www.reverse-engineer.net Open in urlscan Pro
104.18.11.73  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://t.co/cHEFLKsvlw Page URL
2. https://www.reverse-engineer.net/hexorcism-training?coupon=SUMMER40 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	cHEFLKsvlw t.co/	356 B 691 B	876ms 390ms	Document text/html	104.244.42.197 TWITTER
General Check archive.org Show headers Download Go to Full URL https://t.co/cHEFLKsvlw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.197 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_r / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=0 X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers cache-control private,max-age=300 content-encoding gzip content-length 209 content-type text/html; charset=utf-8 date Thu, 24 Aug 2023 06:43:41 GMT expires Thu, 24 Aug 2023 06:48:42 GMT perf 7626143928 server tsa_r strict-transport-security max-age=0 vary Origin x-connection-hash 17b084a1281936bcfbd4943ea14cbe5e8ee049ec6d4491ba680e5805d2c9744c x-response-time 153 x-transaction-id 4bb4f14390e8fd03 x-xss-protection 0
GET H2	200	Primary Request hexorcism-training Show response www.reverse-engineer.net/	93 KB 15 KB	1595ms 1070ms	Document text/html	104.18.11.73 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.reverse-engineer.net/hexorcism-training?coupon=SUMMER40 Requested by Host: t.co URL: https://t.co/cHEFLKsvlw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.11.73 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1e9430f060a62b0a96e24748c0bc6dec6008bca61bc9f08c7c3485e400ec3270 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options ALLOWALL X-Xss-Protection 1; mode=block Request headers Referer https://t.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers cache-control max-age=0, private, must-revalidate cf-cache-status DYNAMIC cf-ray 7fb99f62bcbaa943-SYD content-encoding gzip content-type text/html; charset=utf-8 date Thu, 24 Aug 2023 06:43:44 GMT etag W/"a9eba09f3e31534bebdbf627a8e9f5db" link <https://cdn.podia.com/assets/legacy/site-d49596523d9c2cb6a193816b56ed80a27279af8b58daf5530c899e182622ead1.css>; rel=preload; as=style; nopush,<https://cdn.podia.com/assets/user-site-11189591e72bc9d1076a2b0bfcb50c79089a55efdc7aab2cbb792384fb79ae62.js>; rel=preload; as=script; nopush,<https://cdn.podia.com/assets/storefront-70025f78be6235d633126f37f5c5197a036b503e71534549a1e37fca893f9789.js>; rel=preload; as=script; nopush referrer-policy strict-origin-when-cross-origin server cloudflare strict-transport-security max-age=63072000; includeSubDomains vary Accept-Encoding via 1.1 vegur x-content-type-options nosniff x-download-options noopen x-frame-options ALLOWALL x-permitted-cross-domain-policies none x-request-id 7f56ba4a-293e-41d1-900d-07b1198653de x-runtime 0.292082 x-xss-protection 1; mode=block
GET H2	200	site-d49596523d9c2cb6a193816b56ed80a27279af8b58daf5530c899e182622ead1.css cdn.podia.com/assets/legacy/	287 KB 48 KB	908ms 207ms	Stylesheet text/css	13.33.88.101 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.podia.com/assets/legacy/site-d49596523d9c2cb6a193816b56ed80a27279af8b58daf5530c899e182622ead1.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.88.101 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-88-101.sin2.r.cloudfront.net Software cloudflare / Resource Hash df0236ae51447618fab3fba4f7e8f59cbcad53d94fdab10b5d3cc0ee1d14ba8a Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers accept-language en-AU,en;q=0.9 Referer https://www.reverse-engineer.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Fri, 18 Aug 2023 17:46:12 GMT access-control-request-method GET,OPTIONS content-encoding gzip strict-transport-security max-age=63072000; includeSubDomains cf-cache-status MISS via 1.1 vegur, 1.1 9725312341802185c9ebf086bf95544e.cloudfront.net (CloudFront) x-amz-cf-pop SIN2-P2 age 478652 x-cache Hit from cloudfront content-length 48204 last-modified Fri, 18 Aug 2023 17:39:09 GMT server cloudflare vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 7f8bf9899acba029-SIN x-amz-cf-id nphkCeJ7cmP-4h_FQmeGsLj_hmRQyD450PsqyrQzC_540go7rl98Ag== expires Sat, 17 Aug 2024 17:43:21 +0000
GET H2	200	user-site-11189591e72bc9d1076a2b0bfcb50c79089a55efdc7aab2cbb792384fb79ae62.js Show response cdn.podia.com/assets/	226 KB 73 KB	1084ms 382ms	Script application/javascript	13.33.88.101 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.podia.com/assets/user-site-11189591e72bc9d1076a2b0bfcb50c79089a55efdc7aab2cbb792384fb79ae62.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.88.101 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-88-101.sin2.r.cloudfront.net Software cloudflare / Resource Hash d1ac43d94ed873f1ac029bd7431fc6435700ba6bab5d3d6d8119cedcffdbf3b1 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers accept-language en-AU,en;q=0.9 Referer https://www.reverse-engineer.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Tue, 15 Aug 2023 19:16:36 GMT access-control-request-method GET,OPTIONS content-encoding gzip strict-transport-security max-age=63072000; includeSubDomains cf-cache-status MISS via 1.1 vegur, 1.1 9725312341802185c9ebf086bf95544e.cloudfront.net (CloudFront) x-amz-cf-pop SIN2-P2 age 732428 x-cache Hit from cloudfront content-length 74130 last-modified Wed, 03 May 2023 15:27:51 GMT server cloudflare vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 7f73c5da5a184070-SIN x-amz-cf-id uxBT7whgt4hCxMDJajZDo1nyslejkQdJMzLMdxqPb8-4iNMHPWaxTw== expires Wed, 14 Aug 2024 18:57:39 +0000
