Submitted URL: https://link.team.pocketprep.com/uni/ls/click?upn=0VUHJdhkPF5r-2BngSB7yrtg1re6XUHpeXv-2BV9K-2FGMJ4V8OQbFClZOfPYpHp3C1KRfMJN0y8AfV...
Effective URL: https://study.pocketprep.com/settings
Submission: On June 14 via manual from US

Summary

This website contacted 12 IPs in 2 countries across 11 domains to perform 27 HTTP transactions. The main IP is 54.161.241.46, located in United States and belongs to AMAZON-AES, US. The main domain is study.pocketprep.com.
TLS certificate: Issued by R3 on May 21st 2021. Valid for: 3 months.
This is the only time study.pocketprep.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2600:9000:215... 16509 (AMAZON-02)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
4 54.161.241.46 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
5 151.101.112.176 54113 (FASTLY)
1 13.32.2.85 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 35.188.42.15 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 99.86.241.19 16509 (AMAZON-02)
5 13.32.2.40 16509 (AMAZON-02)
1 52.40.208.215 16509 (AMAZON-02)
1 75.2.88.188 16509 (AMAZON-02)
27 12
Domain Requested by
5 js.intercomcdn.com widget.intercom.io
js.intercomcdn.com
4 study.pocketprep.com study.pocketprep.com
3 sentry.io study.pocketprep.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
study.pocketprep.com
3 js.stripe.com study.pocketprep.com
js.stripe.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 www.googletagmanager.com study.pocketprep.com
1 api-iam.intercom.io js.intercomcdn.com
1 m.stripe.com m.stripe.network
1 widget.intercom.io 1 redirects
1 browser-update.org study.pocketprep.com
1 script.tapfiliate.com study.pocketprep.com
1 fonts.googleapis.com study.pocketprep.com
1 pocketprep.com 1 redirects
1 link.team.pocketprep.com 1 redirects
27 15

This site contains no links.

Subject Issuer Validity Valid
study.pocketprep.com
R3
2021-05-21 -
2021-08-19
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2021-05-17 -
2021-08-09
3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2021-04-14 -
2021-08-04
4 months crt.sh
tapfiliate.com
Amazon
2020-11-20 -
2021-12-21
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-05-17 -
2021-08-09
3 months crt.sh
sentry.io
DigiCert SHA2 Secure Server CA
2020-06-02 -
2022-06-07
2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-02 -
2021-08-02
a year crt.sh
*.intercomcdn.com
Amazon
2021-03-01 -
2022-03-30
a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1
2021-04-16 -
2021-08-04
4 months crt.sh
*.intercom.com
Amazon
2021-04-15 -
2022-05-14
a year crt.sh

This page contains 4 frames:

Primary Page: https://study.pocketprep.com/settings
Frame ID: 98EE7B8B2CDA658665B124C1C0FA3599
Requests: 17 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-ff599b5032b79ea1f89ba5416bea26e6.html
Frame ID: B3184C7C67826B316944337F42F8D2F9
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 9678F528F5A468B3CDDA4F11D3166076
Requests: 3 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.fa636a68.js
Frame ID: 24FE5303D83C55F9205BAC6ADF914FD0
Requests: 5 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://link.team.pocketprep.com/uni/ls/click?upn=0VUHJdhkPF5r-2BngSB7yrtg1re6XUHpeXv-2BV9K-2FGMJ4V8OQbFClZOf... HTTP 302
    https://pocketprep.com/apps/finance/settings HTTP 301
    https://study.pocketprep.com/settings Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^Cowboy$/i

Overall confidence: 100%
Detected patterns
  • headers server /^Cowboy$/i

Overall confidence: 100%
Detected patterns
  • script /js\.stripe\.com/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

