urlscan.io logo urlscan.io
SecurityTrails logo

appointment-4.easymoney.university Open in urlscan Pro
76.76.21.61  Public Scan

Go To Rescan Add Verdict Report
URL: https://appointment-4.easymoney.university/
Submission: On May 19 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 6 countries across 20 domains to perform 65 HTTP transactions. The main IP is 76.76.21.61, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is appointment-4.easymoney.university.
TLS certificate: Issued by R3 on May 19th 2024. Valid for: 3 months.
This is the only time appointment-4.easymoney.university was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 76.76.21.61 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
1 151.101.65.195 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 2606:4700:440... 13335 (CLOUDFLAR...)
2 65.9.95.20 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 142.250.185.195 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.66.164.63 16509 (AMAZON-02)
1 65.9.95.75 16509 (AMAZON-02)
1 172.217.16.130 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
2 142.250.185.99 15169 (GOOGLE)
1 54.91.69.209 14618 (AMAZON-AES)
1 216.58.206.68 15169 (GOOGLE)
1 51.77.64.70 16276 (OVH)
3 157.240.252.13 32934 (FACEBOOK)
2 2a03:2880:f17... 32934 (FACEBOOK)
2 157.240.252.35 32934 (FACEBOOK)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 104.17.25.14 13335 (CLOUDFLAR...)
1 4 2600:9000:212... 16509 (AMAZON-02)
1 2a05:d018:cc3... 16509 (AMAZON-02)
65 28
14    76.76.21.61 (Walnut, United States)

ASN16509 (AMAZON-02, US)
appointment-4.easymoney.university
9    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    151.101.65.195 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.firebase.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2606:4700:4400::6812:25e0 (United States)

ASN13335 (CLOUDFLARENET, US)
wg216.infusionsoft.app
2    65.9.95.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-20.prg50.r.cloudfront.net
cdn.invitereferrals.com
3    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net
www.gstatic.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    52.66.164.63 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-66-164-63.ap-south-1.compute.amazonaws.com
www.ref-r.com
1    65.9.95.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-75.prg50.r.cloudfront.net
widget.wickedreports.com
1    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net
www.googleadservices.com
1    2606:4700:3035::6815:2f0c (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.useproof.com
2    2a00:1450:400c:c1d::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
www.google.de
1    54.91.69.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-91-69-209.compute-1.amazonaws.com
track.wickedreports.com
1    216.58.206.68 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f4.1e100.net
www.google.com
1    51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com
pro.ip-api.com
3    157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net
connect.facebook.net
2    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    157.240.252.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra3.facebook.com
www.facebook.com
1    2606:4700:4400::ac40:9620 (United States)

ASN13335 (CLOUDFLARENET, US)
wg216.infusionsoft.app
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    2600:9000:2127:fa00:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.adroll.com
1    2a05:d018:cc3:fe04:99ec:1363:e4b8:9afa (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
Apex Domain
Subdomains		 Transfer
14 easymoney.university
appointment-4.easymoney.university
5 MB
11 gstatic.com
www.gstatic.com
815 KB
5 adroll.com
s.adroll.com — Cisco Umbrella Rank: 3361
d.adroll.com — Cisco Umbrella Rank: 1556
30 KB
5 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
82 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
412 B
4 infusionsoft.app
wg216.infusionsoft.app
3 KB
3 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3095
www.google.com — Cisco Umbrella Rank: 2
375 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
315 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 7810
126 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 89
409 B
2 wickedreports.com
widget.wickedreports.com — Cisco Umbrella Rank: 48913
track.wickedreports.com — Cisco Umbrella Rank: 72625
26 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
21 KB
2 invitereferrals.com
cdn.invitereferrals.com — Cisco Umbrella Rank: 24708
9 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
46 KB
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 6182
194 B
1 useproof.com
cdn.useproof.com — Cisco Umbrella Rank: 74242
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 126
95 B
1 ref-r.com
www.ref-r.com — Cisco Umbrella Rank: 23568
945 B
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 380
33 KB
1 firebase.com
cdn.firebase.com — Cisco Umbrella Rank: 79515
42 KB
65 20
Domain Requested by
14 appointment-4.easymoney.university appointment-4.easymoney.university
11 www.gstatic.com appointment-4.easymoney.university
www.gstatic.com
5 connect.facebook.net appointment-4.easymoney.university
connect.facebook.net
4 s.adroll.com 1 redirects appointment-4.easymoney.university
s.adroll.com
4 www.facebook.com appointment-4.easymoney.university
4 wg216.infusionsoft.app 1 redirects appointment-4.easymoney.university
wg216.infusionsoft.app
3 www.googletagmanager.com appointment-4.easymoney.university
www.google-analytics.com
2 www.google.de appointment-4.easymoney.university
2 region1.analytics.google.com www.googletagmanager.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 www.google-analytics.com appointment-4.easymoney.university
www.google-analytics.com
2 cdn.invitereferrals.com appointment-4.easymoney.university
1 d.adroll.com s.adroll.com
1 cdnjs.cloudflare.com appointment-4.easymoney.university
1 pro.ip-api.com appointment-4.easymoney.university
1 www.google.com appointment-4.easymoney.university
1 track.wickedreports.com widget.wickedreports.com
1 cdn.useproof.com appointment-4.easymoney.university
1 www.googleadservices.com www.gstatic.com
1 widget.wickedreports.com appointment-4.easymoney.university
1 www.ref-r.com cdn.invitereferrals.com
1 ajax.googleapis.com appointment-4.easymoney.university
1 cdn.firebase.com appointment-4.easymoney.university
65 23

