b
cf-ray: 6efaed3b4d83916b-FRA
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 302 Found
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 18c4043afb2bf0b8b75d97ac6f1f68ba
x-runtime: 0.132585
server: cloudflare

GET
H2 200 is_enabled
tr.snapchat.com/collector/ 46 B
313 B 66ms
23ms Fetch
application/json 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=5f29241a-0f01-4abf-8e04-75dfdf393da8

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.19.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:18 GMT
via: 1.1 google
server: nginx/1.19.6
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46

GET
H2 200 modules.7d3f952308caf42c2b67.js
script.hotjar.com/ 236 KB
62 KB 27ms
7ms Script
application/javascript 143.204.98.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.7d3f952308caf42c2b67.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1414462.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-33.fra50.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 09:02:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1007232
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 63048
access-control-allow-origin: *
last-modified: Thu, 10 Mar 2022 09:01:33 GMT
etag: "2f5d47da7be4d107a04726029158797c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: VPuGKNvzXXdyJTuBAkN5W--HbrRf9IdsL1hEY6gws17LSKsBfXV-xw==

POST
H3 200 collect
www.google-analytics.com/j/ 2 B
22 B 93ms
45ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1963442398&t=pageview&_s=1&dl=https%3A%2F%2Flegionproducers.com%2Fpfs-live-registration-a&ul=en-us&de=UTF-8&dt=Producer%20Training&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1777809509&gjid=297560858&cid=981486969.1647910158&tid=UA-161465558-2&_gid=537655568.1647910158&_r=1&gtm=2ou3e0&z=2127411166

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://legionproducers.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 00:49:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://legionproducers.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify.js
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 128ms
127ms Script
application/javascript 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BV1D962D4EIVEV2IMTRG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-akamai-request-id: 19a9a637
date: Tue, 22 Mar 2022 00:49:18 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-230.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3.1-40349883) (-)
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=1, origin; dur=119
content-length: 30696
pragma: no-cache
server: nginx
x-tt-logid: 202203220049180101131351431F7FD029
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 119,2.16.186.230
x-tt-trace-host: 018debac48b254c96e084d365932782b4d67c0f8ff341894f53305141dc494f73447776d68770dd9db7d23e884dd97317da0296a9ad9cf10c3fbe05ec4803d15ec80db63b9a81577fd16efd6f7637ed9a3f39332d23ba381f50c8932cf16920836
expires: Tue, 22 Mar 2022 00:49:18 GMT

GET
H2 200 config.js
analytics.tiktok.com/i18n/pixel/ 887 B
962 B 105ms
105ms Script
application/javascript 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=BV1D962D4EIVEV2IMTRG&hostname=legionproducers.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BV1D962D4EIVEV2IMTRG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-akamai-request-id: 19a9a654
date: Tue, 22 Mar 2022 00:49:18 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-230.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3.1-40349883) (-)
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=1, origin; dur=97
content-length: 354
pragma: no-cache
server: nginx
x-tt-logid: 202203220049180101130062432436CB26
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 97,2.16.186.230
x-tt-trace-host: 018debac48b254c96e084d365932782b4d67c0f8ff341894f53305141dc494f73447776d68770dd9db7d23e884dd97317d6166cd332c57b187a53e1db6cfa6342e961e702fee5ef58d64ee84c55aa3c9f5f707e4e38ded7e90d74788d1d994428f
expires: Tue, 22 Mar 2022 00:49:18 GMT

GET
H2 200 /
c.deadlinefunnel.com/identify/ 397 B
843 B 328ms
103ms Fetch
application/json 54.161.245.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c.deadlinefunnel.com/identify/?callback=callDFJsonP&domain=https%3A%2F%2Fdeadlinefunnel.com&clientUrl=https%3A%2F%2Flegionproducers.com%2Fpfs-live-registration-a&debug=false&showCountdownNow=0&redisDomain=https%3A%2F%2Fc.deadlinefunnel.com&userIdHash=eyJpdiI6IkNsRHF1XC84amlRbUh0T2RiU3RQZTVBPT0iLCJ2YWx1ZSI6IjNmclNoTiszOXNlUTdUdkYzdkt2RUE9PSIsIm1hYyI6ImUxYTAzNWYxZWI0ZWFlMDM5MzNhMzM4Mjk0NmRhODU1ZTcyMmIzOWI5ODM3MTZkYzAxZWY4NTNkOWMyMzU4NWUifQ&pageFromUrl=aHR0cHM6Ly9sZWdpb25wcm9kdWNlcnMuY29tL3Bmcy1saXZlLXJlZ2lzdHJhdGlvbi1h&parentPageFromUrl=&=&promocode=undefined
Requested by: Host: a.deadlinefunnel.com
URL: https://a.deadlinefunnel.com/unified/reactunified.bundle.js?userIdHash=eyJpdiI6IkNsRHF1XC84amlRbUh0T2RiU3RQZTVBPT0iLCJ2YWx1ZSI6IjNmclNoTiszOXNlUTdUdkYzdkt2RUE9PSIsIm1hYyI6ImUxYTAzNWYxZWI0ZWFlMDM5MzNhMzM4Mjk0NmRhODU1ZTcyMmIzOWI5ODM3MTZkYzAxZWY4NTNkOWMyMzU4NWUifQ==&pageFromUrl=aHR0cHM6Ly9sZWdpb25wcm9kdWNlcnMuY29tL3Bmcy1saXZlLXJlZ2lzdHJhdGlvbi1h&parentPageFromUrl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.161.245.173 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-245-173.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 22 Mar 2022 00:49:18 GMT
x-powered-by: Express
content-length: 397
content-type: application/json; charset=utf-8

GET
H2 200 /
c.deadlinefunnel.com/identify/ 397 B
849 B 339ms
118ms Fetch
application/json 54.161.245.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c.deadlinefunnel.com/identify/?callback=callDFJsonP&domain=https%3A%2F%2Fdeadlinefunnel.com&clientUrl=https%3A%2F%2Flegionproducers.com%2Fpfs-live-registration-a&debug=false&showCountdownNow=0&redisDomain=https%3A%2F%2Fc.deadlinefunnel.com&userIdHash=eyJpdiI6IkNsRHF1XC84amlRbUh0T2RiU3RQZTVBPT0iLCJ2YWx1ZSI6IjNmclNoTiszOXNlUTdUdkYzdkt2RUE9PSIsIm1hYyI6ImUxYTAzNWYxZWI0ZWFlMDM5MzNhMzM4Mjk0NmRhODU1ZTcyMmIzOWI5ODM3MTZkYzAxZWY4NTNkOWMyMzU4NWUifQ&pageFromUrl=aHR0cHM6Ly9sZWdpb25wcm9kdWNlcnMuY29tL3Bmcy1saXZlLXJlZ2lzdHJhdGlvbi1h&parentPageFromUrl=&=&promocode=undefined
Requested by: Host: a.deadlinefunnel.com
URL: https://a.deadlinefunnel.com/unified/reactunified.bundle.js?userIdHash=eyJpdiI6IkNsRHF1XC84amlRbUh0T2RiU3RQZTVBPT0iLCJ2YWx1ZSI6IjNmclNoTiszOXNlUTdUdkYzdkt2RUE9PSIsIm1hYyI6ImUxYTAzNWYxZWI0ZWFlMDM5MzNhMzM4Mjk0NmRhODU1ZTcyMmIzOWI5ODM3MTZkYzAxZWY4NTNkOWMyMzU4NWUifQ==&pageFromUrl=aHR0cHM6Ly9sZWdpb25wcm9kdWNlcnMuY29tL3Bmcy1saXZlLXJlZ2lzdHJhdGlvbi1h&parentPageFromUrl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.161.245.173 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-245-173.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 22 Mar 2022 00:49:18 GMT
x-powered-by: Express
content-length: 397
content-type: application/json; charset=utf-8

GET
H3 200 i
tr.snapchat.com/cm/ Frame 92D9 0
12 B 39ms
23ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=5f29241a-0f01-4abf-8e04-75dfdf393da8

Protocol

Security

QUIC, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.19.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/

Response headers

server: nginx/1.19.6
date: Tue, 22 Mar 2022 00:49:18 GMT
content-type: text/html
content-length: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 elc
collector.leaddyno.com// 94 B
215 B 102ms
102ms Script
application/javascript 34.205.136.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.leaddyno.com//elc?url=https%3A%2F%2Flegionproducers.com%2Fpfs-live-registration-a&referrer=&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&js=true&ld_t=7ed9bc16-4f5e-4bf7-fc42-57de4f75e8f1&ld_ext=&ld_fp=3977134471&channel=&key=cc009cc9268723dcc76b371bb0347ba9e74ce226&callback=__LDCB_1647910158613_453911

Requested by

Host: static.leaddyno.com
URL: https://static.leaddyno.com/js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.205.136.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-205-136-113.compute-1.amazonaws.com

Software

nginx/1.10.3 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.10.3
content-type: application/javascript;charset=utf-8

GET
H2 200 box-acca23410e696f2ca3087d947271c3d0.html
vars.hotjar.com/ Frame 34B7 2 KB
1 KB 26ms
8ms Document
text/html 143.204.98.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1414462.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-32.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/

Response headers

content-type: text/html
content-length: 1044
date: Fri, 04 Feb 2022 08:52:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6f65fac4e8efe167ff5132c0c54c5729"
last-modified: Fri, 04 Feb 2022 08:51:39 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: VfhhWKRFXX3x_n3kWiBOrZ_qkHnde1zAB2Cc79wSYIfpXhmY0fY3NA==
age: 3945432

GET
H2 200 tfa.js
cdn.taboola.com/libtrc/unip/1301251/ 55 KB
17 KB 216ms
194ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1301251/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M49FWS6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: l.7HkBlqbXCW9zD8AQyRu9mH.pKwCl7i
content-encoding: gzip
etag: "0ed6973769435e3b4025035014372ff5"
age: 0
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 17363
x-amz-id-2: vryScduPm/Z1JH29x5+DVS/X37c4kVwI7MMKCnrHnRtSNmMq5Z/YK/qp0kHFeWIsYjyixQto9Cs=
x-served-by: cache-hhn4073-HHN
last-modified: Sun, 20 Mar 2022 11:08:16 GMT
server: AmazonS3
x-timer: S1647910159.659642,VS0,VE188
date: Tue, 22 Mar 2022 00:49:18 GMT
vary: Accept-Encoding
x-amz-request-id: Q4N7WE8WGVBVJ6NV
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 35
x-cache-hits: 1

POST
H3 200 collect
www.google-analytics.com/j/ 2 B
22 B 47ms
46ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1963442398&t=pageview&_s=1&dl=https%3A%2F%2Flegionproducers.com%2Fpfs-live-registration-a&ul=en-us&de=UTF-8&dt=Producer%20Training&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=1317266490&gjid=1847795345&cid=981486969.1647910158&tid=UA-161465558-2&_gid=537655568.1647910158&_r=1&gtm=2wg3e0M49FWS6&z=1034259482

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://legionproducers.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 00:49:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://legionproducers.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js
www.google-analytics.com/ 49 KB
20 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M49FWS6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4468
date: Mon, 21 Mar 2022 23:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 22 Mar 2022 01:34:50 GMT

GET
H2 200 track.js
cdn.funnelytics.io/ 9 KB
3 KB 39ms
7ms Script
application/javascript 143.204.98.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.funnelytics.io/track.js
Requested by: Host: connect.midimoney.com
URL: https://connect.midimoney.com/welcome
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-81.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 00:55:55 GMT
content-encoding: gzip
last-modified: Tue, 08 Dec 2020 16:42:53 GMT
server: AmazonS3
age: 86003
etag: W/"4ae1baef1263c1a5a4d1b46c51016daa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: l_hIzqLYbe7sGlod4qFYfG4fwDTbzvpOooAA3lrSk_v1hNsf0UKc0A==

POST
H2 200 collect
stats.g.doubleclick.net/j/ 4 B
444 B 58ms
19ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-161465558-2&cid=981486969.1647910158&jid=1777809509&gjid=297560858&_gid=537655568.1647910158&_u=YEBAAUAAAAAAAC~&z=1461960030

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://legionproducers.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 22 Mar 2022 00:49:18 GMT
content-type: text/plain
access-control-allow-origin: https://legionproducers.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 p
tr.snapchat.com/ Frame 5156 0
15 B 30ms
29ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Protocol

Security

QUIC, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.19.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://legionproducers.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/

Response headers

server: nginx/1.19.6
date: Tue, 22 Mar 2022 00:49:18 GMT
content-type: text/html
content-length: 0
access-control-allow-origin: *
cache-control: no-cache, no-transform
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/1013875938/ 2 KB
2 KB 141ms
51ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1013875938/?random=1647910158686&cv=9&fst=1647910158686&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3e0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Flegionproducers.com%2Fpfs-live-registration-a&tiba=Producer%20Training&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 00:49:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1042
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
prism.app-us1.com/ 248 B
393 B 195ms
194ms Script
application/javascript 2606:4700::6811:925b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prism.app-us1.com/?a=224028943&u=https%3A%2F%2Flegionproducers.com%2Fpfs-live-registration-a
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.28
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:18 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.4.28
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cache-control: no-cache, private
x-envoy-upstream-service-time: 77
cf-ray: 6efaed3bdabc9c07-FRA

GET
H3 200 509219373101997
connect.facebook.net/signals/config/ 307 KB
87 KB 66ms
66ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/509219373101997?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: Onhc2sk8CuSva8KPFU9kodrrqI6R4/UD9iLoo645ROOVfnKW+YUFie5qosh220BWsEowJMp9jRYRbC/gdeoWmg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 22 Mar 2022 00:49:18 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=606954326304688&ev=PageView&dl=https%3A%2F%2Flegionproducers.com%2Fpfs-live-registration-a&rl=&if=false&ts=1647910158696&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22351714805934517%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22additionalType%22%3A%22vehicle%22%2C%22offers%22%3A%7B%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%221222569891459779%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%2C%22productID%22%3A%22Thursday%202%20pm%20PST%20%2F%205%20pm%20EST%22%7D%7D&fbp=fb.1.1647910158695.741507405&it=1647910158356&coo=false&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 22 Mar 2022 00:49:18 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
571 B 105ms
105ms Ping
application/octet-stream 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BV1D962D4EIVEV2IMTRG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Referer: https://legionproducers.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 00:49:18 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20220322004918010113006069164CFA06
x-cache: TCP_MISS from a2-16-186-230.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3.1-40349883) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 98,2.16.186.230
x-tt-trace-host: 018debac48b254c96e084d365932782b4d67c0f8ff341894f53305141dc494f73447776d68770dd9db7d23e884dd97317d9c3204a4dc38138cd8e55ecf8d7126fb9d9e71d83092054f477c67e66ba1bac0dbea4734f8be03aa05780946a8e283c1
server-timing: inner; dur=10, cdn-cache; desc=MISS, edge; dur=0, origin; dur=98
x-akamai-request-id: 19a9a6c8
content-length: 0
expires: Tue, 22 Mar 2022 00:49:18 GMT