27
Requests

100 %
HTTPS

47 %
IPv6

11
Domains

15
Subdomains

12
IPs

2
Countries

1510 kB
Transfer

5338 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://link.team.pocketprep.com/uni/ls/click?upn=0VUHJdhkPF5r-2BngSB7yrtg1re6XUHpeXv-2BV9K-2FGMJ4V8OQbFClZOfPYpHp3C1KRfMJN0y8AfVTcth9a9u7gliw-3D-3DzTrb_gbHrfdlIVMWZbvGeJAipcXQccem2ZqzH2tAZ7kD-2BhbKrVXHJidNqoFVD-2Fw4ji7IfWMNXnLfdqGH3RWQEZGWG0OJYia8PSRCbcv2A0hgf7y52Y9ghJMA2ZoKFeX56XbNlXvL13Cv3IsDDgvomTP9pQt1bYj-2BeTJUfDLrpIoOGlsHCjDk9-2Bed9Ilx6t4phWMxPqt3BTL6G5cELPYVMvN5R66gQ-2FJbQ591iPxKwNnjm8hYZZrHGLUD-2FqUa0DfWXR3S0dD3uQwyRBBtpIWbJ6n2RwgFXhPro-2B0P-2FdXjl-2BSHTxABpJEcFFouUyxDiVusR9URw-2BzGJq-2BLpoAULpITR0cW6dkSWOudJf-2BEoEnSSmDLtV7zVqYweuCnUL2cbQu-2BwXTCuZe880H9Ga1sQzUkzegbAHblz3DLGEIkb01jYpI2QpOMXb8RXJOL0qbuim6QaF0rIz7dk00JZJVt2Eq16PzDcma5QSmRP0FFn4lz0Lxrk7HgrUmfvP5AdGNvEmb1aLoA2biOhDL-2B6aRiHcEvcr996tHdWnllblq-2BSVDo5zzuxQBnBR3-2F9qSKPvJoslJhO8AJe HTTP 302
    https://pocketprep.com/apps/finance/settings HTTP 301
    https://study.pocketprep.com/settings Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://widget.intercom.io/widget/vtm81di8 HTTP 302
  • https://js.intercomcdn.com/shim.latest.js

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request settings
study.pocketprep.com/
Redirect Chain
  • https://link.team.pocketprep.com/uni/ls/click?upn=0VUHJdhkPF5r-2BngSB7yrtg1re6XUHpeXv-2BV9K-2FGMJ4V8OQbFClZOfPYpHp3C1KRfMJN0y8AfVTcth9a9u7gliw-3D-3DzTrb_gbHrfdlIVMWZbvGeJAipcXQccem2ZqzH2tAZ7kD-2Bhb...
  • https://pocketprep.com/apps/finance/settings
  • https://study.pocketprep.com/settings
5 KB
2 KB
Document
General
Full URL
https://study.pocketprep.com/settings
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.161.241.46 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-241-46.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
a0f38db37d123e173b758857da2b473e666f34df4cf78db14b6409eb1a995979

Request headers

Host
study.pocketprep.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Cowboy
Connection
keep-alive
X-Powered-By
Express
Accept-Ranges
bytes
Cache-Control
public, max-age=0
Last-Modified
Fri, 28 May 2021 17:12:32 GMT
Etag
W/"1236-179b3f69400"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Mon, 14 Jun 2021 14:35:44 GMT
Transfer-Encoding
chunked
Via
1.1 vegur

Redirect headers

date
Mon, 14 Jun 2021 14:35:44 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding, Cookie
expires
Mon, 14 Jun 2021 15:35:44 GMT
cache-control
max-age=3600
x-redirect-by
redirection
location
https://study.pocketprep.com/settings
cf-cache-status
DYNAMIC
cf-request-id
0aac8c3abb0000021d21a15000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NyFHPXbLhkqiG1L10k6kx85C5wNYBOc7beJThtXuq4MwIwMNI9ZulgIoUeV9Q5s5bVgRgzH1nMmN0Zuy%2B7X0%2FBhsnMZ8gUAwxLcTnuxre3%2BZufxJuo9WcgsdA7DeP%2B06Dtiw8B%2F4u1Y%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
65f449712d8c021d-ZRH
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
app.4fc71727.css
study.pocketprep.com/css/
159 KB
21 KB
Stylesheet
General
Full URL
https://study.pocketprep.com/css/app.4fc71727.css
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/settings
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.161.241.46 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-241-46.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
c396dd721c8f0a0c26522807b8e06f77402599674004b4e70318ebd9958a1e82