GET H2	200	storefront-70025f78be6235d633126f37f5c5197a036b503e71534549a1e37fca893f9789.js Show response cdn.podia.com/assets/	2 MB 500 KB	939ms 238ms	Script application/javascript	13.33.88.101 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.podia.com/assets/storefront-70025f78be6235d633126f37f5c5197a036b503e71534549a1e37fca893f9789.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.88.101 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-88-101.sin2.r.cloudfront.net Software cloudflare / Resource Hash 21f5bc433794a393aa0a511432460c27d79a39ac62d221799ffd41d7171fda1a Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers accept-language en-AU,en;q=0.9 Referer https://www.reverse-engineer.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 09:02:14 GMT access-control-request-method GET,OPTIONS content-encoding gzip strict-transport-security max-age=63072000; includeSubDomains cf-cache-status MISS via 1.1 vegur, 1.1 9725312341802185c9ebf086bf95544e.cloudfront.net (CloudFront) x-amz-cf-pop SIN2-P2 age 78090 x-cache Hit from cloudfront content-length 511268 last-modified Wed, 23 Aug 2023 08:55:12 GMT server cloudflare vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 7fb22ce17a393e4d-SIN x-amz-cf-id gQdkvrRUqMkvJZ9h8mIsCaFSSuFi0qlsyslszOgDciD60Z1OAVIoGQ== expires Thu, 22 Aug 2024 08:59:25 +0000
GET H2	200	js Show response www.googletagmanager.com/gtag/	179 KB 65 KB	873ms 196ms	Script application/javascript	172.217.194.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-166919446-1 Requested by Host: www.reverse-engineer.net URL: https://www.reverse-engineer.net/hexorcism-training?coupon=SUMMER40 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f97.1e100.net Software Google Tag Manager / Resource Hash f3202a04e3f330c458f30ba05f5ee3dce33a767470ff38641411324c57544b1e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.reverse-engineer.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Thu, 24 Aug 2023 06:43:44 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 66489 x-xss-protection 0 last-modified Thu, 24 Aug 2023 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 24 Aug 2023 06:43:44 GMT
GET H2	200	/ Show response js.stripe.com/v3/	523 KB 129 KB	606ms 214ms	Script text/javascript	13.227.254.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/ Requested by Host: www.reverse-engineer.net URL: https://www.reverse-engineer.net/hexorcism-training?coupon=SUMMER40 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.254.117 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-254-117.sin52.r.cloudfront.net Software Cloudfront / Resource Hash 7022e1fb2a6e8876c7293303f39adad42ddf6a2b4b1148551970f55b3c3034f4 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-AU,en;q=0.9 Referer https://www.reverse-engineer.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Thu, 24 Aug 2023 06:42:59 GMT via 1.1 75c2742886aa426af3e0688fa2a8677a.cloudfront.net (CloudFront) x-amz-cf-pop SIN52-C3 age 46 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Wed, 23 Aug 2023 20:31:57 GMT server Cloudfront etag W/"a0b082e9c003f2faa9ce0b70a6e3095d" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=60 timing-allow-origin * x-amz-cf-id 0oP0ae-dhMftHoRg67fS0f-RuOG8hXoAcef23KxweqlIC0qZWW3utg==
GET H2	200	checkout.js Show response www.paypalobjects.com/api/	1 MB 204 KB	736ms 245ms	Script application/javascript	151.101.130.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/api/checkout.js Requested by Host: www.reverse-engineer.net URL: https://www.reverse-engineer.net/hexorcism-training?coupon=SUMMER40 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 3802b7c6e393f1eda09bdabeecc73640dcf633c7c1dc9136d182052e18e158bd Security Headers Name Value Strict-Transport-Security max-age=31557600 X-Content-Type-Options nosniff Request headers accept-language en-AU,en;q=0.9 Referer https://www.reverse-engineer.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Thu, 24 Aug 2023 06:43:44 GMT content-encoding br via 1.1 varnish, 1.1 varnish x-content-type-options nosniff strict-transport-security max-age=31557600 x-cache HIT, HIT paypal-debug-id af87e20b2088f dc ccg11-origin-www-1.paypal.com content-length 208208 x-served-by cache-sjc10020-SJC, cache-bfi-krnt7300045-BFI last-modified Wed, 24 May 2023 16:43:28 GMT traceparent 00-0000000000000000000af87e20b2088f-690d9cd6f58c2223-01 x-timer S1692859425.787838,VS0,VE2 etag W/"646e3eb0-16d204" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control s-maxage=31536000, public,max-age=3600 accept-ranges bytes timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com access-control-allow-headers x-csrf-token x-cache-hits 12529, 1
GET H2	200	E-v1.js Show response fast.wistia.com/assets/external/	727 KB 124 KB	1007ms 232ms	Script text/javascript	151.101.66.132 FASTLY
General Check archive.org Show headers Download Go to Full URL https://fast.wistia.com/assets/external/E-v1.js Requested by Host: www.reverse-engineer.net URL: https://www.reverse-engineer.net/hexorcism-training?coupon=SUMMER40 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.66.132 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 1428c764fa520f9a7bf13ea371e0eb71365c230adeb091bfb5eb87276c4db838 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.reverse-engineer.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Thu, 24 Aug 2023 06:43:45 GMT content-encoding br via 1.1 varnish, 1.1 varnish strict-transport-security max-age=0 age 3481 x-amz-server-side-encryption AES256 x-cache HIT, HIT content-length 126634 x-served-by cache-iad-kcgs7200073-IAD, cache-bfi-kbfi7400045-BFI x-browser-version 116 last-modified Wed, 23 Aug 2023 15:44:51 GMT server AmazonS3 x-timer S1692859425.072034,VS0,VE0 etag "2218f6301ff16065d2918c04222b752a" vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=3600 x-browser chrome asset-version c6040cc1b3d07af2a0a5a9c7926728809951e67f x-ecma-v modern accept-ranges bytes timing-allow-origin * x-cache-hits 5, 129