POST
H2 200 collect
stats.g.doubleclick.net/j/ 4 B
70 B 19ms
18ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-161465558-2&cid=981486969.1647910158&jid=1317266490&gjid=1847795345&_gid=537655568.1647910158&_u=aEDAAUABAAAAAC~&z=44716868

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://legionproducers.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 22 Mar 2022 00:49:18 GMT
content-type: text/plain
access-control-allow-origin: https://legionproducers.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 sessions
track-v2.funnelytics.io/ 50 B
261 B 445ms
242ms XHR
application/json 35.183.138.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track-v2.funnelytics.io/sessions
Requested by: Host: cdn.funnelytics.io
URL: https://cdn.funnelytics.io/track.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.183.138.154 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-183-138-154.ca-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://legionproducers.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 22 Mar 2022 00:49:19 GMT
x-amzn-requestid: 644ef04b-ad47-4fd2-8256-a85af418078f
x-amz-apigw-id: PXF6XGXR4osF34Q=
x-amzn-trace-id: Root=1-62391d0e-62a6f01172c2a6bb06cf1490;Sampled=0
content-length: 50
content-type: application/json

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 143ms
53ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-161465558-2&cid=981486969.1647910158&jid=1777809509&_u=YEBAAUAAAAAAAC~&z=840682217

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 00:49:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 140ms
51ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-161465558-2&cid=981486969.1647910158&jid=1777809509&_u=YEBAAUAAAAAAAC~&z=840682217

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 00:49:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 140ms
52ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-161465558-2&cid=981486969.1647910158&jid=1317266490&_u=aEDAAUABAAAAAC~&z=1606919782

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 00:49:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 139ms
51ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-161465558-2&cid=981486969.1647910158&jid=1317266490&_u=aEDAAUABAAAAAC~&z=1606919782

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 00:49:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data
in.hotjar.com/api/v2/client/sites/1414462/ 146 B
321 B 102ms
35ms XHR
application/json 99.80.58.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1414462/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.7d3f952308caf42c2b67.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.58.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-58-148.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://legionproducers.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 22 Mar 2022 00:49:18 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H3 200 485199886499651
connect.facebook.net/signals/config/ 307 KB
87 KB 87ms
87ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/485199886499651?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: ErF9qIOm0wjrh3G4jHaShybbgiaRI71jjacl1oeiS7iIxCsdnrMVrQ6+hkAvEcWsZrTmBpEqYO7+0xCtuRhzkg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 22 Mar 2022 00:49:18 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=509219373101997&ev=PageView&dl=https%3A%2F%2Flegionproducers.com%2Fpfs-live-registration-a&rl=&if=false&ts=1647910158777&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1647910158695.741507405&it=1647910158356&coo=false&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 22 Mar 2022 00:49:18 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1013875938/ 42 B
154 B 55ms
54ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1013875938/?random=1647910158686&cv=9&fst=1647907200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3e0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Flegionproducers.com%2Fpfs-live-registration-a&tiba=Producer%20Training&async=1&fmt=3&is_vtc=1&random=4052556345&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 00:49:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1013875938/ 42 B
154 B 55ms
55ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1013875938/?random=1647910158686&cv=9&fst=1647907200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3e0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Flegionproducers.com%2Fpfs-live-registration-a&tiba=Producer%20Training&async=1&fmt=3&is_vtc=1&random=4052556345&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 00:49:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json
trc.taboola.com/1301251/trc/3/ 2 KB
1 KB 35ms
28ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1301251/trc/3/json?tim=1647910158863&data=%7B%22id%22%3A990%2C%22ii%22%3A%22%2Fpfs-live-registration-a%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1647910158858%2C%22cv%22%3A%2220220317-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Flegionproducers.com%2Fpfs-live-registration-a%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dmidimoney-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1647910158862%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Flegionproducers.com%2Fpfs-live-registration-a%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A56%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1301251/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms: 22
date: Tue, 22 Mar 2022 00:49:18 GMT
content-encoding: gzip
server: nginx
x-timer: S1647910159.878597,VS0,VE22
x-served-by: cache-hhn4073-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H3 200 231240854302800
connect.facebook.net/signals/config/ 307 KB
87 KB 88ms
87ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/231240854302800?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: YaHmHmY81rbmbU500GEjTE5kZ2yh3gdx6nr4zm2JAt+tdX1ftYzzazlOYf2dsKddQt+EDDB8DeODAh7tBfkm3A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 22 Mar 2022 00:49:18 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=485199886499651&ev=PageView&dl=https%3A%2F%2Flegionproducers.com%2Fpfs-live-registration-a&rl=&if=false&ts=1647910158884&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1647910158695.741507405&it=1647910158356&coo=false&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 22 Mar 2022 00:49:18 GMT

GET
H2 200 t_prism_sitemessages.php
trackcmp.net/ 0
362 B 140ms
110ms Script
text/javascript 2606:4700::6812:c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trackcmp.net/t_prism_sitemessages.php?trackid=224028943&prismid=418570cb-bd21-4aad-8870-789333a4d5f2&url=https%3A%2F%2Flegionproducers.com%2Fpfs-live-registration-a
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.1.33
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, private
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-ray: 6efaed3d4baa9b8e-FRA
content-length: 0

GET
H2 200 /
deadlinefunnel.com/deadline-tracking/ 5 KB
5 KB 341ms
332ms Fetch
application/json 54.161.245.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deadlinefunnel.com/deadline-tracking/?callback=processJson&domain=https%3A%2F%2Fdeadlinefunnel.com&clientUrl=https%3A%2F%2Flegionproducers.com%2Fpfs-live-registration-a&debug=false&showCountdownNow=0&redisDomain=https%3A%2F%2Fc.deadlinefunnel.com&userIdHash=eyJpdiI6IkNsRHF1XC84amlRbUh0T2RiU3RQZTVBPT0iLCJ2YWx1ZSI6IjNmclNoTiszOXNlUTdUdkYzdkt2RUE9PSIsIm1hYyI6ImUxYTAzNWYxZWI0ZWFlMDM5MzNhMzM4Mjk0NmRhODU1ZTcyMmIzOWI5ODM3MTZkYzAxZWY4NTNkOWMyMzU4NWUifQ&pageFromUrl=aHR0cHM6Ly9sZWdpb25wcm9kdWNlcnMuY29tL3Bmcy1saXZlLXJlZ2lzdHJhdGlvbi1h&parentPageFromUrl=&=&promocode=undefined&dfPages=%5B%7B%22type%22%3A%22dynamic%22%2C%22url%22%3A%22https%3A%2F%2Flegionproducers.com%2Fpfs-live-registration-a%22%2C%22id%22%3A%221619668902-90c28599-0ada-446e-b917-7db9a09a4488%22%2C%22user_hash%22%3A%2207db657c80%22%2C%22after_url%22%3A%22%22%2C%22promotion_id%22%3A%2268875%22%7D%2C%7B%22type%22%3A%22countdown%22%2C%22url%22%3A%22https%3A%2F%2Flegionproducers.com%2Fpfs-live-registration-a%22%2C%22id%22%3A%221616980528-9534d5c2-68ba-401b-b799-0a5f18035e13%22%2C%22user_hash%22%3A%2207db657c80%22%2C%22after_url%22%3A%22%22%2C%22promotion_id%22%3A%2268875%22%7D%5D
Requested by: Host: a.deadlinefunnel.com
URL: https://a.deadlinefunnel.com/unified/reactunified.bundle.js?userIdHash=eyJpdiI6IkNsRHF1XC84amlRbUh0T2RiU3RQZTVBPT0iLCJ2YWx1ZSI6IjNmclNoTiszOXNlUTdUdkYzdkt2RUE9PSIsIm1hYyI6ImUxYTAzNWYxZWI0ZWFlMDM5MzNhMzM4Mjk0NmRhODU1ZTcyMmIzOWI5ODM3MTZkYzAxZWY4NTNkOWMyMzU4NWUifQ==&pageFromUrl=aHR0cHM6Ly9sZWdpb25wcm9kdWNlcnMuY29tL3Bmcy1saXZlLXJlZ2lzdHJhdGlvbi1h&parentPageFromUrl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.161.245.173 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-245-173.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 00:49:19 GMT
server: nginx
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: *
expires: Tue, 04 Sep 2012 05:32:29 GMT
cache-control: max-age=0, must-revalidate, no-cache, no-store, private, proxy-revalidate
x-ua-compatible: IE=Edge
x-served-by: deadlinefunnel.com

GET
H2 200 /
deadlinefunnel.com/deadline-tracking/ 5 KB
5 KB 324ms
324ms Fetch
application/json 54.161.245.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deadlinefunnel.com/deadline-tracking/?callback=processJson&domain=https%3A%2F%2Fdeadlinefunnel.com&clientUrl=https%3A%2F%2Flegionproducers.com%2Fpfs-live-registration-a&debug=false&showCountdownNow=0&redisDomain=https%3A%2F%2Fc.deadlinefunnel.com&userIdHash=eyJpdiI6IkNsRHF1XC84amlRbUh0T2RiU3RQZTVBPT0iLCJ2YWx1ZSI6IjNmclNoTiszOXNlUTdUdkYzdkt2RUE9PSIsIm1hYyI6ImUxYTAzNWYxZWI0ZWFlMDM5MzNhMzM4Mjk0NmRhODU1ZTcyMmIzOWI5ODM3MTZkYzAxZWY4NTNkOWMyMzU4NWUifQ&pageFromUrl=aHR0cHM6Ly9sZWdpb25wcm9kdWNlcnMuY29tL3Bmcy1saXZlLXJlZ2lzdHJhdGlvbi1h&parentPageFromUrl=&=&promocode=undefined&dfPages=%5B%7B%22type%22%3A%22dynamic%22%2C%22url%22%3A%22https%3A%2F%2Flegionproducers.com%2Fpfs-live-registration-a%22%2C%22id%22%3A%221619668902-90c28599-0ada-446e-b917-7db9a09a4488%22%2C%22user_hash%22%3A%2207db657c80%22%2C%22after_url%22%3A%22%22%2C%22promotion_id%22%3A%2268875%22%7D%2C%7B%22type%22%3A%22countdown%22%2C%22url%22%3A%22https%3A%2F%2Flegionproducers.com%2Fpfs-live-registration-a%22%2C%22id%22%3A%221616980528-9534d5c2-68ba-401b-b799-0a5f18035e13%22%2C%22user_hash%22%3A%2207db657c80%22%2C%22after_url%22%3A%22%22%2C%22promotion_id%22%3A%2268875%22%7D%5D
Requested by: Host: a.deadlinefunnel.com
URL: https://a.deadlinefunnel.com/unified/reactunified.bundle.js?userIdHash=eyJpdiI6IkNsRHF1XC84amlRbUh0T2RiU3RQZTVBPT0iLCJ2YWx1ZSI6IjNmclNoTiszOXNlUTdUdkYzdkt2RUE9PSIsIm1hYyI6ImUxYTAzNWYxZWI0ZWFlMDM5MzNhMzM4Mjk0NmRhODU1ZTcyMmIzOWI5ODM3MTZkYzAxZWY4NTNkOWMyMzU4NWUifQ==&pageFromUrl=aHR0cHM6Ly9sZWdpb25wcm9kdWNlcnMuY29tL3Bmcy1saXZlLXJlZ2lzdHJhdGlvbi1h&parentPageFromUrl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.161.245.173 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-245-173.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 00:49:19 GMT
server: nginx
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: *
expires: Tue, 04 Sep 2012 05:32:29 GMT
cache-control: max-age=0, must-revalidate, no-cache, no-store, private, proxy-revalidate
x-ua-compatible: IE=Edge
x-served-by: deadlinefunnel.com

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=231240854302800&ev=PageView&dl=https%3A%2F%2Flegionproducers.com%2Fpfs-live-registration-a&rl=&if=false&ts=1647910158993&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1647910158695.741507405&it=1647910158356&coo=false&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 22 Mar 2022 00:49:18 GMT

POST steps
track-v2.funnelytics.io/ 0
0

GET
H2 200 62bcf0c9-e0f9-4570-81f5-61b179368d4b
track-v2.funnelytics.io/settings/ 122 B
332 B 145ms
144ms XHR
application/json 35.183.138.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track-v2.funnelytics.io/settings/62bcf0c9-e0f9-4570-81f5-61b179368d4b
Requested by: Host: cdn.funnelytics.io
URL: https://cdn.funnelytics.io/track.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.183.138.154 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-183-138-154.ca-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 22 Mar 2022 00:49:19 GMT
x-amzn-requestid: 41c554a8-a21c-48c3-8286-1ec0832e9e24
x-amz-apigw-id: PXF6aHvmYosFyPA=
x-amzn-trace-id: Root=1-62391d0f-69e8565b2bca3c636e9259c6;Sampled=0
content-length: 122
content-type: application/json

