Submitted URL: http://study.pocketprep.com/
Effective URL: https://study.pocketprep.com/
Submission: On November 28 via api from US — Scanned from DE

Summary

This website contacted 20 IPs in 3 countries across 15 domains to perform 49 HTTP transactions. The main IP is 216.24.57.253, located in Sweden and belongs to RENDER, US. The main domain is study.pocketprep.com. The Cisco Umbrella rank of the primary domain is 726288.
TLS certificate: Issued by E1 on October 30th 2023. Valid for: 3 months.
This is the only time study.pocketprep.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 216.24.57.253 397273 (RENDER)
3 108.138.36.74 16509 (AMAZON-02)
1 108.138.36.15 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 35.186.249.72 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 34.120.195.249 396982 (GOOGLE-CL...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 54.187.119.242 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
2 151.101.192.176 54113 (FASTLY)
2 44.238.254.194 16509 (AMAZON-02)
2 3.228.185.195 14618 (AMAZON-AES)
1 99.84.88.124 16509 (AMAZON-02)
3 34.102.193.164 396982 (GOOGLE-CL...)
4 35.193.143.25 396982 (GOOGLE-CL...)
2 99.84.88.63 16509 (AMAZON-02)
1 34.206.254.231 14618 (AMAZON-AES)
49 20
Apex Domain
Subdomains
Transfer
12 pocketprep.com
study.pocketprep.com — Cisco Umbrella Rank: 726288
api.pocketprep.com — Cisco Umbrella Rank: 435445
2 MB
8 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1287
q.stripe.com — Cisco Umbrella Rank: 7148
m.stripe.com — Cisco Umbrella Rank: 1249
143 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2462
22 KB
4 es.io
02267bab2da349af88ebdb936d687066.apm.us-central1.gcp.cloud.es.io — Cisco Umbrella Rank: 770851
101 B
3 leanplum.com
api.leanplum.com — Cisco Umbrella Rank: 9561
964 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
192 KB
2 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2317
274 KB
2 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 1771
api-iam.intercom.io — Cisco Umbrella Rank: 2191
6 KB
2 sprig.com
api.sprig.com — Cisco Umbrella Rank: 4514
681 B
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1354
16 KB
1 browser-update.org
browser-update.org — Cisco Umbrella Rank: 7487
5 KB
1 sentry.io
o354983.ingest.sentry.io — Cisco Umbrella Rank: 840173
333 B
1 impactcdn.com
utt.impactcdn.com — Cisco Umbrella Rank: 3163
14 KB
1 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2260
1 tapfiliate.com
script.tapfiliate.com — Cisco Umbrella Rank: 33924
4 KB
49 15
Domain Requested by
8 study.pocketprep.com 1 redirects study.pocketprep.com
5 www.google-analytics.com www.googletagmanager.com
study.pocketprep.com
4 02267bab2da349af88ebdb936d687066.apm.us-central1.gcp.cloud.es.io study.pocketprep.com
4 api.pocketprep.com study.pocketprep.com
3 api.leanplum.com study.pocketprep.com
3 q.stripe.com study.pocketprep.com
3 www.googletagmanager.com study.pocketprep.com
www.googletagmanager.com
3 js.stripe.com study.pocketprep.com
js.stripe.com
2 js.intercomcdn.com widget.intercom.io
2 api.sprig.com study.pocketprep.com
2 m.stripe.com m.stripe.network
2 m.stripe.network js.stripe.com
m.stripe.network
2 region1.google-analytics.com www.googletagmanager.com
1 api-iam.intercom.io js.intercomcdn.com
1 widget.intercom.io study.pocketprep.com
1 browser-update.org study.pocketprep.com
1 o354983.ingest.sentry.io study.pocketprep.com
1 utt.impactcdn.com study.pocketprep.com
1 script.crazyegg.com study.pocketprep.com
1 script.tapfiliate.com study.pocketprep.com
49 20

This site contains no links.

Subject Issuer Validity Valid
study.pocketprep.com
E1
2023-10-30 -
2024-01-28
3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2023-10-30 -
2024-01-25
3 months crt.sh
backend.tapfiliate.com
Amazon RSA 2048 M01
2023-10-04 -
2024-11-02
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-03-09 -
2024-03-08
a year crt.sh
utt.impactcdn.com
GTS CA 1D4
2023-11-07 -
2024-02-05
3 months crt.sh
api.pocketprep.com
E1
2023-10-30 -
2024-01-28
3 months crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-11-02 -
2024-12-02
a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-10-09 -
2024-01-18
3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1
2023-10-05 -
2024-01-18
3 months crt.sh
istio-gateway.sprig.com
Amazon RSA 2048 M01
2023-05-23 -
2024-06-20
a year crt.sh
*.intercom.com
Amazon RSA 2048 M02
2023-02-14 -
2024-03-14
a year crt.sh
*.leanplum.com
Sectigo RSA Domain Validation Secure Server CA
2023-11-08 -
2024-12-08
a year crt.sh
*.us-central1.gcp.elastic-cloud.com
R3
2023-10-09 -
2024-01-07
3 months crt.sh
*.intercomcdn.com
Amazon RSA 2048 M01
2023-02-21 -
2024-01-29
a year crt.sh

This page contains 4 frames:

Primary Page: https://study.pocketprep.com/
Frame ID: 3D6A98FCDB534C61904F0BB86AFD4B21
Requests: 38 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 84F1AA11CDF86FD67008F7CBFB2E53ED
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: C9EF83A8471F5A3636CAC0C0086C6BEB
Requests: 5 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.c232aefb.js
Frame ID: F3EB62DCB537559FB8583A8BA85F03B2
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Sign In | Pocket Prep

Page URL History Show full URLs

  1. http://study.pocketprep.com/ HTTP 301
    https://study.pocketprep.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