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
study.pocketprep.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://study.pocketprep.com/settings
Connection
keep-alive
Referer
https://study.pocketprep.com/settings
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 14 Jun 2021 14:35:44 GMT
Content-Encoding
gzip
Etag
W/"27ad2-179b3f69400"
Last-Modified
Fri, 28 May 2021 17:12:32 GMT
Server
Cowboy
X-Powered-By
Express
Vary
Accept-Encoding
Content-Type
text/css; charset=UTF-8
Via
1.1 vegur
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
app.f607ff70.js
study.pocketprep.com/js/
551 KB
104 KB
Script
General
Full URL
https://study.pocketprep.com/js/app.f607ff70.js
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/settings
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.161.241.46 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-241-46.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
371c816e18d9718d532ba9af2450413fd79fbe92796c6fd097abe8f7bede60df

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://study.pocketprep.com
Accept-Encoding
gzip, deflate, br
Host
study.pocketprep.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://study.pocketprep.com/settings
Connection
keep-alive
Origin
https://study.pocketprep.com
Referer
https://study.pocketprep.com/settings
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 14 Jun 2021 14:35:45 GMT
Content-Encoding
gzip
Etag
W/"89ae8-179b3f69400"
Last-Modified
Fri, 28 May 2021 17:12:32 GMT
Server
Cowboy
X-Powered-By
Express
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Via
1.1 vegur
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
chunk-vendors.d54011fd.js
study.pocketprep.com/js/
3 MB
845 KB
Script
General
Full URL
https://study.pocketprep.com/js/chunk-vendors.d54011fd.js
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/settings
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.161.241.46 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-241-46.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
b19bfd2c65f89db2d001472a3031fa2237d209cefa3c5e9a8b4e9390bddece9e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://study.pocketprep.com
Accept-Encoding
gzip, deflate, br
Host
study.pocketprep.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://study.pocketprep.com/settings
Connection
keep-alive
Origin
https://study.pocketprep.com
Referer
https://study.pocketprep.com/settings
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 14 Jun 2021 14:35:45 GMT
Content-Encoding
gzip
Etag
W/"2aaa3f-179b3f69400"
Last-Modified
Fri, 28 May 2021 17:12:32 GMT
Server
Cowboy
X-Powered-By
Express
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Via
1.1 vegur
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
css
fonts.googleapis.com/
6 KB
626 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Muli:400,400i,600,600i,700,700i
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/settings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
50401c15c35fe6a9162e0292ef08ad57417fbc36327702ea1b7d0e282c97db2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://study.pocketprep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 14 Jun 2021 14:35:44 GMT
server
ESF
date
Mon, 14 Jun 2021 14:35:44 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Jun 2021 14:35:44 GMT
/
js.stripe.com/v3/
223 KB
56 KB
Script
General
Full URL
https://js.stripe.com/v3/
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/settings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
57dd0b954432e4d6950458863a3b255a3898a5784c359578d834f119d6aac60e
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://study.pocketprep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 14:35:44 GMT
content-encoding
br
vary
Accept-Encoding
age
108
via
1.1 varnish
x-cache
HIT
content-length
56599
x-amz-id-2
hYIPC+QsNyx/sspJNmrcd4chwrAVBLKjQ5Tj3RLiX6azbGqJXjnxrDTMt1MPx4xz8Oi79XI+G4k=
x-served-by
cache-hhn4026-HHN
timing-allow-origin
*
last-modified
Fri, 11 Jun 2021 15:36:48 GMT
server
AmazonS3
etag
"b0a4a2e67e46302c4bdd3bca0bb54e2a"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
8VRAAJSPAD57MRKP
access-control-allow-origin
*
cache-control
public, max-age=300
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
172
tapfiliate.js
script.tapfiliate.com/
11 KB
4 KB
Script
General
Full URL
https://script.tapfiliate.com/tapfiliate.js
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/settings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.2.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-2-85.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
75cdd0cd8782116ba8444dabd993758b1b349843584c9631f4f24a4295b98940