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=606954326304688&ev=Microdata&dl=https%3A%2F%2Flegionproducers.com%2Fpfs-live-registration-a&rl=&if=false&ts=1647910159208&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Producer%20Training%22%2C%22meta%3Adescription%22%3A%22How%20We%20Sold%20Over%20%241%2C258%2C367%20Of%20Beats%20Online%20EACH...%20%5CnWith-OUT%20Relying%20On%20Tons%20Of%20Subscribers%20Or%20Followers%5Cn...And%20How%20You%20Can%20Clone%20Our%20System%20With%20A%20Couple%20Mouse%20Clicks%20By%20Following%20These%203%20%27Hidden%27%20Secrets!%20%22%2C%22meta%3Akeywords%22%3A%22how%20to%20sell%20beats%20online%2C%20producer%20training%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Flegionproducers.com%2Fhosted%2Fimages%2F82%2F3bb6f452d84ac5a41342bfe03d3cda%2Flegion-producers-and-modern-producers-banner.jpg%22%2C%22og%3Atitle%22%3A%22Producer%20Training%22%2C%22og%3Adescription%22%3A%22How%20We%20Sold%20Over%20%241%2C258%2C367%20Of%20Beats%20Online%20EACH...%20%5CnWith-OUT%20Relying%20On%20Tons%20Of%20Subscribers%20Or%20Followers%5Cn...And%20How%20You%20Can%20Clone%20Our%20System%20With%20A%20Couple%20Mouse%20Clicks%20By%20Following%20These%203%20%27Hidden%27%20Secrets!%20%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Flegionproducers.com%2Fpfs-live-registration-a%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1647910158695.741507405&it=1647910158356&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 22 Mar 2022 00:49:19 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=509219373101997&ev=Microdata&dl=https%3A%2F%2Flegionproducers.com%2Fpfs-live-registration-a&rl=&if=false&ts=1647910159278&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Producer%20Training%22%2C%22meta%3Adescription%22%3A%22How%20We%20Sold%20Over%20%241%2C258%2C367%20Of%20Beats%20Online%20EACH...%20%5CnWith-OUT%20Relying%20On%20Tons%20Of%20Subscribers%20Or%20Followers%5Cn...And%20How%20You%20Can%20Clone%20Our%20System%20With%20A%20Couple%20Mouse%20Clicks%20By%20Following%20These%203%20%27Hidden%27%20Secrets!%20%22%2C%22meta%3Akeywords%22%3A%22how%20to%20sell%20beats%20online%2C%20producer%20training%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Flegionproducers.com%2Fhosted%2Fimages%2F82%2F3bb6f452d84ac5a41342bfe03d3cda%2Flegion-producers-and-modern-producers-banner.jpg%22%2C%22og%3Atitle%22%3A%22Producer%20Training%22%2C%22og%3Adescription%22%3A%22How%20We%20Sold%20Over%20%241%2C258%2C367%20Of%20Beats%20Online%20EACH...%20%5CnWith-OUT%20Relying%20On%20Tons%20Of%20Subscribers%20Or%20Followers%5Cn...And%20How%20You%20Can%20Clone%20Our%20System%20With%20A%20Couple%20Mouse%20Clicks%20By%20Following%20These%203%20%27Hidden%27%20Secrets!%20%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Flegionproducers.com%2Fpfs-live-registration-a%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1647910158695.741507405&it=1647910158356&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://legionproducers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 22 Mar 2022 00:49:19 GMT

POST rum
legionproducers.com/cdn-cgi/ 0
0

GET
H2 200 lander.css
get.producersecrets.com/assets/ 425 KB
70 KB 42ms
41ms Stylesheet
text/css 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://get.producersecrets.com/assets/lander.css

Requested by

Host: get.producersecrets.com
URL: https://get.producersecrets.com/pfs-instant-web-reg-b

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/pfs-instant-web-reg-b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 450
last-modified: Wed, 16 Mar 2022 16:41:47 GMT
server: cloudflare
etag: W/"6232134b-6a514"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 6efaed404a13916b-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 22 Mar 2022 01:09:19 GMT

GET
H3 200 all.css
use.fontawesome.com/releases/v5.9.0/css/ 55 KB
13 KB 21ms
20ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Requested by: Host: get.producersecrets.com
URL: https://get.producersecrets.com/pfs-instant-web-reg-b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1845324
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 6Y8PV89KC9XPDZ8T
x-amz-id-2: CFX12FCvmZfEL+oB8PSM7BkmXntBiIF/Cy4Nwcxa2rCvbH0f99j2xL2eaLpYcI1CUjOY8b8jPi8=
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
server: cloudflare
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HIbDFtxFXOblq8B5Q%2F0Fb7qam96lLvC6JECuwP6O1MHbayKuiazNUFc2nbw4ktVWsQZmpxJPzh5LPWo52jXzNPEXQ8HPJ%2BlxwSJGpwpuQYXnNh2cEzL3qf3STKDcn0lJIdkpoFNccUwxzcpqWe5zoMPB"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 6efaed404d3590fb-FRA

GET
H3 200 v4-shims.css
use.fontawesome.com/releases/v5.9.0/css/ 26 KB
5 KB 20ms
19ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
Requested by: Host: get.producersecrets.com
URL: https://get.producersecrets.com/pfs-instant-web-reg-b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1845292
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 3ZFDB02TPD04KVSM
x-amz-id-2: Q+Yh9NWtHdNxTeGbi5Jy5M0eTfqcF+g9vq1am4/JhekyhOp4pfLm/0vFAqiRelD4miD66BZWdjI=
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
server: cloudflare
etag: W/"e140a7d32f343530f016095df3cc2ae4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=orddg476%2FcP0CHUHO4tExwb1X9NoFvhyzxH7kzadQ3wgYmC3VpQqzTlg4Vi69GM6wCZNMCINNArGDDSyujkwGfKhj47siY7XcnGoE7OH1BiocIoDTmiPPQSmYgkrVJz6NvAZzmNRRrzvGuv20RDOTVv4"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 6efaed404d3790fb-FRA

GET
H3 200 css
fonts.googleapis.com/ 45 KB
2 KB 49ms
48ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: get.producersecrets.com
URL: https://get.producersecrets.com/pfs-instant-web-reg-b

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d0e6d137466ec7e752df8a3668e0e3a407c603957d940b6451a63853d9d7129f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 23:51:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 22 Mar 2022 00:49:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Mar 2022 00:49:19 GMT

GET
H2 200 application.js Show response
get.producersecrets.com/assets/userevents/ 5 KB
2 KB 55ms
55ms Script
application/x-javascript 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://get.producersecrets.com/assets/userevents/application.js

Requested by

Host: get.producersecrets.com
URL: https://get.producersecrets.com/pfs-instant-web-reg-b

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

004e3565fa58bd4ff0cbf31deb5451508a5ec7d46c4480f9bfa23326f187a158

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/pfs-instant-web-reg-b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 439
last-modified: Wed, 16 Mar 2022 16:41:47 GMT
server: cloudflare
etag: W/"6232134b-1353"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 6efaed404a16916b-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 22 Mar 2022 01:09:19 GMT

GET
H2 200 js Show response
static.leaddyno.com/ 41 KB
10 KB 7ms
7ms Script
application/javascript 143.204.98.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leaddyno.com/js
Requested by: Host: get.producersecrets.com
URL: https://get.producersecrets.com/pfs-instant-web-reg-b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-57.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 259c4207a413e9b1ed73ba62a775ee5134d1bb1b086379ab98f82f8814f6beaf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 19:28:30 GMT
content-encoding: gzip
last-modified: Fri, 11 Mar 2022 15:29:07 GMT
server: AmazonS3
age: 45219
etag: W/"8832f334a0c0c9974b3a4fe34e5b46fd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: VU6qeOzjfg64U2Tkqfke_Ib81TweYPk2MlzJV7Dldj7VWWVi3pyJOg==

GET
H2 200 806072319577753.js Show response
widget.manychat.com/ 4 KB
2 KB 30ms
7ms Script
text/plain 18.185.191.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.manychat.com/806072319577753.js
Requested by: Host: get.producersecrets.com
URL: https://get.producersecrets.com/pfs-instant-web-reg-b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.185.191.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-191-84.eu-central-1.compute.amazonaws.com
Software: openresty/1.19.9.1 /
Resource Hash: 5f9e9492a4ed26f958663921d94477c152942502c3c565dde3ae377fe9759a2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:19 GMT
cache-control: no-store
server: openresty/1.19.9.1
content-encoding: gzip
content-type: text/plain; charset=utf-8

GET
H2 200 8aa7672d-2d4-aceb4 Show response
app.marketermagic.com/api/clickproof/1062c2e8-0b1-cd075/ 16 B
657 B 233ms
233ms Script
text/html 52.32.96.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.marketermagic.com/api/clickproof/1062c2e8-0b1-cd075/8aa7672d-2d4-aceb4
Requested by: Host: get.producersecrets.com
URL: https://get.producersecrets.com/pfs-instant-web-reg-b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.96.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-96-222.us-west-2.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: da9422432aef50808228f7f81e8102425401fc0b642cd460bc0070a622584bae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:19 GMT
server: Apache/2.4.29 (Ubuntu)
x-ratelimit-remaining: 58
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
x-ratelimit-limit: 60
access-control-allow-headers: X-Requested-With, Content-Type, X-Token-Auth, Authorization, X-CSRF-TOKEN
content-length: 16

GET
H2 200 closemodal.png
www.clickfunnels.com/images/ 672 B
789 B 44ms
44ms Image
image/webp 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.clickfunnels.com/images/closemodal.png

Requested by

Host: get.producersecrets.com
URL: https://get.producersecrets.com/pfs-instant-web-reg-b

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:19 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 10054
cf-polished: origFmt=png, origSize=788
content-disposition: inline; filename="closemodal.webp"
last-modified: Wed, 16 Mar 2022 16:41:47 GMT
server: cloudflare
etag: "6232134b-314"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 22 Apr 2022 00:49:19 GMT
cache-control: public, max-age=2678400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6efaed41cf0a5c4a-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-bgj: imgq:100,h2pri

GET
H2 200 Midi-Money-Logo-from-Podcast-logo-.png
get.producersecrets.com/hosted/images/75/01f80b5bba4d0aae3506a7ec56668d/ 113 KB
113 KB 84ms
80ms Image
image/png 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://get.producersecrets.com/hosted/images/75/01f80b5bba4d0aae3506a7ec56668d/Midi-Money-Logo-from-Podcast-logo-.png
Requested by: Host: get.producersecrets.com
URL: https://get.producersecrets.com/pfs-instant-web-reg-b
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83540b53b0e50bf5d3265ff68f2c23018e23e3eaedee9c19227773dd7897abec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/pfs-instant-web-reg-b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:19 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 09 Jul 2020 21:23:16 GMT
server: cloudflare
x-amz-cf-pop: MRS52-C2
etag: "f190a2b03ed7169e8755c1287acb4d8c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
cf-polished: origSize=115839
accept-ranges: bytes
cf-ray: 6efaed41dbad916b-FRA
content-length: 115691
cf-bgj: imgq:85,h2pri

GET
H2 200 GABE-ANNO-title-comp-3-5-20-1-1-1-.png
get.producersecrets.com/hosted/images/1e/a95b0e4b7744e581beb426be27e632/ 44 KB
45 KB 87ms
83ms Image
image/png 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://get.producersecrets.com/hosted/images/1e/a95b0e4b7744e581beb426be27e632/GABE-ANNO-title-comp-3-5-20-1-1-1-.png
Requested by: Host: get.producersecrets.com
URL: https://get.producersecrets.com/pfs-instant-web-reg-b
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe5863f92617d0561ff5f0ec9ffcff7e1ebc9e1d064f07f8d1b0a84a82c4f387

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/pfs-instant-web-reg-b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:19 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 07 Jan 2021 20:47:41 GMT
server: cloudflare
x-amz-cf-pop: MRS52-C2
etag: "02986cbfc2e331064aa5cbfd3344576b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
cf-polished: origSize=45671
accept-ranges: bytes
cf-ray: 6efaed41dbae916b-FRA
content-length: 45528
cf-bgj: imgq:85,h2pri

GET
H3 200 css
fonts.googleapis.com/ 2 KB
519 B 49ms
49ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway%7CRaleway%7C

Requested by

Host: get.producersecrets.com
URL: https://get.producersecrets.com/pfs-instant-web-reg-b

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4bbb558bcc73c6ec7de1a3bfee854935d2acb54b5055f49347a47fff164c2ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 00:49:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 22 Mar 2022 00:49:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Mar 2022 00:49:19 GMT

GET
H2 200 lander.js Show response
get.producersecrets.com/assets/ 2 MB
663 KB 45ms
44ms Script
application/x-javascript 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://get.producersecrets.com/assets/lander.js

Requested by

Host: get.producersecrets.com
URL: https://get.producersecrets.com/pfs-instant-web-reg-b

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc1ad839306357e24afe0a9e6fadbf0f60f724fde80b1878c33d38caead92210

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/pfs-instant-web-reg-b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 467
last-modified: Wed, 16 Mar 2022 16:45:28 GMT
server: cloudflare
etag: W/"62321428-238190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 6efaed40eade916b-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 22 Mar 2022 01:09:19 GMT

GET
H2 200 mailcheck.min.js Show response
app.clickfunnels.com/ 3 KB
1 KB 46ms
43ms Script
application/x-javascript 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/mailcheck.min.js

Requested by

Host: get.producersecrets.com
URL: https://get.producersecrets.com/pfs-instant-web-reg-b

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0189e16cf01f8149342c9f2de872cfa73571f2a145a830f18b16154bf1d2982

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 6726
last-modified: Wed, 16 Mar 2022 16:41:47 GMT
server: cloudflare
etag: W/"6232134b-a8d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 6efaed41de189293-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H2 200 pushcrew.js Show response
app.clickfunnels.com/assets/ 637 B
469 B 39ms
35ms Script
application/x-javascript 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/assets/pushcrew.js

Requested by

Host: get.producersecrets.com
URL: https://get.producersecrets.com/pfs-instant-web-reg-b

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 195
last-modified: Wed, 16 Mar 2022 16:41:46 GMT
server: cloudflare
etag: W/"6232134a-27d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 6efaed41de1a9293-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 22 Mar 2022 01:09:19 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 92 KB
36 KB 55ms
52ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-161465558-3

Requested by

Host: get.producersecrets.com
URL: https://get.producersecrets.com/pfs-instant-web-reg-b

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

727201e0fb2ef8f6e1022b0ec13ac0fa55f74c8ca069d8095c8deb1a28f6c4d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:19 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36854
x-xss-protection: 0
expires: Tue, 22 Mar 2022 00:49:19 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 46ms
43ms Script
text/javascript 2606:4700:440e::ac40:9c1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: get.producersecrets.com
URL: https://get.producersecrets.com/pfs-instant-web-reg-b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://get.producersecrets.com/
Origin: https://get.producersecrets.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:19 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6efaed41d8ce9030-FRA

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
33 KB 87ms
39ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: static.leaddyno.com
URL: https://static.leaddyno.com/js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 11:16:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 567199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Mar 2023 11:16:00 GMT

GET
H2 200 visit Show response
collector.leaddyno.com/ 46 B
227 B 105ms
102ms Script
application/javascript 34.205.136.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.leaddyno.com/visit?url=https%3A%2F%2Fget.producersecrets.com%2Fpfs-instant-web-reg-b&referrer=https%3A%2F%2Flegionproducers.com%2F&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&js=true&ld_t=ff24fe1d-ddd1-4051-e8e4-ce1985293a9b&ld_ext=&ld_fp=3977134471&channel=&key=cc009cc9268723dcc76b371bb0347ba9e74ce226&callback=__LDCB_1647910159469_507410