49
Requests

100 %
HTTPS

26 %
IPv6

15
Domains

20
Subdomains

20
IPs

3
Countries

2833 kB
Transfer

7488 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://study.pocketprep.com/ HTTP 301
    https://study.pocketprep.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
study.pocketprep.com/
Redirect Chain
  • http://study.pocketprep.com/
  • https://study.pocketprep.com/
6 KB
2 KB
Document
General
Full URL
https://study.pocketprep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.24.57.253 , Sweden, ASN397273 (RENDER, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
311cf85a79b213b3e726fab4306e5f21aa1829dbcdc1690c3702c6407ac1083c
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.pocketprep.com
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0
cf-cache-status
DYNAMIC
cf-ray
82d56bde6d403673-FRA
content-encoding
br
content-security-policy
frame-ancestors *.pocketprep.com
content-type
text/html; charset=UTF-8
date
Tue, 28 Nov 2023 20:39:38 GMT
etag
W/"176a-18bd9f2fbf0"
last-modified
Thu, 16 Nov 2023 21:04:22 GMT
rndr-id
ce81440d-e8d0-4c69
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-powered-by
Express
x-render-origin-server
Render

Redirect headers

CF-Cache-Status
DYNAMIC
CF-Ray
82d56bdbc89d1e6e-FRA
Connection
keep-alive
Content-Length
64
Content-Type
text/html; charset=utf-8
Date
Tue, 28 Nov 2023 20:39:37 GMT
Location
https://study.pocketprep.com/
Server
cloudflare
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
/
js.stripe.com/v3/
556 KB
137 KB
Script
General
Full URL
https://js.stripe.com/v3/
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-74.muc50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
16125b67dd44a6df2eadad443e941af6085d45a67fad4421f2160d92fe605278
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://study.pocketprep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 20:39:38 GMT
content-encoding
br
via
1.1 91220e34cbdd95f669dbfd83e711fee6.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
54
x-amz-cf-pop
MUC50-P2
x-cache
Hit from cloudfront
last-modified
Tue, 21 Nov 2023 22:18:19 GMT
server
Cloudfront
etag
W/"e28d4375fad3ffbfb5f7bdf0303a2787"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
M-qX5JMv2iQ8Mh5SW51heBqUs8Xdsvf-9lzMQ71g8XkDYHgWFlR1tA==
tapfiliate.js
script.tapfiliate.com/
11 KB
4 KB
Script
General
Full URL
https://script.tapfiliate.com/tapfiliate.js
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-15.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
44798a517a7c8d28c1e371a1b8b869bae1608bd48df7ed50800cbed8703612c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://study.pocketprep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 02:01:41 GMT
content-encoding
gzip
via
1.1 f52fb277cecd3d7de14d996c1f683de2.cloudfront.net (CloudFront)
last-modified
Wed, 12 Oct 2022 12:34:24 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
67097
etag
W/"ddbb39a9e8e67d5067145f8aa76b938d"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
eTA2B3ROZggS2_wnOZfksIcHPuSPUcpdks_ctEaJfIqJzQ7hN70sAw==
index-34c20ef9.js
study.pocketprep.com/assets/
4 MB
2 MB
Script
General
Full URL
https://study.pocketprep.com/assets/index-34c20ef9.js
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.24.57.253 , Sweden, ASN397273 (RENDER, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a0c4db33c3ff16e6dc3830bdf17e4cc140e8f4dfa96d81895fc97150ddea2ab7
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.pocketprep.com
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://study.pocketprep.com/
Origin
https://study.pocketprep.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 20:39:38 GMT
content-security-policy
frame-ancestors *.pocketprep.com
content-encoding
br
cf-cache-status
DYNAMIC
rndr-id
76d57a62-eb40-4ed3
x-powered-by
Express
x-render-origin-server
Render
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 16 Nov 2023 21:04:22 GMT
server
cloudflare
etag
W/"427948-18bd9f2fbf0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
cf-ray
82d56bdfbeac3673-FRA
index-6adde5e9.css
study.pocketprep.com/assets/
400 KB
60 KB
Stylesheet
General
Full URL
https://study.pocketprep.com/assets/index-6adde5e9.css
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.24.57.253 , Sweden, ASN397273 (RENDER, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6adde5e9c6dd67dba2dfc2c973bd3d6ce86dc4d8154f4376dc0067705c76e1b2
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.pocketprep.com
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://study.pocketprep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 20:39:38 GMT
content-security-policy
frame-ancestors *.pocketprep.com
content-encoding
br
cf-cache-status
DYNAMIC
rndr-id
71b5e182-af9a-44f3
x-powered-by
Express
x-render-origin-server
Render
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 16 Nov 2023 21:04:22 GMT
server
cloudflare
etag
W/"63e8f-18bd9f2fbf0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
cf-ray
82d56bdfbeaa3673-FRA
js
www.googletagmanager.com/gtag/
132 KB
51 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-74206600-7
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0edd74b9540c45379c1cfb83ed8b6c39871aa35bc68e087856dc9f4ed0e12f44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://study.pocketprep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 20:39:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
51431
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 28 Nov 2023 20:39:38 GMT
gtm.js
www.googletagmanager.com/
157 KB
57 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W6D2M8H
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
578039ed9a518894772ff0cc5af8a9df60a51f5e1b9815ce9ba20a97e7468978