GET H2	200	api.js Show response www.google.com/recaptcha/	918 B 904 B	867ms 190ms	Script text/javascript	172.253.118.104 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit Requested by Host: www.reverse-engineer.net URL: https://www.reverse-engineer.net/hexorcism-training?coupon=SUMMER40 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f104.1e100.net Software GSE / Resource Hash 5127ccc03b5071b62a398e95ff3e387af8cc87e8fa260f66191d36347a106f63 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-AU,en;q=0.9 Referer https://www.reverse-engineer.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Thu, 24 Aug 2023 06:43:44 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 582 x-xss-protection 1; mode=block expires Thu, 24 Aug 2023 06:43:44 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	216 KB 77 KB	204ms 203ms	Script application/javascript	172.217.194.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-FT67P4T53P&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-166919446-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f97.1e100.net Software Google Tag Manager / Resource Hash da60fd65e904ae7126c521f4162f205cd470bd94f287c2e9807529a7a78b01ce Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.reverse-engineer.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Thu, 24 Aug 2023 06:43:45 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 78773 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 24 Aug 2023 06:43:45 GMT
GET H2	200	pptm.js Show response www.paypal.com/tagmanager/	12 KB 6 KB	4765ms 4263ms	Script application/x-javascript	151.101.65.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/tagmanager/pptm.js?id=www.reverse-engineer.net&source=checkoutjs&t=xo&v=4.0.338 Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/api/checkout.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.65.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655 Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-E9IUEbjzCNlNqjQYe0HyPkzt6PsPgQQGy4UTE9bNivLMjv1P' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com; Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-AU,en;q=0.9 Referer https://www.reverse-engineer.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers content-security-policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-E9IUEbjzCNlNqjQYe0HyPkzt6PsPgQQGy4UTE9bNivLMjv1P' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com; content-encoding gzip x-content-type-options nosniff date Thu, 24 Aug 2023 06:43:50 GMT via 1.1 varnish, 1.1 varnish strict-transport-security max-age=63072000; includeSubDomains; preload age 0 x-cache HIT, HIT paypal-debug-id f571775fe9488 server-timing content-encoding;desc="gzip",x-cdn;desc="fastly" dc ccg11-origin-www-1.paypal.com content-length 4299 x-xss-protection 1; mode=block x-served-by cache-bur-kbur8200115-BUR, cache-bfi-krnt7300062-BFI accept-ch sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64 traceparent 00-0000000000000000000f571775fe9488-219693620f9c2320-01 x-timer S1692859430.984306,VS0,VE203 etag W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/x-javascript; charset=utf-8 cache-control public, max-age=3600 origin-trial AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ== permissions-policy ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com") accept-ranges bytes x-cache-hits 2, 1
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/	450 KB 182 KB	4679ms 182ms	Script text/javascript	74.125.200.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f94.1e100.net Software sffe / Resource Hash 9dab174b3b1ef754d71d613162c1e1f5b88f9f317da8d1f14c146be9c6d9fd35 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.reverse-engineer.net/ Origin https://www.reverse-engineer.net accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Sun, 20 Aug 2023 12:17:23 GMT content-encoding gzip x-content-type-options nosniff age 325587 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 185519 x-xss-protection 0 last-modified Thu, 17 Aug 2023 18:11:22 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 19 Aug 2024 12:17:23 GMT
POST H2	204	collect www.google-analytics.com/g/	0 177 B	4703ms 246ms	Ping text/plain	142.251.12.113 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-FT67P4T53P&gtm=45je38l0&_p=924986543&cid=615337743.1692859426&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1692859425&sct=1&seg=0&dl=https%3A%2F%2Fwww.reverse-engineer.net%2Fhexorcism-training%3Fcoupon%3DSUMMER40&dr=https%3A%2F%2Ft.co%2F&dt=Hexorcism%20Reverse%20Engineering%20Training&en=page_view&_fv=1&_nsi=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-FT67P4T53P&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.12.113 , United States, ASN15169 (GOOGLE, US), Reverse DNS se-in-f113.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-AU,en;q=0.9 Referer https://www.reverse-engineer.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers pragma no-cache date Thu, 24 Aug 2023 06:43:50 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.reverse-engineer.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	4442ms 186ms	Script text/javascript	142.251.12.113 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-166919446-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.12.113 , United States, ASN15169 (GOOGLE, US), Reverse DNS se-in-f113.1e100.net Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-AU,en;q=0.9 Referer https://www.reverse-engineer.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 24 Aug 2023 06:04:12 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 2378 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Thu, 24 Aug 2023 08:04:12 GMT
GET H2	200	m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response js.stripe.com/v3/ Frame E27E	200 B 1 KB	3994ms 3994ms	Document text/html	13.227.254.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.254.117 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-254-117.sin52.r.cloudfront.net Software Cloudfront / Resource Hash f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.reverse-engineer.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 1538 alt-svc h3=":443"; ma=86400 cache-control max-age=31536000 content-length 200 content-security-policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Thu, 24 Aug 2023 06:18:12 GMT etag "93afeeb17bc37e711759584dbfc50d47" last-modified Fri, 11 Aug 2023 20:01:24 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 75c2742886aa426af3e0688fa2a8677a.cloudfront.net (CloudFront) x-amz-cf-id oKNqspa57sQYD7-Irwg2EgRI4yJS0VXm_Sz849OxtC3qRbNvDz46YQ== x-amz-cf-pop SIN52-C3 x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	avenir-next-lt-pro-medium-e33d26f597a0825f3d4c4110471bea77530691d8b63f56a0f3e22fb7ef646e21.woff2 cdn.podia.com/assets/avenir-next/	37 KB 37 KB	4571ms 377ms	Font application/font-woff2	13.33.88.101 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.podia.com/assets/avenir-next/avenir-next-lt-pro-medium-e33d26f597a0825f3d4c4110471bea77530691d8b63f56a0f3e22fb7ef646e21.woff2 Requested by Host: cdn.podia.com URL: https://cdn.podia.com/assets/legacy/site-d49596523d9c2cb6a193816b56ed80a27279af8b58daf5530c899e182622ead1.