Request headers

Referer
https://study.pocketprep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 23:11:41 GMT
content-encoding
gzip
last-modified
Fri, 10 Jul 2020 09:38:20 GMT
server
AmazonS3
age
55445
etag
W/"3a5177f5482ab61da6a0eb7587446403"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 a4035907ac3c3ba8d1fd116b6b6b9a4d.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-amz-cf-id
aP-LFZwGVpbAxBPpGVQeQeqZJvRtuzlm_gOMxUEu_U4QTjn3bX1JgQ==
js
www.googletagmanager.com/gtag/
89 KB
35 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-74206600-4
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/settings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
67acd0d0b78e809fb1151589486fb486fe4aafaca0e6b1627db827750013647d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://study.pocketprep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 14:35:44 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36077
x-xss-protection
0
last-modified
Mon, 14 Jun 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 14 Jun 2021 14:35:44 GMT
gtm.js
www.googletagmanager.com/
105 KB
38 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W6D2M8H
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/settings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
14ad728d76acbee02ed51cf76777495b184e9e848b2aa800b3aaf10cf7465f46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://study.pocketprep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 14:35:44 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38705
x-xss-protection
0
last-modified
Mon, 14 Jun 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 14 Jun 2021 14:35:44 GMT
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-74206600-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://study.pocketprep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
5828
date
Mon, 14 Jun 2021 12:58:37 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Mon, 14 Jun 2021 14:58:37 GMT
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1045012786&t=pageview&_s=1&dl=https%3A%2F%2Fstudy.pocketprep.com%2Fsettings&ul=en-us&de=UTF-8&dt=Pocket%20Prep&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4GBAAUABAAAAAC~&jid=2109684833&gjid=1201523464&cid=1502767130.1623681345&tid=UA-74206600-4&_gid=2128594715.1623681345&_r=1&gtm=2ou690&z=1033542207
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://study.pocketprep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 14:35:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://study.pocketprep.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
sentry.io/api/2689302/envelope/
2 B
410 B
Fetch
General
Full URL
https://sentry.io/api/2689302/envelope/?sentry_key=6922ae0f080c47ae913175a5faabd587&sentry_version=7
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/js/chunk-vendors.d54011fd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
15.42.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://study.pocketprep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 14 Jun 2021 14:35:48 GMT
vary
Origin
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/json
access-control-allow-origin
https://study.pocketprep.com
access-control-expose-headers
retry-after, x-sentry-rate-limits, x-sentry-error
x-envoy-upstream-service-time
0
Connection
keep-alive
Content-Length
2
collect
www.google-analytics.com/j/
1 B
112 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1045012786&t=pageview&_s=2&dl=https%3A%2F%2Fstudy.pocketprep.com%2Fsettings&dp=%2Fsettings&ul=en-us&de=UTF-8&dt=Pocket%20Prep&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GBAAUABAAAAAC~&jid=1138145009&gjid=1898358573&cid=1502767130.1623681345&tid=UA-74206600-4&_gid=2128594715.1623681345&_r=1&gtm=2ou690&z=1734293414
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/js/chunk-vendors.d54011fd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://study.pocketprep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 14:35:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://study.pocketprep.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
sentry.io/api/2689302/envelope/
2 B
410 B
Fetch
General
Full URL
https://sentry.io/api/2689302/envelope/?sentry_key=6922ae0f080c47ae913175a5faabd587&sentry_version=7
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/js/chunk-vendors.d54011fd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
15.42.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://study.pocketprep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 14 Jun 2021 14:35:48 GMT
vary
Origin
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/json
access-control-allow-origin
https://study.pocketprep.com
access-control-expose-headers
retry-after, x-sentry-error, x-sentry-rate-limits
x-envoy-upstream-service-time
0
Connection
keep-alive
Content-Length
2
/
sentry.io/api/2689302/envelope/
2 B
410 B
Fetch
General
Full URL
https://sentry.io/api/2689302/envelope/?sentry_key=6922ae0f080c47ae913175a5faabd587&sentry_version=7
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/js/chunk-vendors.d54011fd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
15.42.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://study.pocketprep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 14 Jun 2021 14:35:48 GMT
vary
Origin
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/json
access-control-allow-origin
https://study.pocketprep.com
access-control-expose-headers
x-sentry-rate-limits, x-sentry-error, retry-after
x-envoy-upstream-service-time
0
Connection
keep-alive
Content-Length
2
m-outer-ff599b5032b79ea1f89ba5416bea26e6.html
js.stripe.com/v3/ Frame B318
215 B
536 B
Document
General
Full URL
https://js.stripe.com/v3/m-outer-ff599b5032b79ea1f89ba5416bea26e6.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
544e7b0ddaba3404a327d068cfca2f3000e385102c042323909c636cf6bdca0e
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/m-outer-ff599b5032b79ea1f89ba5416bea26e6.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://study.pocketprep.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://study.pocketprep.com/