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://study.pocketprep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 20:39:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58602
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 28 Nov 2023 20:39:38 GMT
5158.js
script.crazyegg.com/pages/scripts/0114/
0
0
Script
General
Full URL
https://script.crazyegg.com/pages/scripts/0114/5158.js
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://study.pocketprep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 20:39:39 GMT
cf-cache-status
EXPIRED
last-modified
Tue, 28 Nov 2023 20:39:38 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, s-maxage=86400
cf-ray
82d56be2998e2be2-FRA
content-length
0
A4097096-9b4f-412a-b9c8-27c35eb11b5a1.js
utt.impactcdn.com/
43 KB
14 KB
Script
General
Full URL
https://utt.impactcdn.com/A4097096-9b4f-412a-b9c8-27c35eb11b5a1.js
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
72.249.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
de006b9160fb802ca93b67d7560245af752fdb7e1828b4d48cde0986bcc7af99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://study.pocketprep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 20:39:38 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ABPtcPq_Y_6LhuBFwX08mIigKNE7dOjLVCA9_m5nWJrJ1Sm8FOHG7C_KdRjLri_pVSO8xtSXFqS0PhzT76qYzs9TlPqJJMnl5L4W
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13875
last-modified
Wed, 24 May 2023 19:41:45 GMT
server
UploadServer
etag
"6508a0565b0f4782fa20bcb29b950b95"
vary
Accept-Encoding
x-goog-generation
1684957305342852
x-goog-hash
crc32c=/AQLQw==, md5=ZQigVlsPR4L6ILyym5ULlQ==
access-control-allow-origin
*
content-type
text/javascript; charset=utf-8
cache-control
public,max-age=900,s-maxage=300
x-goog-stored-content-length
13875
accept-ranges
bytes
expires
Tue, 28 Nov 2023 20:44:38 GMT
js
www.googletagmanager.com/gtag/
242 KB
84 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-02T845ZJWL&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-74206600-7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c9f069525baa1df374204c88123c09ca1855552b4c33f7c223e44080c99b15a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://study.pocketprep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 20:39:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85759
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 28 Nov 2023 20:39:38 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-74206600-7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://study.pocketprep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 28 Nov 2023 19:49:38 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3000
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 28 Nov 2023 21:49:38 GMT
Bundle
api.pocketprep.com/api/classes/ Frame
0
0
Preflight
General
Full URL
https://api.pocketprep.com/api/classes/Bundle
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.24.57.253 , Sweden, ASN397273 (RENDER, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
traceparent,tracestate
Access-Control-Request-Method
POST
Origin
https://study.pocketprep.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
X-Parse-Master-Key, X-Parse-REST-API-Key, X-Parse-Javascript-Key, X-Parse-Application-Id, X-Parse-Client-Version, X-Parse-Session-Token, X-Requested-With, X-Parse-Revocable-Session, X-Parse-Request-Id, Content-Type, Pragma, Cache-Control, tracestate, traceparent
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
X-Parse-Job-Status-Id, X-Parse-Push-Status-Id
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82d56be5dbc52bf8-FRA
content-encoding
br
content-type
text/plain; charset=utf-8
date
Tue, 28 Nov 2023 20:39:39 GMT
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
rndr-id
a9fafdd7-3cc2-475a
server
cloudflare
vary
Accept-Encoding
x-powered-by
Express
x-render-origin-server
Render
ExamMetadata
api.pocketprep.com/api/classes/ Frame
0
0
Preflight
General
Full URL
https://api.pocketprep.com/api/classes/ExamMetadata
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.24.57.253 , Sweden, ASN397273 (RENDER, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
traceparent,tracestate
Access-Control-Request-Method
POST
Origin
https://study.pocketprep.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
X-Parse-Master-Key, X-Parse-REST-API-Key, X-Parse-Javascript-Key, X-Parse-Application-Id, X-Parse-Client-Version, X-Parse-Session-Token, X-Requested-With, X-Parse-Revocable-Session, X-Parse-Request-Id, Content-Type, Pragma, Cache-Control, tracestate, traceparent
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
X-Parse-Job-Status-Id, X-Parse-Push-Status-Id
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82d56be5dbc42bf8-FRA
content-encoding
br
content-type
text/plain; charset=utf-8
date
Tue, 28 Nov 2023 20:39:39 GMT
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
rndr-id
7b382b6d-8ceb-405f
server
cloudflare
vary
Accept-Encoding
x-powered-by
Express
x-render-origin-server
Render
/
o354983.ingest.sentry.io/api/5683021/envelope/
2 B
333 B
Fetch
General
Full URL
https://o354983.ingest.sentry.io/api/5683021/envelope/?sentry_key=032c61e917284f32803cd5a84fcba4e0&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.44.2
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://study.pocketprep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 28 Nov 2023 20:39:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
3
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
truncated
/
17 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2515ccb98ce975359deef37683f096f610ff5d76cf9d97b85dd2da0255d2b81