Requested by

Host: static.leaddyno.com
URL: https://static.leaddyno.com/js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.205.136.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-205-136-113.compute-1.amazonaws.com

Software

nginx/1.10.3 /

Resource Hash

9d6fac745bf41271e834bc69dda83d9c8b8f50f112545d03c1bb33418082061b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 22 Mar 2022 00:49:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.10.3
content-type: application/javascript;charset=utf-8

GET
H2

200

x Show response
collector.leaddyno.com/
Redirect Chain

https://collector.leaddyno.com/x?key=cc009cc9268723dcc76b371bb0347ba9e74ce226&ld_fp=3977134471&ld_t=ff24fe1d-ddd1-4051-e8e4-ce1985293a9b&ts=1647910159469
https://collector.leaddyno.com/x?key=cc009cc9268723dcc76b371bb0347ba9e74ce226&ld_fp=3977134471

5 B
204 B

105ms
105ms

Script
application/javascript

34.205.136.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.leaddyno.com/x?key=cc009cc9268723dcc76b371bb0347ba9e74ce226&ld_fp=3977134471

Requested by

Host: get.producersecrets.com
URL: https://get.producersecrets.com/pfs-instant-web-reg-b

Protocol

Server

34.205.136.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-205-136-113.compute-1.amazonaws.com

Software

nginx/1.10.3 /

Resource Hash

fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:19 GMT
cache-control: private, must-revalidate, proxy-revalidate
x-content-type-options: nosniff
server: nginx/1.10.3
etag: 87a0cab4-e4b9-422c-97b4-e6fac55fa252
content-length: 5
content-type: application/javascript;charset=utf-8

Redirect headers

date: Tue, 22 Mar 2022 00:49:19 GMT
x-content-type-options: nosniff
server: nginx/1.10.3
x-frame-options: SAMEORIGIN
content-type: text/html;charset=utf-8
location: https://collector.leaddyno.com/x?key=cc009cc9268723dcc76b371bb0347ba9e74ce226&ld_fp=3977134471
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 clickstream Show response
collector.leaddyno.com/ 46 B
227 B 110ms
107ms Script
application/javascript 34.205.136.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.leaddyno.com/clickstream?url=https%3A%2F%2Fget.producersecrets.com%2Fpfs-instant-web-reg-b&referrer=https%3A%2F%2Flegionproducers.com%2F&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&js=true&ld_t=ff24fe1d-ddd1-4051-e8e4-ce1985293a9b&ld_ext=&ld_fp=3977134471&channel=&key=cc009cc9268723dcc76b371bb0347ba9e74ce226&callback=__LDCB_1647910159469_644915&page_url=https%3A%2F%2Fget.producersecrets.com%2Fpfs-instant-web-reg-b&page_referrer=https%3A%2F%2Flegionproducers.com%2F

Requested by

Host: static.leaddyno.com
URL: https://static.leaddyno.com/js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.205.136.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-205-136-113.compute-1.amazonaws.com

Software

nginx/1.10.3 /

Resource Hash

c69e37446164811e4a95813075c091dc7c916c75779120e3c62fd501b226a40e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 22 Mar 2022 00:49:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.10.3
content-type: application/javascript;charset=utf-8

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 181 KB
64 KB 58ms
56ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M49FWS6

Requested by

Host: get.producersecrets.com
URL: https://get.producersecrets.com/pfs-instant-web-reg-b

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

efc13fb5bae3a040b9585c63965f093506df22c21cfb247b20bd5d54e52a9ec2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:19 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65631
x-xss-protection: 0
expires: Tue, 22 Mar 2022 00:49:19 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 9ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: get.producersecrets.com
URL: https://get.producersecrets.com/pfs-instant-web-reg-b

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26320
x-xss-protection: 0
pragma: public
x-fb-debug: s1MOwS5cluvf9UPA3QuwNkviOOuGQ490h11nCo0T1lTsCdHF0MRg//V/8+m+CWc64MC9ti30rSkkcSQUB7H3Yw==
x-frame-options: DENY
date: Tue, 22 Mar 2022 00:49:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-2015064.js Show response
static.hotjar.com/c/ 4 KB
2 KB 39ms
37ms Script
application/javascript 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2015064.js?sv=6

Requested by

Host: get.producersecrets.com
URL: https://get.producersecrets.com/pfs-instant-web-reg-b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

Resource Hash

227cc479688476d1b155feafd1927ef3084614600c708f622e18b72cda991050

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:19 GMT
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-cache-hit: 1
etag: W/3f9f76e2d1023076ae4ba42948fa41a1
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
content-length: 1893
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
x-amz-cf-id: YWpjv91mJXP31GDYsv5ppfREvTCK-fdMHCz-2SAc2qcvO4QLmvOF7w==

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 14 KB
6 KB 50ms
8ms Script
application/x-javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=bda30f4d-adfc-4639-baae-de0db7fd6c6c

Requested by

Host: get.producersecrets.com
URL: https://get.producersecrets.com/pfs-instant-web-reg-b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cb2c2aa2450f0fdc7251c8ed1cbda83c479d75c4748227b4b575a6f298b9ab68

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-oaFzn5GvCEfK14025KinaCRC46oQ5wVD5gHEx88ZL1YDLxZG' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-oaFzn5GvCEfK14025KinaCRC46oQ5wVD5gHEx88ZL1YDLxZG' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
age: 51185
x-cache: HIT
paypal-debug-id: f770636eadd73
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 5006
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4025-HHN
x-timer: S1647910160.692442,VS0,VE2
x-frame-options: SAMEORIGIN
date: Tue, 22 Mar 2022 00:49:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/x-javascript; charset=utf-8
via: 1.1 varnish
cache-control: public, max-age=3600
etag: W/"38a0-mlTkTszop1DGIy5gHLDVJmby4y0"
accept-ranges: bytes
x-cache-hits: 1

GET
H3 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v26/ 46 KB
46 KB 39ms
38ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v26/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://get.producersecrets.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 06:13:05 GMT
x-content-type-options: nosniff
age: 585374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47312
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:15:33 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Mar 2023 06:13:05 GMT

GET
H2 200 widget.js Show response
mccdn.me/assets/js/ 331 KB
92 KB 68ms
28ms Script
application/javascript 2606:4700:20::ac43:486c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mccdn.me/assets/js/widget.js
Requested by: Host: widget.manychat.com
URL: https://widget.manychat.com/806072319577753.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:486c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13bf4ec2c8a7bd0c997916034f90caff820018a002a6d93006a07105e82684e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 21 Mar 2022 14:53:21 GMT
server: cloudflare
age: 6658
etag: W/"62389161-52c5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eYg4dL2eoVSMdXtRRkxfzmgjNd3lknjZJkEBZ7bdHTYwb%2FKvgp%2Fv0JmGKBm88ihnJDm5nlOyLxtOvPcNVKwN6H6wZZ%2Bdih3ylrKb4IW1l6uN0N2fVKyEphUxvpJPuDzpxrsrkHE2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6efaed422e9e91d1-FRA

GET
H3 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
fonts.gstatic.com/s/raleway/v26/ 21 KB
21 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v26/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway%7CRaleway%7C

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d94fd1a3793df0abe10fb36e59825864e1ec9623496e1e04c9cca624be01394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://get.producersecrets.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 11:47:54 GMT
x-content-type-options: nosniff
age: 478885
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21028
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:17:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 11:47:54 GMT

GET
H3 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.9.0/webfonts/ 13 KB
14 KB 141ms
141ms Font
font/woff2 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/webfonts/fa-regular-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a16c04229bc2b4da226eb97e68d94f49ba6437b7b5e16c14a101b21a29384e9

Request headers

Referer: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Origin: https://get.producersecrets.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:19 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M28WB2Q9RPX13BD3
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13580
x-amz-id-2: oIRY3zM+HP6KxcrmL7zzPUBT33WqrEK1Eihong6nsw8dOUl298QQ3bIPropIIOp/pQYBrwkB5Pg=
last-modified: Wed, 30 Jun 2021 15:48:27 GMT
server: cloudflare
etag: "e07d9e40b26048d9abe2ef966cd6e263"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UpEyA5nBtXQuqjJ4vnQh6pIK%2BNblMwQzG5HfjRPshMKx4%2BzEVYFiT4KIE%2FYdVKQkWQs9eJT1xHHaiUXfegBw4GOC7fz%2FUQmnPgXgIvxNlYFVuIiDUpF8gh%2BKJAJNu93Yl6ZZuHm0Gb7mCoV%2FxWiaTTvG"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 6efaed4208e09030-FRA

GET
H2 200 vendor.js Show response
get.producersecrets.com/ 18 KB
6 KB 184ms
183ms Script
application/javascript 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://get.producersecrets.com/vendor.js

Requested by

Host: get.producersecrets.com
URL: https://get.producersecrets.com/pfs-instant-web-reg-b

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/pfs-instant-web-reg-b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:19 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 200 OK
strict-transport-security: max-age=0
x-request-id: d00ce7e4bf6dd1192e05458063af655a
x-runtime: 0.016335
x-content-digest: 581e49c9b7bdd06dab54c00931f4256b223e620e
server: cloudflare
x-frame-options: ALLOWALL
etag: W/"7422e50efbaea439fda7ef3b0eb54ee1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, public
access-control-allow-credentials: true
cf-ray: 6efaed42cc8d916b-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: stale, valid, store

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 24 KB
5 KB 22ms
22ms Script
application/javascript 2606:4700::6811:925b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Requested by: Host: get.producersecrets.com
URL: https://get.producersecrets.com/pfs-instant-web-reg-b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:19 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 118
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 21 Oct 2021 17:42:06 GMT
server: cloudflare
etag: W/"4d482a43613d3966f353ec9d97452e0c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 81f818adbacff6b703252be1c8922598.cloudfront.net (CloudFront)
cache-control: public, max-age=300
x-amz-cf-pop: SFO5-P1
cf-ray: 6efaed42c97a9c07-FRA
x-amz-cf-id: RRtcUxdFza08mdoAfIDDqsBl9Tf4JraKVX4aSiX-y4oIvZ2ktvNd9g==

GET
H2 200 reactunified.bundle.js Show response
a.deadlinefunnel.com/unified/ 630 KB
212 KB 19ms
19ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.deadlinefunnel.com/unified/reactunified.bundle.js?userIdHash=eyJpdiI6IkNsRHF1XC84amlRbUh0T2RiU3RQZTVBPT0iLCJ2YWx1ZSI6IjNmclNoTiszOXNlUTdUdkYzdkt2RUE9PSIsIm1hYyI6ImUxYTAzNWYxZWI0ZWFlMDM5MzNhMzM4Mjk0NmRhODU1ZTcyMmIzOWI5ODM3MTZkYzAxZWY4NTNkOWMyMzU4NWUifQ==&pageFromUrl=aHR0cHM6Ly9nZXQucHJvZHVjZXJzZWNyZXRzLmNvbS9wZnMtaW5zdGFudC13ZWItcmVnLWI=&parentPageFromUrl=
Requested by: Host: get.producersecrets.com
URL: https://get.producersecrets.com/pfs-instant-web-reg-b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c87ac1b357ff49f0f5b5ffe768381a7ee1fffbd30768e420dd10b358b890926

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:19 GMT
content-encoding: gzip
last-modified: Mon, 14 Mar 2022 14:41:16 GMT
server: AmazonS3
x-amz-request-id: WMPYFT2AJ3ZD5HWS
etag: "b30716af80f670fadc6444f2e1066e26"
x-hw: 1647910159.cds277.am5.hn,1647910159.cds129.am5.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 217234
x-amz-id-2: u6519rtL4QLy6XJbk8foAPkAvGFTv2qps2J+09SSd89Pd+ZeeNFuHI7h/1YUN41xbnqfn/VqJnI=

GET /
track.addevent.com/atc/ 0
0

GET
H3 200 485199886499651 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/485199886499651?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f20423184e3b454c755a5db583793eb4fb21bbee7f76b38ac17c485a92844356

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 89191
x-xss-protection: 0
pragma: public
x-fb-debug: ErF9qIOm0wjrh3G4jHaShybbgiaRI71jjacl1oeiS7iIxCsdnrMVrQ6+hkAvEcWsZrTmBpEqYO7+0xCtuRhzkg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 22 Mar 2022 00:49:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
308 B 437ms
437ms XHR
text/html 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/userevents/?funnel_id=SEFYOGh1QWVmQXMyNXkvWnZzZDJIQT09LS04ZG5JVk4wS3puVTRYc1hjT0FybFh3PT0%3D--72ebf5053548e08526032d7dce0201960624e7fd&page_id=WDdwOUU5SCtpcFF1VWxYWU10ZG5hUT09LS04OWNUdjBnbmtRcVJLVmp0NWlnN0JBPT0%3D--ff49892517d068631dfa61fa201129293e9b7ced&funnel_step_id=RzBUOWNSM0JJamdSc2lWZzY4Uk1rUT09LS1scEFYRENjaWJRaDN0aStzdWFYTFRnPT0%3D--b8ac149da539c5276547d40400b6fd70c8b55802&user_id=YXlaL21WdFFCdXFDUWF1bVRvUUVQQT09LS1oMkszclJWaEx0aDFZbnIzK3RwalpRPT0%3D--2394f692f3d96f9d9ea058634aa1a4fdeb95c843&account_id=ZjhDeGpwdjNjNTVCUVBCZ2lSMGRRdz09LS16VDBPUjVjeDJlTnlvYkkrY3FIUW93PT0%3D--e229fc3d0f2e3be57b61557e4dd23cdad287f54a&page_code=NDYwNzExMzM%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::PageviewsCreatedSummary&nonce=803a9497-c77a-4ec5-9927-f8aeeed4dac3&url=https%3A%2F%2Fget.producersecrets.com%2Fpfs-instant-web-reg-b

Requested by

Host: get.producersecrets.com
URL: https://get.producersecrets.com/assets/userevents/application.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:20 GMT
access-control-request-method: *
cf-cache-status: BYPASS
access-control-allow-origin: *
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 202 Accepted
strict-transport-security: max-age=0
x-request-id: 7aaeeda77336279a7ce11d4692a300e6
x-runtime: 0.026632
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
pragma: no-cache
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 6efaed430c2e8fc8-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: miss