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.88.101 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-88-101.sin2.r.cloudfront.net Software cloudflare / Resource Hash 5dc4afef6c0c19c055b4e1f30290ff0e15d2595591802941c592ae8fd557cd24 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers Referer https://cdn.podia.com/assets/legacy/site-d49596523d9c2cb6a193816b56ed80a27279af8b58daf5530c899e182622ead1.css Origin https://www.reverse-engineer.net accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Sun, 13 Aug 2023 23:05:41 GMT access-control-request-method GET,OPTIONS via 1.1 vegur, 1.1 26d217ae6e701acdff710e730b58288a.cloudfront.net (CloudFront) strict-transport-security max-age=63072000; includeSubDomains cf-cache-status MISS x-amz-cf-pop SIN2-P2 age 891489 x-cache Hit from cloudfront content-length 37656 last-modified Wed, 03 May 2023 15:27:51 GMT server cloudflare access-control-max-age 7200 access-control-allow-methods GET content-type application/font-woff2 access-control-allow-origin * access-control-expose-headers cache-control public, max-age=31536000 vary Accept-Encoding accept-ranges bytes cf-ray 7f649aab2fed3fa4-SIN x-amz-cf-id 4XPd7HR_UfLAEGzdcP_3lK8xrAVXa-0ibF0y-pRBmtWno4EO0Q4n7w== expires Mon, 12 Aug 2024 01:30:41 +0000
GET H2	200	hexorcism-training Show response www.reverse-engineer.net/	2 KB 1 KB	4559ms 4559ms	XHR application/json	104.18.11.73 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.reverse-engineer.net/hexorcism-training?coupon=SUMMER40 Requested by Host: cdn.podia.com URL: https://cdn.podia.com/assets/storefront-70025f78be6235d633126f37f5c5197a036b503e71534549a1e37fca893f9789.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.11.73 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc29e1ff574f20e50ba12c5fda1553bd76ecca7fc62d6bf17c7fcc9eaabe98f6 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options ALLOWALL X-Xss-Protection 1; mode=block Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://www.reverse-engineer.net/hexorcism-training?coupon=SUMMER40 X-Requested-With XMLHttpRequest X-CSRF-Token fqp5aLXPQbvTRzSr59HC-9LHsuz8unwt0f6r80C1Swqi-uYbfGmT4GREbJ8wxKCw46_A9OCMxm02T54oFq2YtQ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Thu, 24 Aug 2023 06:43:50 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains via 1.1 vegur x-permitted-cross-domain-policies none cf-cache-status DYNAMIC x-xss-protection 1; mode=block x-request-id 25ab5f95-e65a-4ba5-b8ae-7244de5938e5 x-runtime 0.429847 referrer-policy strict-origin-when-cross-origin server cloudflare etag W/"2a96a413704823eda8d498481e96cb17" x-download-options noopen x-frame-options ALLOWALL vary Accept,Accept-Encoding content-type application/json; charset=utf-8 cache-control max-age=0, private, must-revalidate cf-ray 7fb99f8cff4ea943-SYD
GET H2	200	Kh3NZZ5sJZp6VpefwtjGGXCN d31ezp3r8jwmks.cloudfront.net/	608 KB 609 KB	5162ms 1038ms	Image image/jpeg	13.225.0.13 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d31ezp3r8jwmks.cloudfront.net/Kh3NZZ5sJZp6VpefwtjGGXCN Requested by Host: www.reverse-engineer.net URL: https://www.reverse-engineer.net/hexorcism-training?coupon=SUMMER40 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.0.13 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-0-13.sin52.r.cloudfront.net Software AmazonS3 / Resource Hash db50693553ac5f97f15d92341159d0e355d132566b3b155403d93164ce123619 Request headers accept-language en-AU,en;q=0.9 Referer https://www.reverse-engineer.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers x-amz-version-id null date Thu, 24 Aug 2023 06:43:51 GMT via 1.1 66a1d049e76b3705fd453637d74c10dc.cloudfront.net (CloudFront) last-modified Thu, 07 May 2020 15:27:18 GMT server AmazonS3 x-amz-cf-pop SIN52-C2 etag "6c5a8d3f6032c5cd6569f63bbd528820" x-cache RefreshHit from cloudfront content-type image/jpeg accept-ranges bytes content-length 622293 x-amz-cf-id hl4YZfl5D2H7x5V-9RYCOAHXOpEoXc0715AqnhrgmbUCNveXhHJZNw==
GET H2	200	eqmhj3vx7di0fx7bv04nd90d9jb7 d31ezp3r8jwmks.cloudfront.net/	215 KB 216 KB	5302ms 1179ms	Image image/jpeg	13.225.0.13 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d31ezp3r8jwmks.cloudfront.net/eqmhj3vx7di0fx7bv04nd90d9jb7 Requested by Host: www.reverse-engineer.net URL: https://www.reverse-engineer.net/hexorcism-training?coupon=SUMMER40 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.0.13 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-0-13.sin52.r.cloudfront.net Software AmazonS3 / Resource Hash 272eea83ceb375e8edd433874f1361ed1abf6728df278bf09b40ce9a3cc7c0f1 Request headers accept-language en-AU,en;q=0.9 Referer https://www.reverse-engineer.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers x-amz-version-id bdcDixOfP1q.8qCRcoPLptzHmJH7dDxN date Thu, 24 Aug 2023 06:43:51 GMT via 1.1 66a1d049e76b3705fd453637d74c10dc.cloudfront.net (CloudFront) last-modified Thu, 11 Nov 2021 14:45:34 GMT server AmazonS3 x-amz-cf-pop SIN52-C2 etag "9d4bc680c4d209dc12b4995aaf336260" x-cache RefreshHit from cloudfront content-type image/jpeg content-disposition inline; filename="ali.jpg"; filename*=UTF-8''ali.jpg accept-ranges bytes content-length 220656 x-amz-cf-id 90VZKfGHatcVnVt43d3G4OmBQGWFHLhrjuK8KkqMyDGhM4AmZSYeeg==