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
17 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d701c8fc862918cf65105a74801e662a4272cc8c9db3696b1a3b02c65587c50

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
18 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1559e1a83d1b1f8bbd61d84cc393ecce14949af1b494b77f89e6c7a878207968

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
18 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b88be5f6bae2daf4d8b37f1b07f1c82d76567e6fc5a6ddbcb3264fcec429b679

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
17 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e01150c170b5cf8104ddcb5248dd6e07597c9272b17a7d9744fa32b9edc769bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
18 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a25f8e2c86b5caf2c3d875885d701d2c0711bd9162a8d9578d558873617f468a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
Bundle
api.pocketprep.com/api/classes/
17 KB
3 KB
XHR
General
Full URL
https://api.pocketprep.com/api/classes/Bundle
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/assets/index-34c20ef9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.24.57.253 , Sweden, ASN397273 (RENDER, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b5aabd5469196b8ba212e36b9ddb11bbd72ff1e841e9e5300a73773d8a28b688

Request headers

Referer
https://study.pocketprep.com/
tracestate
es=s:1
traceparent
00-5faa00982b1478991ede61a42b9b6c33-7a866a1c085c62a6-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Nov 2023 20:39:39 GMT
x-render-origin-server
Render
content-encoding
br
cf-cache-status
DYNAMIC
rndr-id
b49d1914-50e6-4372
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
W/"42b2-0ZDaP5/c1RUPbhFPWP1ZCQotjJw"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Parse-Job-Status-Id, X-Parse-Push-Status-Id
cf-ray
82d56be71d5b2bf8-FRA
access-control-allow-headers
X-Parse-Master-Key, X-Parse-REST-API-Key, X-Parse-Javascript-Key, X-Parse-Application-Id, X-Parse-Client-Version, X-Parse-Session-Token, X-Requested-With, X-Parse-Revocable-Session, X-Parse-Request-Id, Content-Type, Pragma, Cache-Control, tracestate, traceparent
muli-700-f1a5a314.woff2
study.pocketprep.com/assets/
17 KB
17 KB
Font
General
Full URL
https://study.pocketprep.com/assets/muli-700-f1a5a314.woff2
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/assets/index-6adde5e9.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.24.57.253 , Sweden, ASN397273 (RENDER, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f1a5a314f2b48700b2a7196174fe0b7e86150e94868d6104443f703c2ddb8340
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.pocketprep.com
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://study.pocketprep.com/assets/index-6adde5e9.css
Origin
https://study.pocketprep.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 20:39:39 GMT
content-security-policy
frame-ancestors *.pocketprep.com
cf-cache-status
DYNAMIC
rndr-id
5c75acbb-d87b-406e
x-powered-by
Express
x-render-origin-server
Render
alt-svc
h3=":443"; ma=86400
content-length
16940
last-modified
Thu, 16 Nov 2023 21:04:22 GMT
server
cloudflare
etag
W/"422c-18bd9f2fbf0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
82d56be4eac39202-FRA
muli-600-162ee14d.woff2
study.pocketprep.com/assets/
16 KB
17 KB
Font
General
Full URL
https://study.pocketprep.com/assets/muli-600-162ee14d.woff2
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/assets/index-6adde5e9.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.24.57.253 , Sweden, ASN397273 (RENDER, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
162ee14d681b89bb98ca8e192336e04113ab844b88f5da0b59f8fd7d4b5e7738
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.pocketprep.com
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://study.pocketprep.com/assets/index-6adde5e9.css
Origin
https://study.pocketprep.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 20:39:39 GMT
content-security-policy
frame-ancestors *.pocketprep.com
cf-cache-status
DYNAMIC
rndr-id
33241ee5-6a61-47c0
x-powered-by
Express
x-render-origin-server
Render
alt-svc
h3=":443"; ma=86400
content-length
16828
last-modified
Thu, 16 Nov 2023 21:04:22 GMT
server
cloudflare
etag
W/"41bc-18bd9f2fbf0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
82d56be4eac49202-FRA
burger-78562542.svg
study.pocketprep.com/assets/
1 KB
814 B
Image
General
Full URL
https://study.pocketprep.com/assets/burger-78562542.svg
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/sign-in?redirect=/study
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.24.57.253 , Sweden, ASN397273 (RENDER, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
78562542977270a92c790cc6a44a17d245393d9b8040e909ddc1b2db934ae1f0
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.pocketprep.com
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://study.pocketprep.com/sign-in?redirect=/study
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 20:39:39 GMT
content-security-policy
frame-ancestors *.pocketprep.com
content-encoding
br
cf-cache-status
DYNAMIC
rndr-id
c18fe394-478e-4906
x-powered-by
Express
x-render-origin-server
Render
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 16 Nov 2023 21:04:22 GMT
server
cloudflare
etag
W/"538-18bd9f2fbf0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=0
cf-ray
82d56be4fac79202-FRA
logo-e71728d7.svg
study.pocketprep.com/assets/
11 KB
5 KB
Image
General
Full URL
https://study.pocketprep.com/assets/logo-e71728d7.svg
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/sign-in?redirect=/study
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.24.57.253 , Sweden, ASN397273 (RENDER, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e71728d7ae02c33d2dddd5ec65c5cf744025806d53e15b5d1cc73291811f9b1d
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.pocketprep.com
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://study.pocketprep.com/sign-in?redirect=/study
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 20:39:39 GMT
content-security-policy
frame-ancestors *.pocketprep.com
content-encoding
br
cf-cache-status
DYNAMIC
rndr-id
aca5f741-0c54-4d7e
x-powered-by
Express
x-render-origin-server
Render
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 16 Nov 2023 21:04:22 GMT
server
cloudflare
etag
W/"2ada-18bd9f2fbf0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=0
cf-ray
82d56be4fac89202-FRA
ExamMetadata
api.pocketprep.com/api/classes/
418 KB
68 KB
XHR
General
Full URL
https://api.pocketprep.com/api/classes/ExamMetadata
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/assets/index-34c20ef9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.24.57.253 , Sweden, ASN397273 (RENDER, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
952566a79b0ca867e543d330b6f208a110d90668319910dfa4b581ab1bae2e31