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
788 B 231ms
230ms XHR
text/html 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/userevents/?funnel_id=SEFYOGh1QWVmQXMyNXkvWnZzZDJIQT09LS04ZG5JVk4wS3puVTRYc1hjT0FybFh3PT0%3D--72ebf5053548e08526032d7dce0201960624e7fd&page_id=WDdwOUU5SCtpcFF1VWxYWU10ZG5hUT09LS04OWNUdjBnbmtRcVJLVmp0NWlnN0JBPT0%3D--ff49892517d068631dfa61fa201129293e9b7ced&funnel_step_id=RzBUOWNSM0JJamdSc2lWZzY4Uk1rUT09LS1scEFYRENjaWJRaDN0aStzdWFYTFRnPT0%3D--b8ac149da539c5276547d40400b6fd70c8b55802&user_id=YXlaL21WdFFCdXFDUWF1bVRvUUVQQT09LS1oMkszclJWaEx0aDFZbnIzK3RwalpRPT0%3D--2394f692f3d96f9d9ea058634aa1a4fdeb95c843&account_id=ZjhDeGpwdjNjNTVCUVBCZ2lSMGRRdz09LS16VDBPUjVjeDJlTnlvYkkrY3FIUW93PT0%3D--e229fc3d0f2e3be57b61557e4dd23cdad287f54a&page_code=NDYwNzExMzM%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniquePageviewsCreatedSummary&nonce=fcd2c814-9c50-49fb-bac3-e177bd7874a0&url=https%3A%2F%2Fget.producersecrets.com%2Fpfs-instant-web-reg-b

Requested by

Host: get.producersecrets.com
URL: https://get.producersecrets.com/assets/userevents/application.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:20 GMT
access-control-request-method: *
cf-cache-status: BYPASS
access-control-allow-origin: *
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 202 Accepted
strict-transport-security: max-age=0
x-request-id: dad0f6e53f99caccd6bff25689b14288
x-runtime: 0.065149
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
pragma: no-cache
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 6efaed430c308fc8-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: miss

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
306 B 464ms
464ms XHR
text/html 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/userevents/?funnel_id=SEFYOGh1QWVmQXMyNXkvWnZzZDJIQT09LS04ZG5JVk4wS3puVTRYc1hjT0FybFh3PT0%3D--72ebf5053548e08526032d7dce0201960624e7fd&page_id=WDdwOUU5SCtpcFF1VWxYWU10ZG5hUT09LS04OWNUdjBnbmtRcVJLVmp0NWlnN0JBPT0%3D--ff49892517d068631dfa61fa201129293e9b7ced&funnel_step_id=RzBUOWNSM0JJamdSc2lWZzY4Uk1rUT09LS1scEFYRENjaWJRaDN0aStzdWFYTFRnPT0%3D--b8ac149da539c5276547d40400b6fd70c8b55802&user_id=YXlaL21WdFFCdXFDUWF1bVRvUUVQQT09LS1oMkszclJWaEx0aDFZbnIzK3RwalpRPT0%3D--2394f692f3d96f9d9ea058634aa1a4fdeb95c843&account_id=ZjhDeGpwdjNjNTVCUVBCZ2lSMGRRdz09LS16VDBPUjVjeDJlTnlvYkkrY3FIUW93PT0%3D--e229fc3d0f2e3be57b61557e4dd23cdad287f54a&page_code=NDYwNzExMzM%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniqueVisitorsCreatedSummary&nonce=d7ef1ae5-d9d1-49ac-be48-500f4100ebad&url=https%3A%2F%2Fget.producersecrets.com%2Fpfs-instant-web-reg-b

Requested by

Host: get.producersecrets.com
URL: https://get.producersecrets.com/assets/userevents/application.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:20 GMT
access-control-request-method: *
cf-cache-status: BYPASS
access-control-allow-origin: *
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 202 Accepted
strict-transport-security: max-age=0
x-request-id: 562ac653e8b6e02d53259b4324a33e1d
x-runtime: 0.034499
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
pragma: no-cache
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 6efaed430c318fc8-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: miss

GET
H2 200 modules.7d3f952308caf42c2b67.js Show response
script.hotjar.com/ 236 KB
62 KB 7ms
7ms Script
application/javascript 143.204.98.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.7d3f952308caf42c2b67.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2015064.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-33.fra50.r.cloudfront.net

Software

Resource Hash

43b0a448dfabca1c64deab31c9b3b004d41bac8fafc0796a4f5675cea0dda5a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 09:02:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1007233
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 63048
access-control-allow-origin: *
last-modified: Thu, 10 Mar 2022 09:01:33 GMT
etag: "2f5d47da7be4d107a04726029158797c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: cFlo9APL9IBzzwMY_SwM0uZoQivG1Crg5-Y1z4DdQl841j8ztEP4Ow==

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 55 KB
17 KB 46ms
11ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=bda30f4d-adfc-4639-baae-de0db7fd6c6c

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F14) /

Resource Hash

a4b749626aab6395c52aed1a8016aa5f6c4c8ca60cf771c0d8ce54202a53e725

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 534bc45524ec5
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 16529
last-modified: Thu, 10 Mar 2022 18:16:31 GMT
server: ECAcc (frc/8F14)
etag: "622a407f-dad7"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 22 Mar 2022 01:49:19 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
690 B 189ms
150ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics%3A%3AG9UCM8HMZ4CLJ-1&page=muse%3Athird-party%3Aanalytics%3A%3AG9UCM8HMZ4CLJ-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=bda30f4d-adfc-4639-baae-de0db7fd6c6c&fltp=analytics&mrid=G9UCM8HMZ4CLJ&code=UNDEFINED&partner_name=UNDEFINED&flag_consume=yes&pt=Producer%20Training&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1647910159890&g=0&completeurl=https%3A%2F%2Fget.producersecrets.com%2Fpfs-instant-web-reg-b&ru=https%3A%2F%2Flegionproducers.com%2F

Requested by

Host: get.producersecrets.com
URL: https://get.producersecrets.com/pfs-instant-web-reg-b

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8E9E) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 00:49:20 GMT
content-type: image/gif
server: ECAcc (frc/8E9E)
strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 126232fe6f0a8
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc=,x-cdn;desc=edgecast,edge;dur=144
timing-allow-origin: *
content-length: 42
expires: Tue, 22 Mar 2022 00:49:20 GMT

OPTIONS
H2 204 logEvent
manychat.com/pixel/ Frame 0
0 31ms
7ms Preflight
text/plain 18.185.191.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://manychat.com/pixel/logEvent
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.185.191.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-191-84.eu-central-1.compute.amazonaws.com
Software: openresty/1.19.9.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://get.producersecrets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: openresty/1.19.9.1
date: Tue, 22 Mar 2022 00:49:19 GMT
access-control-allow-origin: https://get.producersecrets.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0

POST
H2 200 logEvent Show response
manychat.com/pixel/ 15 B
146 B 8ms
7ms XHR
application/json 18.185.191.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://manychat.com/pixel/logEvent
Requested by: Host: mccdn.me
URL: https://mccdn.me/assets/js/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.185.191.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-191-84.eu-central-1.compute.amazonaws.com
Software: openresty/1.19.9.1 /
Resource Hash: 52cea2e63fec4f8589406792b5194db66255cfb26b6a33b7971260a3852c7ba5

Request headers

Referer: https://get.producersecrets.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 22 Mar 2022 00:49:19 GMT
content-encoding: gzip
server: openresty/1.19.9.1
content-type: application/json

GET
H3 200 css
fonts.googleapis.com/ 1 KB
407 B 48ms
48ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:600,500,400,300&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

279de3ccc487eb1584850a804dd089c08627b2aca28bf276abe15558c3186c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 23:59:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 22 Mar 2022 00:49:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Mar 2022 00:49:19 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-161465558-3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4469
date: Mon, 21 Mar 2022 23:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 22 Mar 2022 01:34:50 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1301251/ 55 KB
17 KB 9ms
9ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1301251/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M49FWS6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9c3e8175c560c9a30ab1733cad3a19a3cea0b5126fed47e1923541e5957b1502

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: l.7HkBlqbXCW9zD8AQyRu9mH.pKwCl7i
content-encoding: gzip
etag: "0ed6973769435e3b4025035014372ff5"
age: 1
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 17363
x-amz-id-2: vryScduPm/Z1JH29x5+DVS/X37c4kVwI7MMKCnrHnRtSNmMq5Z/YK/qp0kHFeWIsYjyixQto9Cs=
x-served-by: cache-hhn4073-HHN
last-modified: Sun, 20 Mar 2022 11:08:16 GMT
server: AmazonS3
x-timer: S1647910160.951395,VS0,VE0
date: Tue, 22 Mar 2022 00:49:19 GMT
vary: Accept-Encoding
x-amz-request-id: Q4N7WE8WGVBVJ6NV
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 35
x-cache-hits: 2

GET
H2 200 track.js Show response
cdn.funnelytics.io/ 9 KB
3 KB 9ms
7ms Script
application/javascript 143.204.98.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.funnelytics.io/track.js
Requested by: Host: connect.midimoney.com
URL: https://connect.midimoney.com/welcome
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-81.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bda277a4ba0af74a71829d0503828c4f976d0c56187bf9dfb4f7c017d99179d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 00:55:55 GMT
content-encoding: gzip
last-modified: Tue, 08 Dec 2020 16:42:53 GMT
server: AmazonS3
age: 86004
etag: W/"4ae1baef1263c1a5a4d1b46c51016daa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: MHQjco1jxbFfZaJ7YlbNeTQWGOHG9BGhY2hKaVCBCHkOmetwWSpi8g==

GET
H2 200 elc Show response
collector.leaddyno.com// 94 B
215 B 104ms
104ms Script
application/javascript 34.205.136.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.leaddyno.com//elc?url=https%3A%2F%2Fget.producersecrets.com%2Fpfs-instant-web-reg-b&referrer=https%3A%2F%2Flegionproducers.com%2F&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&js=true&ld_t=ff24fe1d-ddd1-4051-e8e4-ce1985293a9b&ld_ext=&ld_fp=3977134471&channel=&key=cc009cc9268723dcc76b371bb0347ba9e74ce226&callback=__LDCB_1647910159953_134651

Requested by

Host: static.leaddyno.com
URL: https://static.leaddyno.com/js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.205.136.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-205-136-113.compute-1.amazonaws.com

Software

nginx/1.10.3 /

Resource Hash

c60d4700be1e492c566e1605992f0b41adf82c73a9df71ece16ca8f0ea946dc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.10.3
content-type: application/javascript;charset=utf-8

GET
H3 200 xfbml.customerchat.js Show response
connect.facebook.net/en_US/sdk/ 297 KB
85 KB 10ms
9ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Requested by

Host: mccdn.me
URL: https://mccdn.me/assets/js/widget.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d6110aa2721ad0c6a7321227f9f57a3456fe8121eae40207f85df7e3944914ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: KEgNoixwJdObA8/laO14kQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86586
x-fb-rlafr: 0
x-fb-debug: X6clSTu9fn7+ETFpDZlaI/KQ1a7jJla89p6SoDnxuKKwx/tl18jZwT9AEXCYP3wP7wgOODivEyQ4KGPT/U2dbQ==
x-fb-content-md5: f9538b8d048e991a4c0ca40a85b3d47d
x-frame-options: DENY
date: Tue, 22 Mar 2022 00:49:19 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "49c5c2b02736d8154034e07f6f5f3774"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 22 Mar 2022 00:54:20 GMT

GET
H2 200 box-acca23410e696f2ca3087d947271c3d0.html Show response
vars.hotjar.com/ Frame 027C 2 KB
1 KB 8ms
7ms Document
text/html 143.204.98.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2015064.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-32.fra50.r.cloudfront.net
Software: /
Resource Hash: e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/

Response headers

content-type: text/html
content-length: 1044
date: Fri, 04 Feb 2022 08:52:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6f65fac4e8efe167ff5132c0c54c5729"
last-modified: Fri, 04 Feb 2022 08:51:39 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: DHl3QvGlA1yTEFIvk__LVK9TISyyQT_9yWz7N1c3kWEQrtYfuASQqA==
age: 3945433

GET
H2 200 json Show response
trc.taboola.com/1301251/trc/3/ 2 KB
1 KB 35ms
35ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1301251/trc/3/json?tim=1647910159974&data=%7B%22id%22%3A32%2C%22ii%22%3A%22%2Fpfs-instant-web-reg-a%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1647910159970%2C%22cv%22%3A%2220220317-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fget.producersecrets.com%2Fpfs-instant-web-reg-a%22%2C%22e%22%3A%22https%3A%2F%2Flegionproducers.com%2F%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dmidimoney-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1647910159974%2C%22ref%22%3A%22https%3A%2F%2Flegionproducers.com%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Fget.producersecrets.com%2Fpfs-instant-web-reg-b%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A64%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1301251/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b4ab3acf6c046035b43a0909a10f0268dcbffd21e274d6e557a869301173a2a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms: 18
date: Tue, 22 Mar 2022 00:49:19 GMT
content-encoding: gzip
server: nginx
x-timer: S1647910160.979915,VS0,VE18
x-served-by: cache-hhn4073-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

POST
H2 200 sessions Show response
track-v2.funnelytics.io/ 50 B
260 B 217ms
217ms XHR
application/json 35.183.138.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track-v2.funnelytics.io/sessions
Requested by: Host: cdn.funnelytics.io
URL: https://cdn.funnelytics.io/track.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.183.138.154 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-183-138-154.ca-central-1.compute.amazonaws.com
Software: /
Resource Hash: 9ce85a3aef24dceaea003217706b4485c558b463e2677ddb1a49253b6ce6da73

Request headers

Referer: https://get.producersecrets.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 22 Mar 2022 00:49:20 GMT
x-amzn-requestid: 562abdf6-33c1-4c35-b9bb-86a28a71a6d7
x-amz-apigw-id: PXF6iF4u4osFRUQ=
x-amzn-trace-id: Root=1-62391d10-62c0c42245cbd5df4d38c1a4;Sampled=0
content-length: 50
content-type: application/json

GET /
prism.app-us1.com/ 0
0

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame 3631 54 KB
17 KB 10ms
9ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F27) /

Resource Hash

1b8f3d676f1df1ca5867197fb16660fe565e70b9c6cd4176985a522df98e6d14

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/

Response headers

content-encoding: gzip
accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-type: text/html
date: Tue, 22 Mar 2022 00:49:20 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "622a407f-d994"
expires: Tue, 22 Mar 2022 01:49:20 GMT
last-modified: Thu, 10 Mar 2022 18:16:31 GMT
paypal-debug-id: 5f0709d7e544f
server: ECAcc (frc/8F27)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 16790