GET H2	200	ye16j1pku5a0zk02g3ehybpdqxli d31ezp3r8jwmks.cloudfront.net/	130 KB 130 KB	5302ms 1179ms	Image image/jpeg	13.225.0.13 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d31ezp3r8jwmks.cloudfront.net/ye16j1pku5a0zk02g3ehybpdqxli Requested by Host: www.reverse-engineer.net URL: https://www.reverse-engineer.net/hexorcism-training?coupon=SUMMER40 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.0.13 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-0-13.sin52.r.cloudfront.net Software AmazonS3 / Resource Hash 78572533d0156257473d173b19efae5bb24642211ee08c8c9d1caaaab0c6281a Request headers accept-language en-AU,en;q=0.9 Referer https://www.reverse-engineer.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers x-amz-version-id nFzch7DdxK6DWl92y1ZLY5YdQkrc1JrD date Thu, 24 Aug 2023 06:43:51 GMT via 1.1 66a1d049e76b3705fd453637d74c10dc.cloudfront.net (CloudFront) last-modified Thu, 11 Nov 2021 14:45:59 GMT server AmazonS3 x-amz-cf-pop SIN52-C2 etag "39fa99e9dcc5ba6b8c35317c6429baa0" x-cache RefreshHit from cloudfront content-type image/jpeg content-disposition inline; filename="Oliver.jpg"; filename*=UTF-8''Oliver.jpg accept-ranges bytes content-length 132711 x-amz-cf-id VpE7opcJ_gXjaWleQRHQMMVpGADhZnkqzzTJhsUL4AQH2X_uhGoHeA==
GET H2	200	jce8x0j882gatjqcf4zx5l5k03p3 d31ezp3r8jwmks.cloudfront.net/	275 KB 276 KB	5302ms 1179ms	Image image/jpeg	13.225.0.13 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d31ezp3r8jwmks.cloudfront.net/jce8x0j882gatjqcf4zx5l5k03p3 Requested by Host: www.reverse-engineer.net URL: https://www.reverse-engineer.net/hexorcism-training?coupon=SUMMER40 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.0.13 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-0-13.sin52.r.cloudfront.net Software AmazonS3 / Resource Hash 62d1831e7f110ef93da99a30ebdaafc1fcb3dcb12a076163b02a79997240e2f8 Request headers accept-language en-AU,en;q=0.9 Referer https://www.reverse-engineer.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers x-amz-version-id mgkrhOdiXxIT4YB6kIEliKfkpC9aI__X date Thu, 24 Aug 2023 06:43:51 GMT via 1.1 66a1d049e76b3705fd453637d74c10dc.cloudfront.net (CloudFront) last-modified Thu, 11 Nov 2021 14:46:20 GMT server AmazonS3 x-amz-cf-pop SIN52-C2 etag "b7aad6e24c66587212151d035bd8aad4" x-cache RefreshHit from cloudfront content-type image/jpeg content-disposition inline; filename="Kris.jpg"; filename*=UTF-8''Kris.jpg accept-ranges bytes content-length 281973 x-amz-cf-id ZDPgrJ9yscnFeorR1vz5otpVxD7UoNJ2TTI4Tkgfk76zPfe7Y4p2cA==
GET H2	200	0d7z4v4juewhetezgwyzz9ng9b0i d31ezp3r8jwmks.cloudfront.net/	157 KB 157 KB	4340ms 217ms	Image image/png	13.225.0.13 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d31ezp3r8jwmks.cloudfront.net/0d7z4v4juewhetezgwyzz9ng9b0i Requested by Host: www.reverse-engineer.net URL: https://www.reverse-engineer.net/hexorcism-training?coupon=SUMMER40 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.0.13 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-0-13.sin52.r.cloudfront.net Software AmazonS3 / Resource Hash c4838ce62cb520b4023a49e6275e69d3f9fa887ad787a773a7f2b2e57ebc8b9c Request headers accept-language en-AU,en;q=0.9 Referer https://www.reverse-engineer.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers x-amz-version-id miRyDZyVg5PSe0fZf2Ki1PKeV1zibJ72 date Wed, 23 Aug 2023 08:29:01 GMT via 1.1 66a1d049e76b3705fd453637d74c10dc.cloudfront.net (CloudFront) last-modified Thu, 11 Nov 2021 14:40:45 GMT server AmazonS3 x-amz-cf-pop SIN52-C2 age 80090 etag "e1638381d8848c66f06522336e571235" x-cache Hit from cloudfront content-type image/png content-disposition inline; filename="SoT41HsEVjGFkLUYGTv5MZBS.png"; filename*=UTF-8''SoT41HsEVjGFkLUYGTv5MZBS.png accept-ranges bytes content-length 160398 x-amz-cf-id Dc0X9B04_tcpGi3fcf4Y0KkQOWXl23P8WHlYjcKDoUyW64Z0DAqRmw==
GET H2	200	oaqukgmfezb6gieez6nb837h22ye d31ezp3r8jwmks.cloudfront.net/	308 KB 309 KB	4339ms 217ms	Image image/jpeg	13.225.0.13 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d31ezp3r8jwmks.cloudfront.net/oaqukgmfezb6gieez6nb837h22ye Requested by Host: www.reverse-engineer.net URL: https://www.reverse-engineer.net/hexorcism-training?coupon=SUMMER40 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.0.13 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-0-13.sin52.r.cloudfront.net Software AmazonS3 / Resource Hash 75cdda6b882a7db7a1f2012c09c6f516f8507868c5cfc7de70881f879b26bfeb Request headers accept-language en-AU,en;q=0.9 Referer https://www.reverse-engineer.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers x-amz-version-id akeNEPu8fnWSsIKRSfwoY62lekHwDeE8 date Wed, 23 Aug 2023 09:03:12 GMT via 1.1 66a1d049e76b3705fd453637d74c10dc.cloudfront.net (CloudFront) last-modified Thu, 11 Nov 2021 13:32:49 GMT server AmazonS3 x-amz-cf-pop SIN52-C2 age 78039 etag "922cdf4ebe9e2fab7b46519e4c4366d6" x-cache Hit from cloudfront content-type image/jpeg content-disposition inline; filename="hexorcist_square_1024.jpg"; filename*=UTF-8''hexorcist_square_1024.jpg accept-ranges bytes content-length 315416 x-amz-cf-id 96ZzLM3DR_sZn-rpciK6n5MIO3h8kMG9n6uoxshOqKu8AWvc7UNVMg==
GET H2	200	default-product-image-470e0be38421d2cee5192eec5333f7b8f81f94e4363082c7193104d5ffc3aaa9.png cdn.podia.com/assets/legacy/	17 KB 17 KB	3922ms 3921ms	Image image/png	13.33.88.101 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.podia.com/assets/legacy/default-product-image-470e0be38421d2cee5192eec5333f7b8f81f94e4363082c7193104d5ffc3aaa9.png Requested by Host: www.reverse-engineer.net URL: https://www.reverse-engineer.net/hexorcism-training?coupon=SUMMER40 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.88.101 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-88-101.sin2.r.cloudfront.net Software cloudflare / Resource Hash ae6261a5d534d0b085a38f5f2561511f312cbb220f7aaec78b885510597b2e6c Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers accept-language en-AU,en;q=0.9 Referer https://www.reverse-engineer.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Fri, 03 Feb 2023 01:44:11 GMT access-control-request-method GET,OPTIONS via 1.1 vegur, 1.1 9725312341802185c9ebf086bf95544e.cloudfront.net (CloudFront) strict-transport-security max-age=63072000; includeSubDomains cf-cache-status MISS x-amz-cf-pop SIN2-P2 age 17470778 x-cache Hit from cloudfront content-length 17061 last-modified Thu, 08 Dec 2022 17:41:14 GMT server cloudflare vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 79377ad968e149de-SIN x-amz-cf-id BNimFxcDhbX3DoXyJTiX3is-sfpa2CgnoA0GN4LsAD_jATzMuH0ITQ== expires Fri, 02 Feb 2024 18:24:11 +0000