Response headers

x-amz-id-2
ze5yxht0XBTTs/PsvO6QOG69Bk23FR1sQTZbbH9qHLz0J7qfhrAvbIBXnvq6Dj+wW8iZnuisPPs=
x-amz-request-id
AWCTKJHBFSCNN7V8
last-modified
Tue, 01 Jun 2021 22:25:38 GMT
etag
"ff599b5032b79ea1f89ba5416bea26e6"
cache-control
public, max-age=300
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
br
accept-ranges
bytes
date
Mon, 14 Jun 2021 14:35:47 GMT
via
1.1 varnish
age
295
x-served-by
cache-hhn4026-HHN
x-cache
HIT
x-cache-hits
866
vary
Accept-Encoding
access-control-allow-origin
*
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-security-policy
connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length
130
update.min.js
browser-update.org/
9 KB
4 KB
Script
General
Full URL
https://browser-update.org/update.min.js
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/settings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:459c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a0f5c601831f5a644145b3ec16b6514f6915b9c70d962654b2f6219de558227

Request headers

Referer
https://study.pocketprep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 14:35:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 09 May 2021 07:17:46 GMT
server
cloudflare
age
717298
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=IRTU30%2FKqJ8KHf6FicDfvP2e3SSf4BLG%2BEBrDk5S3xHADIOiu87rpKpTYD8ktDeTxfTVyrHWsfvMTwCyzPc8Pse9tnuSuwtW6QUkjkoOUSVaAJDcEvIMYBA2I0jHFo0X38HupaY2gsMsgzo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
65f44988cb640ea7-FRA
cf-request-id
0aac8c497d00000ea7da956000000001
expires
Mon, 07 Jun 2021 07:20:49 GMT
m-outer-b8cbec1166aab48d1e5a12e8ab272ac1.js
js.stripe.com/v3/fingerprinted/js/ Frame B318
1 KB
843 B
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-b8cbec1166aab48d1e5a12e8ab272ac1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-ff599b5032b79ea1f89ba5416bea26e6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
691b9a514dcd9541c4d3fa26dc23c391eaf00535415d84f9cda5f910fe721840
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://js.stripe.com/v3/m-outer-ff599b5032b79ea1f89ba5416bea26e6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 14:35:48 GMT
content-encoding
br
vary
Accept-Encoding
age
145
via
1.1 varnish
x-cache
HIT
content-length
637
x-amz-id-2
7a+5crxn5dEqb9yCv+ULS8dfY4HbOCxCj4TrourABXca37xiWRqQ9tjH1ox41l6lRZiegPzyHV8=
x-served-by
cache-hhn4026-HHN
timing-allow-origin
*
last-modified
Tue, 01 Jun 2021 22:25:35 GMT
server
AmazonS3
etag
"78581b5abad6c4e7b59c0f8ee45a8134"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
J93YCFA0N7H6E5N7
access-control-allow-origin
*
cache-control
public, max-age=300
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
456
inner.html
m.stripe.network/ Frame 9678
932 B
987 B
Document
General
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-b8cbec1166aab48d1e5a12e8ab272ac1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
52fb9ace8bb7e59f6fc283763ce819175a60e566d7248f5de82b4d00d6b14c7d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
m.stripe.network
:scheme
https
:path
/inner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://js.stripe.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js.stripe.com/