GET
H3 200 606954326304688 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/606954326304688?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c80ca5e629c36e6624177204f362eb5cae65a6dcd10fea337857d8da9bd42701

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 89341
x-xss-protection: 0
pragma: public
x-fb-debug: n/hRdpyo+w6Ije3ViUpgxnlPVEeX2/IJLvmsFNYME09ETfG9l3/VUrZDeEdbM2E190S0+KpoLCAqoa6oDnvZeQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 22 Mar 2022 00:49:20 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=485199886499651&ev=PageView&dl=https%3A%2F%2Fget.producersecrets.com%2Fpfs-instant-web-reg-b&rl=https%3A%2F%2Flegionproducers.com%2F&if=false&ts=1647910160062&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1647910160061.1012048332&it=1647910159822&coo=false&exp=p0&rqm=GET

Requested by

Host: get.producersecrets.com
URL: https://get.producersecrets.com/pfs-instant-web-reg-b

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 22 Mar 2022 00:49:20 GMT

GET
H2 200 / Show response
c.deadlinefunnel.com/identify/ 0
431 B 104ms
103ms Fetch
application/json 54.161.245.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c.deadlinefunnel.com/identify/?callback=callDFJsonP&domain=https%3A%2F%2Fdeadlinefunnel.com&clientUrl=https%3A%2F%2Fget.producersecrets.com%2Fpfs-instant-web-reg-b&debug=false&showCountdownNow=0&redisDomain=https%3A%2F%2Fc.deadlinefunnel.com&userIdHash=eyJpdiI6IkNsRHF1XC84amlRbUh0T2RiU3RQZTVBPT0iLCJ2YWx1ZSI6IjNmclNoTiszOXNlUTdUdkYzdkt2RUE9PSIsIm1hYyI6ImUxYTAzNWYxZWI0ZWFlMDM5MzNhMzM4Mjk0NmRhODU1ZTcyMmIzOWI5ODM3MTZkYzAxZWY4NTNkOWMyMzU4NWUifQ&pageFromUrl=aHR0cHM6Ly9nZXQucHJvZHVjZXJzZWNyZXRzLmNvbS9wZnMtaW5zdGFudC13ZWItcmVnLWI&parentPageFromUrl=&=&promocode=undefined
Requested by: Host: a.deadlinefunnel.com
URL: https://a.deadlinefunnel.com/unified/reactunified.bundle.js?userIdHash=eyJpdiI6IkNsRHF1XC84amlRbUh0T2RiU3RQZTVBPT0iLCJ2YWx1ZSI6IjNmclNoTiszOXNlUTdUdkYzdkt2RUE9PSIsIm1hYyI6ImUxYTAzNWYxZWI0ZWFlMDM5MzNhMzM4Mjk0NmRhODU1ZTcyMmIzOWI5ODM3MTZkYzAxZWY4NTNkOWMyMzU4NWUifQ==&pageFromUrl=aHR0cHM6Ly9nZXQucHJvZHVjZXJzZWNyZXRzLmNvbS9wZnMtaW5zdGFudC13ZWItcmVnLWI=&parentPageFromUrl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.161.245.173 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-245-173.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 22 Mar 2022 00:49:20 GMT
x-powered-by: Express
content-length: 0
content-type: application/json; charset=utf-8

GET
H3 200 status
www.facebook.com/x/oauth/ 0
0 28ms
27ms Fetch
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=246441615530259&input_token&origin=1&redirect_uri=https%3A%2F%2Fget.producersecrets.com%2Fpfs-instant-web-reg-b&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: dWCTnHaAA8dWt0WcFOnCDoByWSfflx1kZei8PRRlm0XgCYQDWMRCGRTP0pHJ6dQL9Rr3jwbOxpPMN1PNeb0SMw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
date: Tue, 22 Mar 2022 00:49:20 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://get.producersecrets.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=1
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 46ms
45ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1104327446&t=pageview&_s=1&dl=https%3A%2F%2Fget.producersecrets.com%2Fpfs-instant-web-reg-b&dr=https%3A%2F%2Flegionproducers.com%2F&ul=en-us&de=UTF-8&dt=Producer%20Training&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=802307773&gjid=76747477&cid=2132367441.1647910160&tid=UA-161465558-3&_gid=1020674422.1647910160&_r=1&gtm=2ou3e0&z=1792761703

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://get.producersecrets.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 00:49:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.producersecrets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 48ms
48ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1104327446&t=pageview&_s=1&dl=https%3A%2F%2Fget.producersecrets.com%2Fpfs-instant-web-reg-b&dr=https%3A%2F%2Flegionproducers.com%2F&ul=en-us&de=UTF-8&dt=Producer%20Training&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=834083217&gjid=158040735&cid=2132367441.1647910160&tid=UA-161465558-2&_gid=1020674422.1647910160&_r=1&gtm=2wg3e0M49FWS6&z=1971313084

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://get.producersecrets.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 00:49:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.producersecrets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 steps Show response
track-v2.funnelytics.io/ 47 B
257 B 238ms
238ms XHR
application/json 35.183.138.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track-v2.funnelytics.io/steps
Requested by: Host: cdn.funnelytics.io
URL: https://cdn.funnelytics.io/track.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.183.138.154 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-183-138-154.ca-central-1.compute.amazonaws.com
Software: /
Resource Hash: ddad0c6bec8685037d48a31a2b4d42efcddfeb926c3f48dc00d5c6421b29e14a

Request headers

Referer: https://get.producersecrets.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 22 Mar 2022 00:49:20 GMT
x-amzn-requestid: 2e890c1e-48f4-4ce0-9653-e6a0a6d5a6b7
x-amz-apigw-id: PXF6kElfYosFxPg=
x-amzn-trace-id: Root=1-62391d10-2bc3174c26dcae363e363639;Sampled=0
content-length: 47
content-type: application/json

GET
H2 200 62bcf0c9-e0f9-4570-81f5-61b179368d4b Show response
track-v2.funnelytics.io/settings/ 122 B
333 B 142ms
142ms XHR
application/json 35.183.138.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track-v2.funnelytics.io/settings/62bcf0c9-e0f9-4570-81f5-61b179368d4b
Requested by: Host: cdn.funnelytics.io
URL: https://cdn.funnelytics.io/track.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.183.138.154 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-183-138-154.ca-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8e95829c2b156c3231d1e30717de4a83173a015641c26a7ab014fbbb0c43d232

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 22 Mar 2022 00:49:20 GMT
x-amzn-requestid: 704057f4-f293-4863-a42a-44b0b3287a04
x-amz-apigw-id: PXF6kFlRYosFsvw=
x-amzn-trace-id: Root=1-62391d10-0f66ef932555f20c7af77024;Sampled=0
content-length: 122
content-type: application/json

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2015064/ 146 B
320 B 38ms
37ms XHR
application/json 99.80.58.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2015064/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.7d3f952308caf42c2b67.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.58.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-58-148.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5dfdf8364391fb0206fd041768223181bad6754d36faa9428d03ca8832514d5d

Request headers

Referer: https://get.producersecrets.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 22 Mar 2022 00:49:20 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 ts
t.paypal.com/ 42 B
430 B 164ms
164ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AG9UCM8HMZ4CLJ-1&page=muse%3Aoffer%3A%3A%3AG9UCM8HMZ4CLJ-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=bda30f4d-adfc-4639-baae-de0db7fd6c6c&es=visitorInfoFlowStarted&mrid=G9UCM8HMZ4CLJ&code=UNDEFINED&partner_name=UNDEFINED&pt=Producer%20Training&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1647910160222&g=0&completeurl=https%3A%2F%2Fget.producersecrets.com%2Fpfs-instant-web-reg-b

Requested by

Host: get.producersecrets.com
URL: https://get.producersecrets.com/pfs-instant-web-reg-b

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8E9E) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 00:49:20 GMT
content-type: image/gif
server: ECAcc (frc/8E9E)
strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 526016c0e4793
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc=,x-cdn;desc=edgecast,edge;dur=158
timing-allow-origin: *
content-length: 42
expires: Tue, 22 Mar 2022 00:49:20 GMT

GET
H3 200 509219373101997 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/509219373101997?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8cbff89471680b231165c2c015da0ca694aae611fdeb4fc2bfd95b10c749809c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 89175
x-xss-protection: 0
pragma: public
x-fb-debug: Onhc2sk8CuSva8KPFU9kodrrqI6R4/UD9iLoo645ROOVfnKW+YUFie5qosh220BWsEowJMp9jRYRbC/gdeoWmg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 22 Mar 2022 00:49:20 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=606954326304688&ev=PageView&dl=https%3A%2F%2Fget.producersecrets.com%2Fpfs-instant-web-reg-b&rl=https%3A%2F%2Flegionproducers.com%2F&if=false&ts=1647910160228&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22351714805934517%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22additionalType%22%3A%22vehicle%22%2C%22offers%22%3A%7B%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%221222569891459779%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%2C%22productID%22%3A%22Click%20For%20Instant%20Access%22%7D%7D&fbp=fb.1.1647910160061.1012048332&it=1647910159822&coo=false&exp=p0&rqm=GET

Requested by

Host: get.producersecrets.com
URL: https://get.producersecrets.com/pfs-instant-web-reg-b

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 22 Mar 2022 00:49:20 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 39ms
19ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-161465558-3&cid=2132367441.1647910160&jid=802307773&gjid=76747477&_gid=1020674422.1647910160&_u=YEBAAUAAAAAAAC~&z=237879371

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://get.producersecrets.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 22 Mar 2022 00:49:20 GMT
content-type: text/plain
access-control-allow-origin: https://get.producersecrets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame 3631 434 B
2 KB 263ms
262ms Fetch
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

50f4cbcff097940d5811418399dbf652b908a60a428db151bfd0c6391f529821

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-gM8pipzN45tHDd0xgWuOyhHm462LxVh0Mj30ohnW5A3UUg9n' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-gM8pipzN45tHDd0xgWuOyhHm462LxVh0Mj30ohnW5A3UUg9n' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via: 1.1 varnish
vary: Accept-Encoding
x-cache: MISS
paypal-debug-id: f3008738125b9
date: Tue, 22 Mar 2022 00:49:20 GMT
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4025-HHN
x-timer: S1647910160.424453,VS0,VE256
x-frame-options: SAMEORIGIN
etag: W/"1b2-S/uhMr5RA0Bj7a0Ckj7WxbIhMkI"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
content-encoding: br
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 190ms
177ms Preflight 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: f3008734b1c4c
dc: ccg11-origin-www-1.paypal.com
accept-ranges: bytes
date: Tue, 22 Mar 2022 00:49:20 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4062-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1647910160.247018,VS0,VE171
server-timing: content-encoding;desc="",x-cdn;desc="fastly"

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 36ms
19ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-161465558-2&cid=2132367441.1647910160&jid=834083217&gjid=158040735&_gid=1020674422.1647910160&_u=YEDAAUABAAAAAC~&z=1984221852

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://get.producersecrets.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 22 Mar 2022 00:49:20 GMT
content-type: text/plain
access-control-allow-origin: https://get.producersecrets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=509219373101997&ev=PageView&dl=https%3A%2F%2Fget.producersecrets.com%2Fpfs-instant-web-reg-b&rl=https%3A%2F%2Flegionproducers.com%2F&if=false&ts=1647910160252&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1647910160061.1012048332&it=1647910159822&coo=false&exp=p0&rqm=GET

Requested by

Host: get.producersecrets.com
URL: https://get.producersecrets.com/pfs-instant-web-reg-b

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 22 Mar 2022 00:49:20 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 9ms
9ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=532160876956612&ev=fb_page_view&dl=https%3A%2F%2Fget.producersecrets.com%2Fpfs-instant-web-reg-b&rl=https%3A%2F%2Flegionproducers.com%2F&if=false&ts=1647910160257&sw=1600&sh=1200

Requested by

Host: get.producersecrets.com
URL: https://get.producersecrets.com/pfs-instant-web-reg-b

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 22 Mar 2022 00:49:20 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 102ms
52ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-161465558-3&cid=2132367441.1647910160&jid=802307773&_u=YEBAAUAAAAAAAC~&z=2000908027

Requested by

Host: get.producersecrets.com
URL: https://get.producersecrets.com/pfs-instant-web-reg-b

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 00:49:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 100ms
51ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-161465558-3&cid=2132367441.1647910160&jid=802307773&_u=YEBAAUAAAAAAAC~&z=2000908027

Requested by

Host: get.producersecrets.com
URL: https://get.producersecrets.com/pfs-instant-web-reg-b

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 00:49:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 98ms
50ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-161465558-2&cid=2132367441.1647910160&jid=834083217&_u=YEDAAUABAAAAAC~&z=698152109

Requested by

Host: get.producersecrets.com
URL: https://get.producersecrets.com/pfs-instant-web-reg-b

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 00:49:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 99ms
51ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-161465558-2&cid=2132367441.1647910160&jid=834083217&_u=YEDAAUABAAAAAC~&z=698152109

Requested by

Host: get.producersecrets.com
URL: https://get.producersecrets.com/pfs-instant-web-reg-b

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 00:49:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=485199886499651&ev=Microdata&dl=https%3A%2F%2Fget.producersecrets.com%2Fpfs-instant-web-reg-b&rl=https%3A%2F%2Flegionproducers.com%2F&if=false&ts=1647910160564&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Producer%20Training%22%2C%22meta%3Adescription%22%3A%22How%20We%20Sold%20Over%20%241%2C258%2C367%20Of%20Beats%20Online%20EACH...%20%5CnWith-OUT%20Relying%20On%20Tons%20Of%20Subscribers%20Or%20Followers%5Cn...And%20How%20You%20Can%20Clone%20Our%20System%20With%20A%20Couple%20Mouse%20Clicks%20By%20Following%20These%203%20%27Hidden%27%20Secrets!%20%22%2C%22meta%3Akeywords%22%3A%22how%20to%20sell%20beats%20online%2C%20producer%20training%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fget.producersecrets.com%2Fhosted%2Fimages%2F1e%2Fa95b0e4b7744e581beb426be27e632%2FGABE-ANNO-title-comp-3-5-20-1-1-1-.png%22%2C%22og%3Atitle%22%3A%22Producer%20Training%22%2C%22og%3Adescription%22%3A%22How%20We%20Sold%20Over%20%241%2C258%2C367%20Of%20Beats%20Online%20EACH...%20%5CnWith-OUT%20Relying%20On%20Tons%20Of%20Subscribers%20Or%20Followers%5Cn...And%20How%20You%20Can%20Clone%20Our%20System%20With%20A%20Couple%20Mouse%20Clicks%20By%20Following%20These%203%20%27Hidden%27%20Secrets!%20%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fget.producersecrets.com%2Fpfs-instant-web-reg-a%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1647910160061.1012048332&it=1647910159822&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Requested by