Request headers

Referer
https://study.pocketprep.com/
tracestate
es=s:1
traceparent
00-5faa00982b1478991ede61a42b9b6c33-96ca2dda89a32436-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Nov 2023 20:39:39 GMT
x-render-origin-server
Render
content-encoding
br
cf-cache-status
DYNAMIC
rndr-id
bdd70a86-c585-4471
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
W/"68686-E/US0NXbi3QeLJ+Deu32VRsUMWQ"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Parse-Job-Status-Id, X-Parse-Push-Status-Id
cf-ray
82d56be70d4c2bf8-FRA
access-control-allow-headers
X-Parse-Master-Key, X-Parse-REST-API-Key, X-Parse-Javascript-Key, X-Parse-Application-Id, X-Parse-Client-Version, X-Parse-Session-Token, X-Requested-With, X-Parse-Revocable-Session, X-Parse-Request-Id, Content-Type, Pragma, Cache-Control, tracestate, traceparent
m-outer-27c67c0d52761104439bb051c7856ab1.html
js.stripe.com/v3/ Frame 84F1
200 B
1 KB
Document
General
Full URL
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-74.muc50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://study.pocketprep.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3510
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 28 Nov 2023 19:41:10 GMT
etag
"27c67c0d52761104439bb051c7856ab1"
last-modified
Thu, 16 Nov 2023 21:49:01 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 91220e34cbdd95f669dbfd83e711fee6.cloudfront.net (CloudFront)
x-amz-cf-id
2NYGPtgmd97oZVUVNIwEbDEqvCRvj1UHfd73StbV2rmfAosE7zhSVg==
x-amz-cf-pop
MUC50-P2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
update.min.js
browser-update.org/
9 KB
5 KB
Script
General
Full URL
https://browser-update.org/update.min.js
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc3ed6fe6c571fcd206ddc31e5bfa22aa77fad2f4ef11cf9c4ef5f3fa3e32df1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://study.pocketprep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 20:39:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2023 05:32:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2379342
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Q8pCDdBMBL%2FQKbgPNHkPMEzMF6clOPhnTcsCQBdgGHoNmJon5XePcGanEqzNbHnNyd3Rux0M5btWP4ZPA5X%2B3G9wdtLkcdxDd9qwnnUnuHMMKJGR7KJ%2FwWbWuA5svg5aN5OEZ61Zc77K%2FHavxh1qQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400
content-disposition
inline; filename=update.min.js
cf-ray
82d56be57934923b-FRA
expires
Thu, 02 Nov 2023 07:43:57 GMT
m-outer-6576085ca35ee42f2f484cda6763e4aa.js
js.stripe.com/v3/fingerprinted/js/ Frame 84F1
631 B
1 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-74.muc50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 20:20:27 GMT
via
1.1 91220e34cbdd95f669dbfd83e711fee6.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
1640
x-amz-cf-pop
MUC50-P2
x-cache
Hit from cloudfront
content-length
631
last-modified
Fri, 10 Nov 2023 21:04:40 GMT
server
Cloudfront
etag
"70cacf09ae81711ac6dcbc5ee59750c4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
PUOFnC9v3Njs0oo6Zp8UwB8dhBjrHEMtqRXKS1CLlQRPxhLZjHgHyw==
csp-report
q.stripe.com/ Frame 84F1
0
715 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 28 Nov 2023 20:39:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1701203979654538
x-envoy-upstream-service-time
6
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
3
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1701203979652226
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 84F1
0
715 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 28 Nov 2023 20:39:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1701203979656510
x-envoy-upstream-service-time
7
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1701203979652240
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
collect
www.google-analytics.com/j/
1 B
147 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2126106518&t=pageview&_s=1&dl=https%3A%2F%2Fstudy.pocketprep.com%2Fsign-in%3Fredirect%3D%2Fstudy&ul=en-us&de=UTF-8&dt=Sign%20In%20%7C%20Pocket%20Prep&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1342435131&gjid=1914722232&cid=147432880.1701203979&tid=UA-74206600-7&_gid=1038495879.1701203979&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=491796187
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/assets/index-34c20ef9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://study.pocketprep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 20:39:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://study.pocketprep.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
3 B
70 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2126106518&t=pageview&_s=1&dl=https%3A%2F%2Fstudy.pocketprep.com%2Fsign-in%3Fredirect%3D%2Fstudy&ul=en-us&de=UTF-8&dt=Sign%20In%20%7C%20Pocket%20Prep&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=864291775&gjid=2015751762&cid=147432880.1701203979&tid=UA-74206600-7&_gid=1038495879.1701203979&_r=1&_slc=1&gtm=45He3b81n81W6D2M8Hv811180196&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1283593724
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/assets/index-34c20ef9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://study.pocketprep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 20:39:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://study.pocketprep.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
194 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=2126106518&t=pageview&_s=2&dl=https%3A%2F%2Fstudy.pocketprep.com%2Fsign-in%3Fredirect%3D%2Fstudy&dp=%2F%2Fstudy&ul=en-us&de=UTF-8&dt=Sign%20In%20%7C%20Pocket%20Prep&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=&gjid=&cid=147432880.1701203979&tid=UA-74206600-7&_gid=1038495879.1701203979&gtm=457e3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=194693213
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/sign-in?redirect=/study
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://study.pocketprep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Nov 2023 21:35:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
83073
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
91 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=2126106518&t=pageview&_s=3&dl=https%3A%2F%2Fstudy.pocketprep.com%2Fsign-in%3Fredirect%3D%2Fstudy&dp=%2F%2Fsign-in%3Fredirect%3D%2Fstudy&ul=en-us&de=UTF-8&dt=Sign%20In%20%7C%20Pocket%20Prep&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=&gjid=&cid=147432880.1701203979&tid=UA-74206600-7&_gid=1038495879.1701203979&gtm=457e3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1474831128
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/sign-in?redirect=/study
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://study.pocketprep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Nov 2023 21:35:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
83073
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
257 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-02T845ZJWL&gtm=45je3b81v869163341&_p=1701203978506&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=147432880.1701203979&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1701203979&sct=1&seg=0&dl=https%3A%2F%2Fstudy.pocketprep.com%2Fsign-in%3Fredirect%3D%2Fstudy&dt=Sign%20In%20%7C%20Pocket%20Prep&en=page_view&_fv=1&_ss=1&tfd=1685
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-02T845ZJWL&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://study.pocketprep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 20:39:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://study.pocketprep.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
inner.html
m.stripe.network/ Frame C9EF
930 B
1 KB
Document
General
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
233
cache-control
max-age=300, public
content-encoding
br
content-length
540
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 28 Nov 2023 20:39:39 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
HIT
x-cache-hits
113
x-content-type-options
nosniff
x-request-id
a577ff23-ea1f-4c04-9b99-21fff2108a46
x-served-by
cache-cph2320052-CPH
x-timer
S1701203979.281649,VS0,VE0
csp-report
q.stripe.com/ Frame C9EF
0
491 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 28 Nov 2023 20:39:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1701203979654401
x-envoy-upstream-service-time
4
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
1
x-stripe-client-envoy-start-time-us
1701203979652356
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame C9EF
87 KB
15 KB
Script
General
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Tue, 28 Nov 2023 20:39:39 GMT
x-content-type-options
nosniff
content-encoding
br
via
1.1 varnish
age
251
x-cache
HIT
content-length
15509
x-request-id
3b25a8bb-b025-4830-82b2-74e2e691a66c
x-served-by
cache-cph2320052-CPH
server
Fastly
x-timer
S1701203979.333224,VS0,VE0
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
accept-ranges
bytes
x-cache-hits
114
6
m.stripe.com/ Frame C9EF
156 B
670 B
XHR
General
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.254.194 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-254-194.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
1c83e11cff4b026e56eaf78265efdcf89c08537d38f7f4be0d4ccb9dcf2cf5f2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 28 Nov 2023 20:39:39 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1701203979975754
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1701203979975441
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
config
api.sprig.com/sdk/1/environments/3nhI1T8-vLw2/ Frame
0
0
Preflight
General
Full URL
https://api.sprig.com/sdk/1/environments/3nhI1T8-vLw2/config
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.185.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-185-195.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,userleap-platform,x-ul-environment-id,x-ul-installation-method,x-ul-sdk-version,x-ul-visitor-id
Access-Control-Request-Method
GET
Origin
https://study.pocketprep.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
content-type,userleap-platform,x-ul-environment-id,x-ul-installation-method,x-ul-sdk-version,x-ul-visitor-id
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Tue, 28 Nov 2023 20:39:39 GMT
server
istio-envoy
timing-allow-origin
https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com
vary
Access-Control-Request-Headers
x-envoy-upstream-service-time
2
vtm81di8
widget.intercom.io/widget/
7 KB
3 KB
Script
General
Full URL
https://widget.intercom.io/widget/vtm81di8
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-124.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c1724145fe4881cf51d8df2065cc541f2c7c292c6e51de591257e8dd47d4b7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://study.pocketprep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
vEGm0ouSSmjcIe2iCfBYqwiTmhm62x9W
content-encoding
gzip
via
1.1 7ede51d8c775deaef83b54a3beafab3c.cloudfront.net (CloudFront)
date
Tue, 28 Nov 2023 20:35:09 GMT
x-amz-cf-pop
MUC50-C1
age
274
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2705
last-modified
Tue, 28 Nov 2023 14:39:28 GMT
server
AmazonS3
etag
"a15f94a69f1cc346eb5d81bed1d6a46d"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300, s-maxage=300, public
accept-ranges
bytes
x-amz-cf-id
pZeD5ArDtJLEhieKgRAod_7iU2yx1rwe-WdGo7EigkovDj1DuBqaFw==
config
api.sprig.com/sdk/1/environments/3nhI1T8-vLw2/
313 B
681 B
Fetch
General
Full URL
https://api.sprig.com/sdk/1/environments/3nhI1T8-vLw2/config
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/assets/index-34c20ef9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.185.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-185-195.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
5deb5c4b2649203aba6f751346a65dcce1cb84b647e164dd4bc44c1414ce6d51