GET H2	200	SjZVeqgAYLmqgvDawBciJ3gK d31ezp3r8jwmks.cloudfront.net/	221 KB 221 KB	796ms 796ms	Image image/jpeg	13.225.0.13 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d31ezp3r8jwmks.cloudfront.net/SjZVeqgAYLmqgvDawBciJ3gK Requested by Host: www.reverse-engineer.net URL: https://www.reverse-engineer.net/hexorcism-training?coupon=SUMMER40 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.0.13 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-0-13.sin52.r.cloudfront.net Software AmazonS3 / Resource Hash 3efe4ec0524b282b72917f1621d724122052bdae3639cc678f984ad264aaa54a Request headers accept-language en-AU,en;q=0.9 Referer https://www.reverse-engineer.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers x-amz-version-id null date Wed, 23 Aug 2023 08:29:01 GMT via 1.1 66a1d049e76b3705fd453637d74c10dc.cloudfront.net (CloudFront) last-modified Thu, 14 May 2020 17:31:59 GMT server AmazonS3 x-amz-cf-pop SIN52-C2 age 80090 etag "ea71e3a33f8902cf7ed73b2e9abb49af" x-cache Hit from cloudfront content-type image/jpeg accept-ranges bytes content-length 226140 x-amz-cf-id kjAcr89I1tAq0t3M8akJS0lgsrlWoKYvn3EdxENdiWZC50QNka7chA==
GET H2	200	icon-32-chat-away-3PNJTD4Z.digested.svg Show response www.reverse-engineer.net/assets/	1 KB 867 B	4516ms 4516ms	Fetch image/svg+xml	104.18.11.73 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.reverse-engineer.net/assets/icon-32-chat-away-3PNJTD4Z.digested.svg Requested by Host: cdn.podia.com URL: https://cdn.podia.com/assets/storefront-70025f78be6235d633126f37f5c5197a036b503e71534549a1e37fca893f9789.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.11.73 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ec852fc032098a9cd912327ed2848477375386687c762997d547eca2c0c23778 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers accept-language en-AU,en;q=0.9 Referer https://www.reverse-engineer.net/hexorcism-training?coupon=SUMMER40 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Thu, 24 Aug 2023 06:43:50 GMT access-control-request-method GET,OPTIONS via 1.1 vegur strict-transport-security max-age=63072000; includeSubDomains last-modified Wed, 03 May 2023 15:27:51 GMT server cloudflare cf-cache-status MISS content-encoding gzip vary Origin, Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 7fb99f8cff4fa943-SYD expires Thu, 22 Aug 2024 21:40:43 +0000
GET H2	200	chat-shadow-J63PXG73.digested.png www.reverse-engineer.net/assets/	12 KB 13 KB	4544ms 4543ms	Image image/png	104.18.11.73 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.reverse-engineer.net/assets/chat-shadow-J63PXG73.digested.png Requested by Host: www.reverse-engineer.net URL: https://www.reverse-engineer.net/hexorcism-training?coupon=SUMMER40 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.11.73 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c50dbc983683a1d5b2191cac24e8f734aeced655641ff1a901b8610adf79e682 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers accept-language en-AU,en;q=0.9 Referer https://www.reverse-engineer.net/hexorcism-training?coupon=SUMMER40 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Thu, 24 Aug 2023 06:43:50 GMT access-control-request-method GET,OPTIONS via 1.1 vegur strict-transport-security max-age=63072000; includeSubDomains last-modified Wed, 03 May 2023 15:27:48 GMT server cloudflare cf-cache-status MISS vary Origin, Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 7fb99f8cff50a943-SYD content-length 12736 expires Thu, 22 Aug 2024 21:40:43 +0000
GET H2	200	avenir-next-lt-pro-bold-c8fad797d3f08277ccd1ddf711710447806de4dcfc712b5614456e2e7e3a7950.woff2 cdn.podia.com/assets/avenir-next/	41 KB 41 KB	4321ms 204ms	Font application/font-woff2	13.33.88.101 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.podia.com/assets/avenir-next/avenir-next-lt-pro-bold-c8fad797d3f08277ccd1ddf711710447806de4dcfc712b5614456e2e7e3a7950.woff2 Requested by Host: cdn.podia.com URL: https://cdn.podia.com/assets/legacy/site-d49596523d9c2cb6a193816b56ed80a27279af8b58daf5530c899e182622ead1.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.88.101 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-88-101.sin2.r.cloudfront.net Software cloudflare / Resource Hash b67e27973f895e05de64722ea987a78c12f15fe60554dfa6342966318cc34bda Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers Referer https://cdn.podia.com/assets/legacy/site-d49596523d9c2cb6a193816b56ed80a27279af8b58daf5530c899e182622ead1.css Origin https://www.reverse-engineer.net accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Mon, 14 Aug 2023 01:15:15 GMT access-control-request-method GET,OPTIONS via 1.1 vegur, 1.1 26d217ae6e701acdff710e730b58288a.cloudfront.net (CloudFront) strict-transport-security max-age=63072000; includeSubDomains cf-cache-status MISS x-amz-cf-pop SIN2-P2 age 883715 x-cache Hit from cloudfront content-length 41531 last-modified Wed, 03 May 2023 15:27:51 GMT server cloudflare access-control-max-age 7200 access-control-allow-methods GET content-type application/font-woff2 access-control-allow-origin * access-control-expose-headers cache-control public, max-age=31536000 vary Accept-Encoding accept-ranges bytes cf-ray 7f655879999c8976-SIN x-amz-cf-id T3fjnIfPRLmQdvcHVDXu6M9whN5vtJqm4w73tyuZeEWiJjn597E1PA== expires Tue, 13 Aug 2024 01:08:39 +0000