Host: get.producersecrets.com
URL: https://get.producersecrets.com/pfs-instant-web-reg-b

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 22 Mar 2022 00:49:20 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=606954326304688&ev=Microdata&dl=https%3A%2F%2Fget.producersecrets.com%2Fpfs-instant-web-reg-b&rl=https%3A%2F%2Flegionproducers.com%2F&if=false&ts=1647910160730&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Producer%20Training%22%2C%22meta%3Adescription%22%3A%22How%20We%20Sold%20Over%20%241%2C258%2C367%20Of%20Beats%20Online%20EACH...%20%5CnWith-OUT%20Relying%20On%20Tons%20Of%20Subscribers%20Or%20Followers%5Cn...And%20How%20You%20Can%20Clone%20Our%20System%20With%20A%20Couple%20Mouse%20Clicks%20By%20Following%20These%203%20%27Hidden%27%20Secrets!%20%22%2C%22meta%3Akeywords%22%3A%22how%20to%20sell%20beats%20online%2C%20producer%20training%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fget.producersecrets.com%2Fhosted%2Fimages%2F1e%2Fa95b0e4b7744e581beb426be27e632%2FGABE-ANNO-title-comp-3-5-20-1-1-1-.png%22%2C%22og%3Atitle%22%3A%22Producer%20Training%22%2C%22og%3Adescription%22%3A%22How%20We%20Sold%20Over%20%241%2C258%2C367%20Of%20Beats%20Online%20EACH...%20%5CnWith-OUT%20Relying%20On%20Tons%20Of%20Subscribers%20Or%20Followers%5Cn...And%20How%20You%20Can%20Clone%20Our%20System%20With%20A%20Couple%20Mouse%20Clicks%20By%20Following%20These%203%20%27Hidden%27%20Secrets!%20%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fget.producersecrets.com%2Fpfs-instant-web-reg-a%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1647910160061.1012048332&it=1647910159822&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Requested by

Host: get.producersecrets.com
URL: https://get.producersecrets.com/pfs-instant-web-reg-b

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 22 Mar 2022 00:49:20 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=509219373101997&ev=Microdata&dl=https%3A%2F%2Fget.producersecrets.com%2Fpfs-instant-web-reg-b&rl=https%3A%2F%2Flegionproducers.com%2F&if=false&ts=1647910160754&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Producer%20Training%22%2C%22meta%3Adescription%22%3A%22How%20We%20Sold%20Over%20%241%2C258%2C367%20Of%20Beats%20Online%20EACH...%20%5CnWith-OUT%20Relying%20On%20Tons%20Of%20Subscribers%20Or%20Followers%5Cn...And%20How%20You%20Can%20Clone%20Our%20System%20With%20A%20Couple%20Mouse%20Clicks%20By%20Following%20These%203%20%27Hidden%27%20Secrets!%20%22%2C%22meta%3Akeywords%22%3A%22how%20to%20sell%20beats%20online%2C%20producer%20training%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fget.producersecrets.com%2Fhosted%2Fimages%2F1e%2Fa95b0e4b7744e581beb426be27e632%2FGABE-ANNO-title-comp-3-5-20-1-1-1-.png%22%2C%22og%3Atitle%22%3A%22Producer%20Training%22%2C%22og%3Adescription%22%3A%22How%20We%20Sold%20Over%20%241%2C258%2C367%20Of%20Beats%20Online%20EACH...%20%5CnWith-OUT%20Relying%20On%20Tons%20Of%20Subscribers%20Or%20Followers%5Cn...And%20How%20You%20Can%20Clone%20Our%20System%20With%20A%20Couple%20Mouse%20Clicks%20By%20Following%20These%203%20%27Hidden%27%20Secrets!%20%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fget.producersecrets.com%2Fpfs-instant-web-reg-a%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1647910160061.1012048332&it=1647910159822&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Requested by

Host: get.producersecrets.com
URL: https://get.producersecrets.com/pfs-instant-web-reg-b

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.producersecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:49:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 22 Mar 2022 00:49:20 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: track.addevent.com
URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=31bb9084-dcda-435e-e8ac-937767e91ea3&url=https%3A%2F%2Fconnect.midimoney.com%2Fwelcome&cache=1647910155798

Domain: bam-cell.nr-data.net
URL: https://bam-cell.nr-data.net/events/1/NRJS-fc902efb332119fff33?a=367981416&v=1215.1253ab8&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=2942&ck=1&ref=https://connect.midimoney.com/welcome

Domain: bam-cell.nr-data.net
URL: https://bam-cell.nr-data.net/jserrors/1/NRJS-fc902efb332119fff33?a=367981416&v=1215.1253ab8&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=2943&ck=1&ref=https://connect.midimoney.com/welcome

Domain: connect.midimoney.com
URL: https://connect.midimoney.com/cdn-cgi/rum?

Domain: track.addevent.com
URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=8e7c5a85-99a1-4eff-36c0-7ba5c436e348&url=https%3A%2F%2Flegionproducers.com%2Fpfs-live-registration-a&cache=1647910158352

Domain: track-v2.funnelytics.io
URL: https://track-v2.funnelytics.io/steps

Domain: legionproducers.com
URL: https://legionproducers.com/cdn-cgi/rum?

Domain: legionproducers.com
URL: https://legionproducers.com/cdn-cgi/rum?

Domain: track.addevent.com
URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=8f1e3c6e-cca4-40ba-5e23-69be6ed29f58&url=https%3A%2F%2Fget.producersecrets.com%2Fpfs-instant-web-reg-b&cache=1647910159818

Domain: prism.app-us1.com
URL: https://prism.app-us1.com/?a=224028943&u=https%3A%2F%2Fget.producersecrets.com%2Fpfs-instant-web-reg-b&r=https%3A%2F%2Flegionproducers.com%2F