Response headers

server
nginx
content-type
text/html; charset=utf-8
last-modified
Thu, 20 May 2021 17:57:41 GMT
etag
W/"60a6a315-3a4"
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
public, max-age=300
timing-allow-origin
*
content-security-policy
default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
date
Mon, 14 Jun 2021 14:35:48 GMT
age
119
x-served-by
cache-sea4465-SEA, cache-hhn4026-HHN
x-cache
HIT, HIT
x-cache-hits
2, 456
x-timer
S1623681348.036253,VS0,VE0
vary
Accept-Encoding
content-length
537
out-4.5.35.js
m.stripe.network/ Frame 9678
85 KB
18 KB
Script
General
Full URL
https://m.stripe.network/out-4.5.35.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
847a624eddae67f7b34622fa6e6329228d5ce6dbd5ccb13f993969a63f53b6bb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
etag
W/"60a6a315-153a9"
age
108
x-cache
HIT, HIT
content-length
18319
x-served-by
cache-sea4446-SEA, cache-hhn4026-HHN
last-modified
Thu, 20 May 2021 17:57:41 GMT
server
nginx
x-timer
S1623681348.062522,VS0,VE0
date
Mon, 14 Jun 2021 14:35:48 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=300
content-security-policy
default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 399
shim.latest.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/vtm81di8
  • https://js.intercomcdn.com/shim.latest.js
18 KB
6 KB
Script
General
Full URL
https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.2.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-2-40.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
036d73633011531bb48ac2b5a7e0bb78b0c08b04a77ed93a7a6a7dd8df5afbf7

Request headers

Referer
https://study.pocketprep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 14 Jun 2021 14:31:23 GMT
content-encoding
gzip
last-modified
Fri, 11 Jun 2021 10:16:18 GMT
server
AmazonS3
age
266
etag
"3c59b92a1fe6356ce6025bec8be3c0ca"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 3d4555926457517be3e728d2175d92a3.cloudfront.net (CloudFront)
cache-control
max-age=300, s-maxage=300, public
x-amz-cf-pop
VIE50-C2
accept-ranges
bytes
content-length
5924
x-amz-cf-id
zbtWmLxCCSwM-89BMlI4rv9Xhzbcp3UCLto4Rhpnlqu-NdmYg_WExQ==

Redirect headers

date
Thu, 29 Apr 2021 13:39:15 GMT
via
1.1 93f2a781416975f99355acc4c81d60d2.cloudfront.net (CloudFront)
server
AmazonS3
age
3977794
x-cache
Hit from cloudfront
location
https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop
VIE50-C1
content-length
0
x-amz-cf-id
mq3xAcX6sYmmk-IDM65Os5V4wJ7pJtpFuz0Q0GtKlw8XTMhkRTLB7g==
6
m.stripe.com/ Frame 9678
156 B
518 B
XHR
General
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.35.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.40.208.215 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-40-208-215.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
3fab7d67d8b5d3846e3de02f8afd4722f749aa1337e7bfe1c0765e4c7577f2a3
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 14 Jun 2021 14:35:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
strict-transport-security
max-age=31556926; includeSubDomains; preload
access-control-allow-headers
Content-Type
frame-modern.fa636a68.js
js.intercomcdn.com/ Frame 24FE
249 KB
67 KB
Script
General
Full URL
https://js.intercomcdn.com/frame-modern.fa636a68.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/vtm81di8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.2.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-2-40.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4a9e04b4ce7884f9418b7c1638fecf5cc90bc0fd39c465eeff69c59b1d6f80ad