GET H2	200	avenir-next-lt-pro-medium-italic-6107d082bf0a38170101800dd164e8631c9b278693e928aa85035d811b8e666a.woff2 cdn.podia.com/assets/avenir-next/	38 KB 39 KB	4352ms 235ms	Font application/font-woff2	13.33.88.101 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.podia.com/assets/avenir-next/avenir-next-lt-pro-medium-italic-6107d082bf0a38170101800dd164e8631c9b278693e928aa85035d811b8e666a.woff2 Requested by Host: cdn.podia.com URL: https://cdn.podia.com/assets/legacy/site-d49596523d9c2cb6a193816b56ed80a27279af8b58daf5530c899e182622ead1.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.88.101 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-88-101.sin2.r.cloudfront.net Software cloudflare / Resource Hash 862b7d2222c2106c746b108415e74d0d71fe76e98c83b69b3bf0721bffae4db3 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers Referer https://cdn.podia.com/assets/legacy/site-d49596523d9c2cb6a193816b56ed80a27279af8b58daf5530c899e182622ead1.css Origin https://www.reverse-engineer.net accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Sun, 26 Feb 2023 20:53:18 GMT access-control-request-method GET,OPTIONS via 1.1 vegur, 1.1 26d217ae6e701acdff710e730b58288a.cloudfront.net (CloudFront) strict-transport-security max-age=63072000; includeSubDomains cf-cache-status MISS x-amz-cf-pop SIN2-P2 age 15414632 x-cache Hit from cloudfront content-length 39245 last-modified Thu, 08 Dec 2022 17:41:13 GMT server cloudflare access-control-max-age 7200 access-control-allow-methods GET content-type application/font-woff2 access-control-allow-origin * access-control-expose-headers cache-control public, max-age=31536000 vary Accept-Encoding accept-ranges bytes cf-ray 79fb91c03bef9e47-SIN x-amz-cf-id aYzIRkl1Vh-crqsc30Qegh_60J7Etn8i4VG26Co4i4JyC7lakBpcTQ== expires Mon, 26 Feb 2024 11:40:27 +0000
GET H3	200	m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response js.stripe.com/v3/fingerprinted/js/ Frame E27E	631 B 997 B	197ms 197ms	Script text/javascript	13.227.254.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html Protocol H3 Security QUIC, , AES_128_GCM Server 13.227.254.117 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-254-117.sin52.r.cloudfront.net Software Cloudfront / Resource Hash 250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-AU,en;q=0.9 Referer https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload date Thu, 24 Aug 2023 06:18:13 GMT x-content-type-options nosniff via 1.1 1d57d3cbfc5a5b868b460784e4cd7888.cloudfront.net (CloudFront) age 1538 x-amz-cf-pop SIN52-C3 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 631 last-modified Fri, 11 Aug 2023 20:01:22 GMT server Cloudfront etag "f8f6a4584135f737b26927596ce6e0a7" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-amz-cf-id mauQnm_eistSVbyZ_6rn30Hwtu2o9kPXdlh0kC0LD7vdahkHp7il9Q==
POST H2	200	csp-report q.stripe.com/ Frame E27E	0 716 B	746ms 248ms	Other text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: t.co URL: https://t.co/cHEFLKsvlw Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Content-Type application/csp-report Response headers date Thu, 24 Aug 2023 06:43:50 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1692859430882143 x-envoy-upstream-service-time 2 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 0 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1692859430881541 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame E27E	0 717 B	744ms 247ms	Other text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: t.co URL: https://t.co/cHEFLKsvlw Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Content-Type application/csp-report Response headers date Thu, 24 Aug 2023 06:43:50 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1692859430881865 x-envoy-upstream-service-time 1 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 0 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1692859430881632 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
GET H2	200	inner.html Show response m.stripe.network/ Frame 9558	930 B 1 KB	747ms 243ms	Document text/html	151.101.192.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/inner.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.192.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1 Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers accept-ranges bytes age 206 cache-control max-age=300, public content-encoding br content-length 540 content-security-policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Thu, 24 Aug 2023 06:43:50 GMT server Fastly strict-transport-security max-age=31556926; includeSubDomains; preload vary Accept-Encoding, Origin via 1.1 varnish x-cache HIT x-cache-hits 73 x-content-type-options nosniff x-request-id 591bf86d-99dc-4c18-b5ce-a01f6bc8556f x-served-by cache-bfi-krnt7300024-BFI x-timer S1692859431.887166,VS0,VE0
GET H2	200	ts t.paypal.com/	42 B 728 B	550ms 255ms	Image image/gif	192.229.232.89 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Hexorcism%20Reverse%20Engineering%20Training&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1692859430409&g=-480&completeurl=https%3A%2F%2Fwww.reverse-engineer.net%2Fhexorcism-training%3Fcoupon%3DSUMMER40&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D Requested by Host: www.reverse-engineer.net URL: https://www.reverse-engineer.net/hexorcism-training?coupon=SUMMER40 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.232.89 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (nwa/E7B0) / Resource Hash 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language en-AU,en;q=0.9 Referer https://www.reverse-engineer.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers pragma no-cache date Thu, 24 Aug 2023 06:43:50 GMT strict-transport-security max-age=63072000; includeSubDomains; preload correlation-id 37a4fe6c273b5 server ECAcc (nwa/E7B0) traceparent 00-000000000000000000037a4fe6c273b5-27348e23834d294a-01 vary Accept-Encoding p3p CP="CAO IND OUR SAM UNI STA COR COM" paypal-debug-id 37a4fe6c273b5 content-type image/gif cache-control max-age=0, no-cache, no-store, must-revalidate server-timing content-encoding;desc="", x-cdn;desc="edgecast" timing-allow-origin * expires Thu, 24 Aug 2023 06:43:50 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 91 B	187ms 187ms	XHR text/plain	142.251.12.113 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=924986543&t=pageview&_s=1&dl=https%3A%2F%2Fwww.reverse-engineer.net%2Fhexorcism-training%3Fcoupon%3DSUMMER40&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Hexorcism%20Reverse%20Engineering%20Training&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=516761860&gjid=650640896&cid=615337743.1692859426&tid=UA-166919446-1&_gid=909280489.1692859431&_r=1&gtm=457e38l0h1&jsscut=1&z=1410663311 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.12.113 , United States, ASN15169 (GOOGLE, US), Reverse DNS se-in-f113.1e100.net Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.reverse-engineer.net/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 24 Aug 2023 06:43:50 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.reverse-engineer.