Verdicts & Comments Add Verdict or Comment

328 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

93 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 01:46:36	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
.connect.midimoney.com/	1970-01-20 01:45:11	Name: __cf_bm Value: FNwykG_TgdwH5LUTKXdLBLxNHsBLclBv3zdLaexNF24-1647910155-0-Aa5oi2zXKfBnfaTbSHwrvaATiG76LK/Zr6ULsf+puJikoKmE10fyp4EPqwvu7XSZLPcO0/08cdacHPRCBKR+fiXLkVnUGUHSQmpUPvyX69Xg
.clickfunnels.com/	1970-01-20 01:45:11	Name: __cf_bm Value: FWS4Hpc.HWRx1fPaIHOxZO_M2jxQ2eUXDIygs3g.qaE-1647910155-0-AeHoO+DxMtg+DCJ00Zeq2OOl8tT0OkgphJJVvurT/UJPLSDd+jyWmjWKiooySqCdldkbz65TqlrUB60F6h+3f8YTlmCeQGaxnvliqU5+2+nG
connect.midimoney.com/	1970-01-20 10:30:46	Name: addevent_track_cookie Value: 31bb9084-dcda-435e-e8ac-937767e91ea3
connect.midimoney.com/	1970-01-20 10:30:46	Name: cf:aff_sub2 Value:
connect.midimoney.com/	1970-01-20 10:30:46	Name: cf:aff_sub3 Value:
connect.midimoney.com/	1970-01-20 10:30:46	Name: cf:aff_sub Value:
connect.midimoney.com/	1970-01-20 10:30:46	Name: cf:affiliate_id Value:
connect.midimoney.com/	1970-01-20 10:30:46	Name: cf:cf_affiliate_id Value:
connect.midimoney.com/	1970-01-20 10:30:46	Name: cf:content Value:
connect.midimoney.com/	1970-01-20 10:30:46	Name: cf:medium Value:
connect.midimoney.com/	1970-01-20 10:30:46	Name: cf:name Value:
connect.midimoney.com/	1970-01-20 10:30:46	Name: cf:source Value:
connect.midimoney.com/	1970-01-20 10:30:46	Name: cf:term Value:
connect.midimoney.com/	1970-01-20 10:30:46	Name: cf:MjE2NjI2NDI Value: :visited=true
connect.midimoney.com/	1970-01-20 10:30:46	Name: cf:visitor_id Value: 0ac48f6d-ca13-4401-ae2f-c9940dc1bf19
.midimoney.com/	1970-01-20 03:54:46	Name: _fbp Value: fb.1.1647910155870.1428297430
connect.midimoney.com/	1969-12-31 23:59:59	Name: is_eu Value: true
connect.midimoney.com/	1970-01-20 10:30:46	Name: 79l3mka6x3pi7yms Value: true
connect.midimoney.com/	1970-01-20 10:30:46	Name: 5743889_viewed_1 Value: 5
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 9c9cbcb2763ccf90
.legionproducers.com/	1970-01-20 01:45:11	Name: __cf_bm Value: GoRjeFSmN2HcsEe0itgsvN6kwGYJhesT2NylEmEs4Jk-1647910157-0-AVSKpgNqG93JOiZpMuYtYPtymRYyyUn9jjLS+tfyVWb3ZzNO4J9tURGCjmohYxcx440j0+3eFC2cj9bLiVWgApuYhkZcFMUJA+u7GAxUABkV
legionproducers.com/	1970-02-25 13:45:10	Name: LD_T Value: 7ed9bc16-4f5e-4bf7-fc42-57de4f75e8f1
legionproducers.com/	1970-01-20 01:45:10	Name: LD_S Value: 1647910157627
legionproducers.com/	1970-02-25 13:45:10	Name: LD_U Value: https%3A%2F%2Flegionproducers.com%2Fpfs-live-registration-a
legionproducers.com/	1970-02-25 13:45:10	Name: LD_R Value:
.legionproducers.com/	1970-01-20 03:54:46	Name: _gcl_au Value: 1.1.118899156.1647910158
legionproducers.com/	1970-01-20 10:30:46	Name: addevent_track_cookie Value: 8e7c5a85-99a1-4eff-36c0-7ba5c436e348
legionproducers.com/	1970-01-20 10:30:46	Name: cf:aff_sub2 Value:
legionproducers.com/	1970-01-20 10:30:46	Name: cf:aff_sub3 Value:
legionproducers.com/	1970-01-20 10:30:46	Name: cf:aff_sub Value:
legionproducers.com/	1970-01-20 10:30:46	Name: cf:affiliate_id Value:
legionproducers.com/	1970-01-20 10:30:46	Name: cf:cf_affiliate_id Value:
legionproducers.com/	1970-01-20 10:30:46	Name: cf:content Value:
legionproducers.com/	1970-01-20 10:30:46	Name: cf:medium Value:
legionproducers.com/	1970-01-20 10:30:46	Name: cf:name Value:
legionproducers.com/	1970-01-20 10:30:46	Name: cf:source Value:
legionproducers.com/	1970-01-20 10:30:46	Name: cf:term Value:
legionproducers.com/	1970-01-20 10:30:46	Name: cf:MzcwNTExNzg Value: :visited=true
legionproducers.com/	1970-01-20 10:30:46	Name: cf:visitor_id Value: 0b12a791-11b3-45b2-8315-a1d8d9c105b8
.legionproducers.com/	1970-01-20 19:16:22	Name: _ga Value: GA1.2.981486969.1647910158
.legionproducers.com/	1970-01-20 01:46:36	Name: _gid Value: GA1.2.537655568.1647910158
.legionproducers.com/	1970-01-20 01:45:10	Name: _gat_gtag_UA_161465558_2 Value: 1
midimoney.com/	1970-01-20 02:28:22	Name: prli_click_1 Value: training
midimoney.com/	1970-01-20 10:30:46	Name: prli_visitor Value: 62391d0e82c86
.legionproducers.com/	1970-01-20 11:14:56	Name: _scid Value: e5a14716-7b7c-4bb0-a9c5-6e074686a6dd
.legionproducers.com/	1970-01-20 01:45:10	Name: _gat_UA-161465558-2 Value: 1
.legionproducers.com/	1970-01-20 03:54:46	Name: _fbp Value: fb.1.1647910158695.741507405
.snapchat.com/	1970-01-20 11:06:46	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgQ0AIAgDsItIRgSRcxTnFRxve8gKDkqsmGJvD0kDxDzroOj3abdOi1Sor8YHfZifDDIAAAA=
.legionproducers.com/	1970-01-20 10:30:46	Name: _hjSessionUser_1414462 Value: eyJpZCI6ImViM2RmYTAzLWM1NjEtNTI0YS05YjkyLWNkYjgzOTQ4MTQ4NCIsImNyZWF0ZWQiOjE2NDc5MTAxNTg3MTUsImV4aXN0aW5nIjpmYWxzZX0=
.legionproducers.com/	1970-01-20 01:45:11	Name: _hjFirstSeen Value: 1
legionproducers.com/	1970-01-20 01:45:10	Name: _hjIncludedInSessionSample Value: 1
.legionproducers.com/	1970-01-20 01:45:11	Name: _hjSession_1414462 Value: eyJpZCI6ImMwNDU5MzRkLTI3NTQtNDU5OS05ZWMxLWM0ZjYwZGY3MzAyMSIsImNyZWF0ZWQiOjE2NDc5MTAxNTg3NDksImluU2FtcGxlIjp0cnVlfQ==
legionproducers.com/	1970-01-20 01:45:10	Name: _hjIncludedInPageviewSample Value: 1
.legionproducers.com/	1970-01-20 01:45:11	Name: _hjAbsoluteSessionInProgress Value: 0
.doubleclick.net/	1970-01-20 01:45:11	Name: test_cookie Value: CheckForPermission
prism.app-us1.com/	1970-01-20 02:28:22	Name: prism_224028943 Value: 418570cb-bd21-4aad-8870-789333a4d5f2
.legionproducers.com/	1970-01-20 02:28:22	Name: prism_224028943 Value: 418570cb-bd21-4aad-8870-789333a4d5f2
.producersecrets.com/	1969-12-31 23:59:59	Name: _etison_sessions_dcs_v2 Value: ca16811368fa06fbe0a65cf593000faf
.get.producersecrets.com/	1970-01-20 01:45:11	Name: __cf_bm Value: Rvi42CogPbMpSqgaEUO3sUjOUMckQhpnabvkeOp1kEY-1647910159-0-AZN6ATnAKgp9z95y1Ve0qacMb0/TmCJaXTQOsZRWF5GMxxcqidlYMw41KkZ9McJUVLNg3NQyagdP2tqd1SwtSHes29OQP9Usl5RGVZ2ewTdJ
.legionproducers.com/	1970-01-25 20:05:16	Name: _fs Value: 71964989-807d-4c86-9f45-c20ccf2beca4
get.producersecrets.com/	1970-02-25 13:45:10	Name: LD_T Value: ff24fe1d-ddd1-4051-e8e4-ce1985293a9b
get.producersecrets.com/	1970-01-20 01:45:10	Name: LD_S Value: 1647910159468
get.producersecrets.com/	1970-02-25 13:45:10	Name: LD_U Value: https%3A%2F%2Fget.producersecrets.com%2Fpfs-instant-web-reg-b
get.producersecrets.com/	1970-02-25 13:45:10	Name: LD_R Value: https%3A%2F%2Flegionproducers.com%2F
app.marketermagic.com/	1970-01-20 01:55:14	Name: AWSALBCORS Value: rNtfEgzGyW1eq+B4TZL9YKSMdTkAPmAIr0pponIDQ2QfOD2waOmglBk7FF248TbusG+29GnLcRfE4X5u2at2JIsdOmOTD+lB7RaDBX8K4xb/1x7x50wHHCbjObHy
get.producersecrets.com/	1970-01-20 10:30:46	Name: addevent_track_cookie Value: 8f1e3c6e-cca4-40ba-5e23-69be6ed29f58
get.producersecrets.com/	1970-01-20 10:30:46	Name: cf:aff_sub2 Value:
get.producersecrets.com/	1970-01-20 10:30:46	Name: cf:aff_sub3 Value:
get.producersecrets.com/	1970-01-20 10:30:46	Name: cf:aff_sub Value:
get.producersecrets.com/	1970-01-20 10:30:46	Name: cf:affiliate_id Value:
get.producersecrets.com/	1970-01-20 10:30:46	Name: cf:cf_affiliate_id Value:
get.producersecrets.com/	1970-01-20 10:30:46	Name: cf:content Value:
get.producersecrets.com/	1970-01-20 10:30:46	Name: cf:medium Value:
get.producersecrets.com/	1970-01-20 10:30:46	Name: cf:name Value:
get.producersecrets.com/	1970-01-20 10:30:46	Name: cf:source Value:
get.producersecrets.com/	1970-01-20 10:30:46	Name: cf:term Value:
get.producersecrets.com/	1970-01-20 10:30:46	Name: cf:NDYwNzExMzM Value: :visited=true
get.producersecrets.com/	1970-01-20 10:30:46	Name: cf:visitor_id Value: 47f7edf7-aed1-47b7-9114-dcfb0f6eb090
.producersecrets.com/	1970-01-20 03:54:46	Name: _gcl_au Value: 1.1.829532503.1647910160
.producersecrets.com/	1970-01-20 03:54:46	Name: _fbp Value: fb.1.1647910160061.1012048332
.paypal.com/	1970-01-21 04:03:24	Name: ts Value: vreXpYrS%3D1742604560%26vteXpYrS%3D1647911960%26vr%3Daf19868817f0a8a339c20a10ffffffff%26vt%3Daf19868817f0a8a339c20a10fffffffe
.paypal.com/	1970-01-21 04:03:24	Name: ts_c Value: vr%3Daf19868817f0a8a339c20a10ffffffff%26vt%3Daf19868817f0a8a339c20a10fffffffe
.producersecrets.com/	1970-01-20 19:16:22	Name: _ga Value: GA1.2.2132367441.1647910160
.producersecrets.com/	1970-01-20 01:46:36	Name: _gid Value: GA1.2.1020674422.1647910160
.producersecrets.com/	1970-01-20 01:45:10	Name: _gat_gtag_UA_161465558_3 Value: 1
.producersecrets.com/	1970-01-20 01:45:10	Name: _gat_UA-161465558-2 Value: 1
.producersecrets.com/	1970-01-25 20:05:16	Name: _fs Value: b241eb06-088c-4eac-9111-150e34bbb489
.producersecrets.com/	1970-01-20 10:30:46	Name: _hjSessionUser_2015064 Value: eyJpZCI6ImQ2Y2ViZDBkLTY2NzYtNWIyYy04YzZiLTJmNzYwMjUxNDNmZiIsImNyZWF0ZWQiOjE2NDc5MTAxNjAwNDYsImV4aXN0aW5nIjpmYWxzZX0=
.producersecrets.com/	1970-01-20 01:45:11	Name: _hjFirstSeen Value: 1
get.producersecrets.com/	1970-01-20 01:45:10	Name: _hjIncludedInPageviewSample Value: 1
.producersecrets.com/	1970-01-20 01:45:11	Name: _hjSession_2015064 Value: eyJpZCI6IjQ3YTJiZDY1LWYxNzMtNDEwYy04MTgxLTNiYTFlODY2ODQwMCIsImNyZWF0ZWQiOjE2NDc5MTAxNjAyMTYsImluU2FtcGxlIjp0cnVlfQ==
.producersecrets.com/	1970-01-20 01:45:11	Name: _hjAbsoluteSessionInProgress Value: 0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=31bb9084-dcda-435e-e8ac-937767e91ea3&url=https%3A%2F%2Fconnect.midimoney.com%2Fwelcome&cache=1647910155798 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=8e7c5a85-99a1-4eff-36c0-7ba5c436e348&url=https%3A%2F%2Flegionproducers.com%2Fpfs-live-registration-a&cache=1647910158352 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=8f1e3c6e-cca4-40ba-5e23-69be6ed29f58&url=https%3A%2F%2Fget.producersecrets.com%2Fpfs-instant-web-reg-b&cache=1647910159818 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.deadlinefunnel.com
ajax.googleapis.com
analytics.tiktok.com
app.clickfunnels.com
app.marketermagic.com
assets.clickfunnels.com
bam-cell.nr-data.net
c.deadlinefunnel.com
cdn.funnelytics.io
cdn.taboola.com
collector.leaddyno.com
connect.facebook.net
connect.midimoney.com
deadlinefunnel.com
diffuser-cdn.app-us1.com
fonts.googleapis.com
fonts.gstatic.com
get.producersecrets.com
googleads.g.doubleclick.net
in.hotjar.com
js-agent.newrelic.com
legionproducers.com
manychat.com
mccdn.me
midimoney.com
prism.app-us1.com
sc-static.net
script.hotjar.com
static.cloudflareinsights.com
static.hotjar.com
static.leaddyno.com
stats.g.doubleclick.net
t.paypal.com
tr.snapchat.com
track-v2.funnelytics.io
track.addevent.com
trackcmp.net
trc.taboola.com
use.fontawesome.com
vars.hotjar.com
widget.manychat.com
widget.wickedreports.com
www.clickfunnels.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.paypal.com
www.paypalobjects.com
bam-cell.nr-data.net
connect.midimoney.com
legionproducers.com
prism.app-us1.com
track-v2.funnelytics.io
track.addevent.com
142.250.185.226
143.204.93.244
143.204.98.124
143.204.98.32
143.204.98.33
143.204.98.57
143.204.98.81
143.204.98.82
151.101.129.44
151.101.130.137
151.101.193.21
151.139.128.11
162.247.243.147
167.172.49.141
18.185.191.84
192.229.221.25
2.16.186.234
2606:4700:20::ac43:486c
2606:4700:440e::ac40:9c1a
2606:4700::6810:10c2
2606:4700::6810:cc2
2606:4700::6810:dc2
2606:4700::6810:ec2
2606:4700::6811:925b
2606:4700::6812:c
2a00:1450:4001:803::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2004
2a00:1450:4001:810::2008
2a00:1450:4001:811::2002
2a00:1450:4001:811::200e
2a00:1450:4001:813::200a
2a00:1450:4001:82b::200a
2a00:1450:400c:c08::9c
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a06:98c1:3121::7
34.205.136.113
35.183.138.154
35.186.226.184
52.32.96.222
54.161.245.173
99.80.58.148
004e3565fa58bd4ff0cbf31deb5451508a5ec7d46c4480f9bfa23326f187a158
081da152c2232061fff306c1cb7232595fef81566b2468747289633d882a4a6a
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13bf4ec2c8a7bd0c997916034f90caff820018a002a6d93006a07105e82684e5
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648
18395fd1ef75de4f03f701f5a5020563aed55e1539b3200605053f2c924211bb
1b8f3d676f1df1ca5867197fb16660fe565e70b9c6cd4176985a522df98e6d14
1d94fd1a3793df0abe10fb36e59825864e1ec9623496e1e04c9cca624be01394
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
227cc479688476d1b155feafd1927ef3084614600c708f622e18b72cda991050
259c4207a413e9b1ed73ba62a775ee5134d1bb1b086379ab98f82f8814f6beaf
279de3ccc487eb1584850a804dd089c08627b2aca28bf276abe15558c3186c52
3276f26fb2af15e583a1848504c04162fecfc15a83e6ea5284e4b715202a8fdf
361bd7ced0b116cf064d9730eafc0a76cf46ad866cc49cef0c36a548e156e4b9
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
43b0a448dfabca1c64deab31c9b3b004d41bac8fafc0796a4f5675cea0dda5a8
4bbb558bcc73c6ec7de1a3bfee854935d2acb54b5055f49347a47fff164c2ce2
50f4cbcff097940d5811418399dbf652b908a60a428db151bfd0c6391f529821
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389
52cea2e63fec4f8589406792b5194db66255cfb26b6a33b7971260a3852c7ba5
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
5dfdf8364391fb0206fd041768223181bad6754d36faa9428d03ca8832514d5d
5f9e9492a4ed26f958663921d94477c152942502c3c565dde3ae377fe9759a2f
6648f926e5fd7ee02dca5b9b42b67bdc62d35d0c594b1216f038724a538d367e
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6a16c04229bc2b4da226eb97e68d94f49ba6437b7b5e16c14a101b21a29384e9
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
727201e0fb2ef8f6e1022b0ec13ac0fa55f74c8ca069d8095c8deb1a28f6c4d1
7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d
7c87ac1b357ff49f0f5b5ffe768381a7ee1fffbd30768e420dd10b358b890926
7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5
83540b53b0e50bf5d3265ff68f2c23018e23e3eaedee9c19227773dd7897abec
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8723864726dc82363e805267f24d781bb2249588d71db59876ea1c25c4aa1604
8a57e892b0bb03090c698f63b5c1031851e0d67e562f6dc9332a850b73231256
8cbff89471680b231165c2c015da0ca694aae611fdeb4fc2bfd95b10c749809c
8d0fb3904baffb378e78446e30f1d3e50f1210d82fa713e9d21a127132ac3ed5
8e95829c2b156c3231d1e30717de4a83173a015641c26a7ab014fbbb0c43d232
9a746aa6f6461b4d9118d2c04d2af7a7e9af9884771226f515e9c477bd1d0770
9c3e8175c560c9a30ab1733cad3a19a3cea0b5126fed47e1923541e5957b1502
9ce85a3aef24dceaea003217706b4485c558b463e2677ddb1a49253b6ce6da73
9d6fac745bf41271e834bc69dda83d9c8b8f50f112545d03c1bb33418082061b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4b749626aab6395c52aed1a8016aa5f6c4c8ca60cf771c0d8ce54202a53e725
acb5ace4af5402946726d0f1748740c11798d4eb91632413de3b72e7d5ae49d9
b4ab3acf6c046035b43a0909a10f0268dcbffd21e274d6e557a869301173a2a4
b57f964dfec15bc7e94db5c8930e02d2f4031c284a8e852b23b81a29450dbd14
b6423062322d120d3a6bba602f3d394a3007484b3792fd5502494fa0a3c85c1a
bda277a4ba0af74a71829d0503828c4f976d0c56187bf9dfb4f7c017d99179d2
c60d4700be1e492c566e1605992f0b41adf82c73a9df71ece16ca8f0ea946dc9
c69e37446164811e4a95813075c091dc7c916c75779120e3c62fd501b226a40e
c80ca5e629c36e6624177204f362eb5cae65a6dcd10fea337857d8da9bd42701
caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d
cb2c2aa2450f0fdc7251c8ed1cbda83c479d75c4748227b4b575a6f298b9ab68
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
cd8c602fdfb0b1374a9604704cce583099d43f6f3b150643ab3f7c4b4a516b7b
d0e6d137466ec7e752df8a3668e0e3a407c603957d940b6451a63853d9d7129f
d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666
d6110aa2721ad0c6a7321227f9f57a3456fe8121eae40207f85df7e3944914ba
da9422432aef50808228f7f81e8102425401fc0b642cd460bc0070a622584bae
ddad0c6bec8685037d48a31a2b4d42efcddfeb926c3f48dc00d5c6421b29e14a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0189e16cf01f8149342c9f2de872cfa73571f2a145a830f18b16154bf1d2982
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc13fb5bae3a040b9585c63965f093506df22c21cfb247b20bd5d54e52a9ec2
f20423184e3b454c755a5db583793eb4fb21bbee7f76b38ac17c485a92844356
f3749f19be5eeaa35ff85212bc9fe3a811e52d1c855d21afcad28152ca73d60f
f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422
fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b
fc1ad839306357e24afe0a9e6fadbf0f60f724fde80b1878c33d38caead92210
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fdd0370e28b63f5f5a784f9273bd6d5a57e8bd08af9ac071dca9b00d40583d8f
fe5863f92617d0561ff5f0ec9ffcff7e1ebc9e1d064f07f8d1b0a84a82c4f387

get.producersecrets.com Open in urlscan Pro 2606:4700::6810:ec2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

204 Requests

94 %HTTPS

47 %IPv6

35 Domains

51 Subdomains

43 IPs

6 Countries

6242 kBTransfer

17588 kBSize

93 Cookies

2 Outgoing links

Page URL History

Redirected requests

204 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

get.producersecrets.com Open in urlscan Pro
2606:4700::6810:ec2 Public Scan

Screenshot
Live screenshot

Full Image

204
Requests

94 %
HTTPS

47 %
IPv6

35
Domains

51
Subdomains

43
IPs

6
Countries

6242 kB
Transfer

17588 kB
Size

93
Cookies

204 HTTP transactions
0 data transactions