Request headers

x-ul-visitor-id
8b69cef0-22c7-42ec-b739-5cf1282b3f9e
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json
x-ul-installation-method
web-npm
Referer
https://study.pocketprep.com/
x-ul-sdk-version
2.24.10
x-ul-environment-id
3nhI1T8-vLw2
userleap-platform
web

Response headers

date
Tue, 28 Nov 2023 20:39:40 GMT
server
istio-envoy
etag
W/"139-px+gvQYk4MMOoaNf4YYpko+n8oA"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-envoy-upstream-service-time
129
timing-allow-origin
https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com
content-length
313
api
api.leanplum.com/
453 B
402 B
XHR
General
Full URL
https://api.leanplum.com/api?appId=app_606NtgbrrztUQPiSZ5V0GFK7GLgrmK3jmTgxfLvs9jg&client=js&clientKey=prod_6TxrmRCL86GcN4QMRhrZlqnTu4ZvrAv6oeOrYTCkuto&sdkVersion=1.9.0&action=multi&time=1701203979.576
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/assets/index-34c20ef9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.193.164 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
164.193.102.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
68745398f1b9e5056c83c7d9014d0be7c5e748773e2c45eba647dee7eda0e752

Request headers

Referer
https://study.pocketprep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Nov 2023 20:39:39 GMT
content-encoding
gzip
via
1.1 google
server
istio-envoy
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
*
x-envoy-upstream-service-time
203
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
api
api.leanplum.com/
181 B
365 B
XHR
General
Full URL
https://api.leanplum.com/api?appId=app_606NtgbrrztUQPiSZ5V0GFK7GLgrmK3jmTgxfLvs9jg&client=js&clientKey=prod_6TxrmRCL86GcN4QMRhrZlqnTu4ZvrAv6oeOrYTCkuto&sdkVersion=1.9.0&action=multi&time=1701203979.577
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/assets/index-34c20ef9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.193.164 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
164.193.102.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
0b1ff1396c0f0e253064d7972c7ebcc1472d6ca76d0c8191ab91dfcc1db6fd38

Request headers

Referer
https://study.pocketprep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Nov 2023 20:39:39 GMT
content-encoding
gzip
via
1.1 google
server
istio-envoy
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
*
x-envoy-upstream-service-time
67
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
events
02267bab2da349af88ebdb936d687066.apm.us-central1.gcp.cloud.es.io/intake/v2/rum/
0
40 B
Fetch
General
Full URL
https://02267bab2da349af88ebdb936d687066.apm.us-central1.gcp.cloud.es.io/intake/v2/rum/events
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/assets/index-34c20ef9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.193.143.25 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.143.193.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Content-Encoding
gzip
Referer
https://study.pocketprep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-ndjson

Response headers

access-control-allow-origin
https://study.pocketprep.com
date
Tue, 28 Nov 2023 20:39:40 GMT
x-cloud-request-id
OvwuvoFcSS-CuwP0zyCmLQ
x-content-type-options
nosniff
x-found-handling-instance
instance-0000000009
x-found-handling-cluster
02267bab2da349af88ebdb936d687066
content-length
0
events
02267bab2da349af88ebdb936d687066.apm.us-central1.gcp.cloud.es.io/intake/v2/rum/ Frame
0
0
Preflight
General
Full URL
https://02267bab2da349af88ebdb936d687066.apm.us-central1.gcp.cloud.es.io/intake/v2/rum/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.193.143.25 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.143.193.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-encoding,content-type
Access-Control-Request-Method
POST
Origin
https://study.pocketprep.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Content-Encoding, Accept
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://study.pocketprep.com
access-control-expose-headers
Etag
access-control-max-age
3600
content-length
0
date
Tue, 28 Nov 2023 20:39:40 GMT
vary
Origin
x-cloud-request-id
bJvncpN9Sd-eQy60Eo06QA
x-content-type-options
nosniff
x-found-handling-cluster
02267bab2da349af88ebdb936d687066
x-found-handling-instance
instance-0000000009
frame-modern.c232aefb.js
js.intercomcdn.com/ Frame F3EB
514 KB
143 KB
Script
General
Full URL
https://js.intercomcdn.com/frame-modern.c232aefb.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/vtm81di8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-63.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da51284dfdb3d0175df06ad8eaaa4c6fb8ddb28baef1da2b7bf6b48bc6e03c2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
G_1_XVhL.vSfRq56_BhO1ZsFvB0cGBXu
content-encoding
gzip
via
1.1 04033844f25f5e47de102de77d8b5f4c.cloudfront.net (CloudFront)
date
Tue, 28 Nov 2023 20:39:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-C1
age
9
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
145297
last-modified
Tue, 28 Nov 2023 14:36:53 GMT
server
AmazonS3
etag
"02acf7dff13c9ac9180d2e9d2fb06f31"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
Xni8bzZVYoGjDPI6MGuQHhrNNNsi9Xmd0hV9ayXV0yrwE3-39mNmmA==
vendor-modern.689650c5.js
js.intercomcdn.com/ Frame F3EB
426 KB
131 KB
Script
General
Full URL
https://js.intercomcdn.com/vendor-modern.689650c5.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/vtm81di8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-63.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a98b0d22fb50853a6fbb1a665e510a9595d2dae5f86a5774f8f0c2f701955532
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
9tYAPQIxXteWoLaSDpXLwgSyAUpknMzo
content-encoding
gzip
via
1.1 04033844f25f5e47de102de77d8b5f4c.cloudfront.net (CloudFront)
date
Tue, 28 Nov 2023 19:45:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-C1
age
3349
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
133792
last-modified
Tue, 21 Nov 2023 15:41:26 GMT
server
AmazonS3
etag
"d0a2ac2a870e5d8e688aada7a9b12be6"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
Bru-Ut2oYJIpwUNz9yi1ApB6ysnQRseOQ6sMuKhcGCcmxG-L5SymXA==
api
api.leanplum.com/
124 B
197 B
XHR
General
Full URL
https://api.leanplum.com/api?appId=app_606NtgbrrztUQPiSZ5V0GFK7GLgrmK3jmTgxfLvs9jg&client=js&clientKey=prod_6TxrmRCL86GcN4QMRhrZlqnTu4ZvrAv6oeOrYTCkuto&sdkVersion=1.9.0&action=multi&time=1701203979.577
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/assets/index-34c20ef9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.193.164 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
164.193.102.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
dc0fe0536494f33a2ca53bb2c4865ab095d7ec75518d2ef5d216837f399bd15a