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ec.js Show response www.google-analytics.com/plugins/ua/	3 KB 1 KB	189ms 189ms	Script text/javascript	142.251.12.113 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/ec.js Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.12.113 , United States, ASN15169 (GOOGLE, US), Reverse DNS se-in-f113.1e100.net Software sffe / Resource Hash 058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://www.reverse-engineer.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Thu, 24 Aug 2023 05:53:52 GMT content-encoding br x-content-type-options nosniff age 2998 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1129 x-xss-protection 0 last-modified Tue, 27 Jun 2023 17:28:00 GMT server sffe vary Accept-Encoding report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Thu, 24 Aug 2023 06:53:52 GMT
GET H2	200	collect www.google-analytics.com/	35 B 132 B	186ms 186ms	Image image/gif	142.251.12.113 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&a=924986543&t=event&ni=1&cu=EUR&_s=2&dl=https%3A%2F%2Fwww.reverse-engineer.net%2Fhexorcism-training%3Fcoupon%3DSUMMER40&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Hexorcism%20Reverse%20Engineering%20Training&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=engagement&ea=view_item&ev=0&_u=aCDAAUALAAAAACAMI~&jid=&gjid=&cid=615337743.1692859426&tid=UA-166919446-1&_gid=909280489.1692859431&gtm=457e38l0h1&jsscut=1&tr=2%2C698.20&pa=detail&pr1cc=SUMMER40&pr1pr=4%2C497.00&pr1qt=1&pr1id=358373&pr1nm=Hexorcist%20Online%20Reverse%20Engineering%20Training&z=2000396842 Requested by Host: www.reverse-engineer.net URL: https://www.reverse-engineer.net/hexorcism-training?coupon=SUMMER40 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.12.113 , United States, ASN15169 (GOOGLE, US), Reverse DNS se-in-f113.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-AU,en;q=0.9 Referer https://www.reverse-engineer.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers pragma no-cache date Wed, 23 Aug 2023 14:02:49 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 60061 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
POST H2	200	csp-report q.stripe.com/ Frame 9558	0 490 B	247ms 247ms	Other text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: t.co URL: https://t.co/cHEFLKsvlw Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Content-Type application/csp-report Response headers date Thu, 24 Aug 2023 06:43:51 GMT strict-transport-security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1692859431141109 x-envoy-upstream-service-time 1 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin x-stripe-server-envoy-upstream-service-time-ms 0 x-stripe-client-envoy-start-time-us 1692859431140488 cache-control max-age=0, no-cache, no-store, must-revalidate x-robots-tag none expires 0
GET H2	200	out-4.5.43.js Show response m.stripe.network/ Frame 9558	87 KB 15 KB	243ms 243ms	Script text/javascript	151.101.192.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/out-4.5.43.js Requested by Host: m.stripe.network URL: https://m.stripe.network/inner.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.192.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-AU,en;q=0.9 Referer https://m.stripe.network/inner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload date Thu, 24 Aug 2023 06:43:51 GMT x-content-type-options nosniff content-encoding br via 1.1 varnish age 117 x-cache HIT content-length 15509 x-request-id 379fbbee-2336-4da8-8286-d53088e365e2 x-served-by cache-bfi-krnt7300024-BFI server Fastly x-timer S1692859431.138808,VS0,VE0 vary Accept-Encoding, Origin content-type text/javascript; charset=utf-8 cache-control max-age=300, public accept-ranges bytes x-cache-hits 42
POST H2	200	6 Show response m.stripe.com/ Frame 9558	156 B 669 B	766ms 268ms	XHR application/json	34.209.176.83 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.com/6 Requested by Host: m.stripe.network URL: https://m.stripe.network/out-4.5.43.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.209.176.83 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-209-176-83.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 584b21ffcfbf1f08a1db784b1950d3ed76c435ddc5d60066a30bf6e251395350 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-stripe-bg-intended-route-color blue date Thu, 24 Aug 2023 06:43:52 GMT strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1692859432006734 server nginx content-type application/json;charset=utf-8 x-stripe-server-envoy-upstream-service-time-ms 2 access-control-allow-origin https://m.stripe.network x-stripe-client-envoy-start-time-us 1692859432006231 access-control-allow-credentials true access-control-allow-headers Content-Type content-length 156
POST		collect www.google-analytics.com/g/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.google-analytics.com

URL

https://www.google-analytics.com/g/collect?v=2&tid=G-FT67P4T53P&gtm=45je38l0&_p=924986543&cid=615337743.1692859426&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=2&cu=EUR&sid=1692859425&sct=1&seg=0&dl=https%3A%2F%2Fwww.reverse-engineer.net%2Fhexorcism-training%3Fcoupon%3DSUMMER40&dr=https%3A%2F%2Ft.co%2F&dt=Hexorcism%20Reverse%20Engineering%20Training&uid=&en=view_item&_ee=1&pr1=cpSUMMER40~k0currency~v0EUR~ds1%2C798.80~lp0~id358373~nmHexorcist%20Online%20Reverse%20Engineering%20Training~pr4%2C497.00~qt1&ep.value=2%2C698.20&_et=4837