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 14 Jun 2021 13:39:50 GMT
content-encoding
gzip
last-modified
Fri, 11 Jun 2021 10:09:10 GMT
server
AmazonS3
age
3359
etag
"e6d129627ad23227b55b9c348257e73f"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 3d4555926457517be3e728d2175d92a3.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
VIE50-C2
accept-ranges
bytes
content-length
68380
x-amz-cf-id
6sQ_mwrWzS8kJ7wl5nCQDxfd01ev6kCJatJTy_uLFyaFYsrmYriNLQ==
vendor-modern.e2013c7e.js
js.intercomcdn.com/ Frame 24FE
124 KB
38 KB
Script
General
Full URL
https://js.intercomcdn.com/vendor-modern.e2013c7e.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/vtm81di8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.2.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-2-40.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0be010567f3e29340348657834743efb5ef0d2a6467b8eadecdbd55a6c8e479c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 14 Jun 2021 12:36:27 GMT
content-encoding
gzip
last-modified
Tue, 18 May 2021 10:13:24 GMT
server
AmazonS3
age
7162
etag
"1ef6c442c2b1371cba83d3191f36dcb9"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 3d4555926457517be3e728d2175d92a3.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
VIE50-C2
accept-ranges
bytes
content-length
38340
x-amz-cf-id
wBax6BqHrPthnyjzX0FLyOdrbFMdxdIrK6tTf1Fj_Mf5J-AyU9qTng==
ping
api-iam.intercom.io/messenger/web/ Frame 24FE
5 KB
2 KB
XHR
General
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.fa636a68.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.88.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad8b87a22ce463223.awsglobalaccelerator.com
Software
nginx /
Resource Hash
a3ad37dda825cc5981ef7948bdb8feb236bbc0926260ce8fd53cf4c824c2fe3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 14 Jun 2021 14:35:49 GMT
content-encoding
gzip
x-ami-version
ami-0c4976b2f5f1700d2
status
200 OK
strict-transport-security
max-age=31556952; includeSubDomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
0005mbiau21buio7sc3g
x-runtime
0.378529
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"a3ad37dda825cc5981ef7948bdb8feb2"
x-ratelimit-remaining
13330
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://study.pocketprep.com
x-intercom-version
cf8f79cc4445ab95b645792084de23c0a6b03f69
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-ratelimit-reset
1623681350
x-ratelimit-limit
13333
access-control-allow-headers
Content-Type
x-content-type-options
nosniff
vendors~app-modern.05ffab01.js
js.intercomcdn.com/ Frame 24FE
323 KB
97 KB
Script
General
Full URL
https://js.intercomcdn.com/vendors~app-modern.05ffab01.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.fa636a68.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.2.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-2-40.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
141b42638c7fa1e8ddb481bec80220cc1e1ad3bae6b2d73e4a2deaa8006b5387

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 14 Jun 2021 12:51:17 GMT
content-encoding
gzip
last-modified
Wed, 02 Jun 2021 14:43:42 GMT
server
AmazonS3
age
6278
etag
"ec728500a396d004d3910e2a25c1a187"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 3d4555926457517be3e728d2175d92a3.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
VIE50-C2
accept-ranges
bytes
content-length
98674
x-amz-cf-id
P096Cfj7ho-aywP1nFb-GtzToclNRn3mbByBUQ9PKk-9LtcNDx35MA==
app-modern.b83f76e1.js
js.intercomcdn.com/ Frame 24FE
597 KB
147 KB
Script
General
Full URL
https://js.intercomcdn.com/app-modern.b83f76e1.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.fa636a68.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.2.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-2-40.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3e81a266983ee736d2a79db77685ad57c695f71e5697671b7bc0831f73ced0ab

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 14 Jun 2021 14:16:26 GMT
content-encoding
gzip
last-modified
Fri, 11 Jun 2021 10:09:10 GMT
server
AmazonS3
age
1170
etag
"8354a499fdb66b8d2d854fb29684e59a"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 3d4555926457517be3e728d2175d92a3.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
VIE50-C2
accept-ranges
bytes
content-length
149909
x-amz-cf-id
1_YIUe3dc6dw5_OSdHnPM8hpBO3I-Jl1UK0PyUqDyMDKQG5r9TCuXw==