Request headers

Referer
https://study.pocketprep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Nov 2023 20:39:40 GMT
content-encoding
gzip
via
1.1 google
server
istio-envoy
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
*
x-envoy-upstream-service-time
51
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ping
api-iam.intercom.io/messenger/web/ Frame F3EB
5 KB
3 KB
XHR
General
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.c232aefb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.206.254.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-254-231.compute-1.amazonaws.com
Software
nginx /
Resource Hash
df885e17d19207746f0c0cb7ef3803f25da217e97567b77095c8bc620b343639
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 28 Nov 2023 20:39:40 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-04a854e2814815766
status
200 OK
x-xss-protection
1; mode=block
x-request-id
0000o6edmp2bn1ci5m8g
x-runtime
0.253861
server
nginx
etag
W/"df885e17d19207746f0c0cb7ef3803f2"
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://study.pocketprep.com
x-intercom-version
f01e309d51c6d50949c82504c2594b0f949581d8
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
events
02267bab2da349af88ebdb936d687066.apm.us-central1.gcp.cloud.es.io/intake/v2/rum/
0
61 B
Fetch
General
Full URL
https://02267bab2da349af88ebdb936d687066.apm.us-central1.gcp.cloud.es.io/intake/v2/rum/events
Requested by
Host: study.pocketprep.com
URL: https://study.pocketprep.com/assets/index-34c20ef9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.193.143.25 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.143.193.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Content-Encoding
gzip
Referer
https://study.pocketprep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-ndjson

Response headers

access-control-allow-origin
https://study.pocketprep.com
date
Tue, 28 Nov 2023 20:39:41 GMT
x-cloud-request-id
JxTRhO8ERgyjl3ySTtPgHA
x-content-type-options
nosniff
x-found-handling-instance
instance-0000000009
x-found-handling-cluster
02267bab2da349af88ebdb936d687066
content-length
0
events
02267bab2da349af88ebdb936d687066.apm.us-central1.gcp.cloud.es.io/intake/v2/rum/ Frame
0
0
Preflight
General
Full URL
https://02267bab2da349af88ebdb936d687066.apm.us-central1.gcp.cloud.es.io/intake/v2/rum/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.193.143.25 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.143.193.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-encoding,content-type
Access-Control-Request-Method
POST
Origin
https://study.pocketprep.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Content-Encoding, Accept
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://study.pocketprep.com
access-control-expose-headers
Etag
access-control-max-age
3600
content-length
0
date
Tue, 28 Nov 2023 20:39:40 GMT
vary
Origin
x-cloud-request-id
JO2VwYwATrqapYiknJ_T-Q
x-content-type-options
nosniff
x-found-handling-cluster
02267bab2da349af88ebdb936d687066
x-found-handling-instance
instance-0000000009
6
m.stripe.com/ Frame C9EF
156 B
669 B
XHR
General
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.254.194 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-254-194.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
1c83e11cff4b026e56eaf78265efdcf89c08537d38f7f4be0d4ccb9dcf2cf5f2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 28 Nov 2023 20:39:43 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1701203983635871
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1701203983635596
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
collect
region1.google-analytics.com/g/
0
45 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-02T845ZJWL&gtm=45je3b81v869163341&_p=1701203978506&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=147432880.1701203979&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEAI&_s=2&sid=1701203979&sct=1&seg=0&dl=https%3A%2F%2Fstudy.pocketprep.com%2Fsign-in%3Fredirect%3D%2Fstudy&dt=Sign%20In%20%7C%20Pocket%20Prep&en=scroll&epn.percent_scrolled=90&_et=3&tfd=6688
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-02T845ZJWL&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://study.pocketprep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 20:39:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://study.pocketprep.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture object| webpackChunkStripeJSouter function| noop function| Stripe function| gtag object| dataLayer object| intercomSettings function| Intercom object| $buoop function| $buo_f string| TapfiliateObject function| tap string| ire_o function| ire object| urlParams object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| elasticApm object| _lastElementInsertedByStyleLoader function| Litepicker object| __SENTRY__ object| regeneratorRuntime function| UserLeap function| Sprig boolean| __VUE__ object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady object| $bu_ function| $buo function| $bu_getBrowser object| _buorgres function| ImpactRadiusEvent object| irEvent function| __intercomAssignLocation function| __intercomReloadLocation