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| __webpackStripeJSv3Jsonp function| Stripe string| TapfiliateObject function| tap function| gtag object| dataLayer object| intercomSettings function| Intercom object| $buoop function| $buo_f object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| urlParams object| webpackJsonp object| regeneratorRuntime object| __SENTRY__ object| FontAwesomeConfig object| ___FONT_AWESOME___ function| Color function| Chart object| $bu_ function| $buo function| $bu_getBrowser object| _buorgres function| __intercomAssignLocation

1 Cookies

Domain/Path Name / Value
.pocketprep.com/ Name: _gat_gtag_UA_74206600_4
Value: 1

1 Console Messages

Source Level URL
Text
console-api error URL: https://study.pocketprep.com/js/chunk-vendors.d54011fd.js(Line 142)
Message:
TypeError: Cannot read property 'getItem' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
browser-update.org
fonts.googleapis.com
js.intercomcdn.com
js.stripe.com
link.team.pocketprep.com
m.stripe.com
m.stripe.network
pocketprep.com
script.tapfiliate.com
sentry.io
study.pocketprep.com
widget.intercom.io
www.google-analytics.com
www.googletagmanager.com
13.32.2.40
13.32.2.85
151.101.112.176
2600:9000:2156:ec00:4:a185:a240:93a1
2606:4700:20::ac43:459c
2606:4700:3031::ac43:879d
2a00:1450:4001:803::2008
2a00:1450:4001:811::200a
2a00:1450:4001:812::200e
2a00:1450:4001:829::200e
35.188.42.15
52.40.208.215
54.161.241.46
75.2.88.188
99.86.241.19
036d73633011531bb48ac2b5a7e0bb78b0c08b04a77ed93a7a6a7dd8df5afbf7
0be010567f3e29340348657834743efb5ef0d2a6467b8eadecdbd55a6c8e479c
141b42638c7fa1e8ddb481bec80220cc1e1ad3bae6b2d73e4a2deaa8006b5387
14ad728d76acbee02ed51cf76777495b184e9e848b2aa800b3aaf10cf7465f46
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
371c816e18d9718d532ba9af2450413fd79fbe92796c6fd097abe8f7bede60df
3e81a266983ee736d2a79db77685ad57c695f71e5697671b7bc0831f73ced0ab
3fab7d67d8b5d3846e3de02f8afd4722f749aa1337e7bfe1c0765e4c7577f2a3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4a9e04b4ce7884f9418b7c1638fecf5cc90bc0fd39c465eeff69c59b1d6f80ad
50401c15c35fe6a9162e0292ef08ad57417fbc36327702ea1b7d0e282c97db2c
52fb9ace8bb7e59f6fc283763ce819175a60e566d7248f5de82b4d00d6b14c7d
544e7b0ddaba3404a327d068cfca2f3000e385102c042323909c636cf6bdca0e
57dd0b954432e4d6950458863a3b255a3898a5784c359578d834f119d6aac60e
67acd0d0b78e809fb1151589486fb486fe4aafaca0e6b1627db827750013647d
691b9a514dcd9541c4d3fa26dc23c391eaf00535415d84f9cda5f910fe721840
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
75cdd0cd8782116ba8444dabd993758b1b349843584c9631f4f24a4295b98940
847a624eddae67f7b34622fa6e6329228d5ce6dbd5ccb13f993969a63f53b6bb
8a0f5c601831f5a644145b3ec16b6514f6915b9c70d962654b2f6219de558227
a0f38db37d123e173b758857da2b473e666f34df4cf78db14b6409eb1a995979
a3ad37dda825cc5981ef7948bdb8feb236bbc0926260ce8fd53cf4c824c2fe3d
b19bfd2c65f89db2d001472a3031fa2237d209cefa3c5e9a8b4e9390bddece9e
c396dd721c8f0a0c26522807b8e06f77402599674004b4e70318ebd9958a1e82