13 Cookies

Domain/Path Name / Value
.pocketprep.com/ Name: _gid
Value: GA1.2.1038495879.1701203979
.pocketprep.com/ Name: _gat_gtag_UA_74206600_7
Value: 1
.pocketprep.com/ Name: _gat_UA-74206600-7
Value: 1
.pocketprep.com/ Name: _ga
Value: GA1.1.147432880.1701203979
.pocketprep.com/ Name: _ga_02T845ZJWL
Value: GS1.1.1701203979.1.0.1701203979.0.0.0
.pocketprep.com/ Name: IR_gbd
Value: pocketprep.com
.pocketprep.com/ Name: IR_18999
Value: 1701203979162%7C0%7C1701203979162%7C%7C
m.stripe.com/ Name: m
Value: c09afe52-cee7-4dbe-a98d-5a71d2ae7fc6259cf3
.study.pocketprep.com/ Name: __stripe_mid
Value: f559bba9-0d50-4bc7-bd4c-8c8f8046dabf153114
.study.pocketprep.com/ Name: __stripe_sid
Value: bc10bbdc-308e-4d5e-9c88-d352c8736e19424cee
.pocketprep.com/ Name: intercom-id-vtm81di8
Value: a788519b-267c-4a1e-9297-885d1e344755
.pocketprep.com/ Name: intercom-session-vtm81di8
Value:
.pocketprep.com/ Name: intercom-device-id-vtm81di8
Value: 97b865ed-32d6-4b2f-a2e2-6a5ad87105da

2 Console Messages

Source Level URL
Text
network error URL: https://script.crazyegg.com/pages/scripts/0114/5158.js
Message:
Failed to load resource: the server responded with a status of 410 ()
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors *.pocketprep.com
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

02267bab2da349af88ebdb936d687066.apm.us-central1.gcp.cloud.es.io
api-iam.intercom.io
api.leanplum.com
api.pocketprep.com
api.sprig.com
browser-update.org
js.intercomcdn.com
js.stripe.com
m.stripe.com
m.stripe.network
o354983.ingest.sentry.io
q.stripe.com
region1.google-analytics.com
script.crazyegg.com
script.tapfiliate.com
study.pocketprep.com
utt.impactcdn.com
widget.intercom.io
www.google-analytics.com
www.googletagmanager.com
108.138.36.15
108.138.36.74
151.101.192.176
2001:4860:4802:32::36
216.24.57.253
2606:4700:20::681a:6b4
2606:4700::6813:9408
2a00:1450:4001:80b::200e
2a00:1450:4001:810::2008
3.228.185.195
34.102.193.164
34.120.195.249
34.206.254.231
35.186.249.72
35.193.143.25
44.238.254.194
54.187.119.242
99.84.88.124
99.84.88.63
0b1ff1396c0f0e253064d7972c7ebcc1472d6ca76d0c8191ab91dfcc1db6fd38
0edd74b9540c45379c1cfb83ed8b6c39871aa35bc68e087856dc9f4ed0e12f44
1559e1a83d1b1f8bbd61d84cc393ecce14949af1b494b77f89e6c7a878207968
16125b67dd44a6df2eadad443e941af6085d45a67fad4421f2160d92fe605278
162ee14d681b89bb98ca8e192336e04113ab844b88f5da0b59f8fd7d4b5e7738
1c1724145fe4881cf51d8df2065cc541f2c7c292c6e51de591257e8dd47d4b7f
1c83e11cff4b026e56eaf78265efdcf89c08537d38f7f4be0d4ccb9dcf2cf5f2
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
311cf85a79b213b3e726fab4306e5f21aa1829dbcdc1690c3702c6407ac1083c
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
3d701c8fc862918cf65105a74801e662a4272cc8c9db3696b1a3b02c65587c50
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44798a517a7c8d28c1e371a1b8b869bae1608bd48df7ed50800cbed8703612c1
578039ed9a518894772ff0cc5af8a9df60a51f5e1b9815ce9ba20a97e7468978
5deb5c4b2649203aba6f751346a65dcce1cb84b647e164dd4bc44c1414ce6d51
68745398f1b9e5056c83c7d9014d0be7c5e748773e2c45eba647dee7eda0e752
6adde5e9c6dd67dba2dfc2c973bd3d6ce86dc4d8154f4376dc0067705c76e1b2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
78562542977270a92c790cc6a44a17d245393d9b8040e909ddc1b2db934ae1f0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
952566a79b0ca867e543d330b6f208a110d90668319910dfa4b581ab1bae2e31
a0c4db33c3ff16e6dc3830bdf17e4cc140e8f4dfa96d81895fc97150ddea2ab7
a25f8e2c86b5caf2c3d875885d701d2c0711bd9162a8d9578d558873617f468a
a98b0d22fb50853a6fbb1a665e510a9595d2dae5f86a5774f8f0c2f701955532
b5aabd5469196b8ba212e36b9ddb11bbd72ff1e841e9e5300a73773d8a28b688
b88be5f6bae2daf4d8b37f1b07f1c82d76567e6fc5a6ddbcb3264fcec429b679
c9f069525baa1df374204c88123c09ca1855552b4c33f7c223e44080c99b15a7
cc3ed6fe6c571fcd206ddc31e5bfa22aa77fad2f4ef11cf9c4ef5f3fa3e32df1
d2515ccb98ce975359deef37683f096f610ff5d76cf9d97b85dd2da0255d2b81
da51284dfdb3d0175df06ad8eaaa4c6fb8ddb28baef1da2b7bf6b48bc6e03c2f
dc0fe0536494f33a2ca53bb2c4865ab095d7ec75518d2ef5d216837f399bd15a
de006b9160fb802ca93b67d7560245af752fdb7e1828b4d48cde0986bcc7af99
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df885e17d19207746f0c0cb7ef3803f25da217e97567b77095c8bc620b343639
e01150c170b5cf8104ddcb5248dd6e07597c9272b17a7d9744fa32b9edc769bd
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71728d7ae02c33d2dddd5ec65c5cf744025806d53e15b5d1cc73291811f9b1d
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f1a5a314f2b48700b2a7196174fe0b7e86150e94868d6104443f703c2ddb8340