This site contains no links.

Subject Issuer Validity Valid
appointment-4.easymoney.university
R3		 2024-05-19 -
2024-08-17		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
auth.thevangoghstudio.com
GTS CA 1D4		 2024-04-23 -
2024-07-22		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-08-01 -
2024-07-30		 a year crt.sh
invitereferrals.com
Amazon RSA 2048 M03		 2024-03-28 -
2025-04-26		 a year crt.sh
*.google-analytics.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-02-26 -
2024-05-26		 3 months crt.sh
widget.wickedreports.com
Amazon RSA 2048 M01		 2023-08-02 -
2024-08-30		 a year crt.sh
*.googleadservices.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
useproof.com
GTS CA 1P5		 2024-04-06 -
2024-07-05		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.google.de
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
track.wickedreports.com
Amazon RSA 2048 M03		 2024-01-23 -
2025-02-19		 a year crt.sh
*.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-21 -
2025-01-20		 a year crt.sh
s.adroll.com
Amazon RSA 2048 M02		 2024-05-03 -
2025-06-01		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2023-10-09 -
2024-11-07		 a year crt.sh

This page contains 3 frames:

Primary Page: https://appointment-4.easymoney.university/
Frame ID: 3D79D3D6BEBC28276FC59064691DD3A0
Requests: 64 HTTP requests in this frame

Frame: https://cdn.useproof.com/proxy/index.html
Frame ID: 4E8FE3D821FF742C566042C5B40E96F2
Requests: 1 HTTP requests in this frame

Frame: https://wg216.infusionsoft.app/app/webTracking/websiteTriggerIframe
Frame ID: 571E129CD882EC752320A38465ADC66F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Quantum Growthâ„¢ By Easymoney University

Detected technologies

Overall confidence: 100%
Detected patterns
  • /(?:([\d.]+)/)?firebase(?:\.min)?\.js
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

65
Requests

95 %
HTTPS

48 %
IPv6

20
Domains

23
Subdomains

28
IPs

6
Countries

6119 kB
Transfer

10709 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59
  • https://s.adroll.com/j/pre/ZHX2BKGUNNEXDMYFVSC25O/DUXXGFEGF5B2NDSTQSAHWA/fpconsent.js HTTP 302
  • https://s.adroll.com/j/pre/index.js
Request Chain 61
  • https://wg216.infusionsoft.app/app/webTracking/contact/1716131648008?contactId=0&screenResolution=1600x1200&plugins=&javaEnabled=false&domain=appointment-4.easymoney.university&location=https://appointment-4.easymoney.university/&referrer= HTTP 302
  • https://wg216.infusionsoft.app/slices/spacer.gif

65 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
appointment-4.easymoney.university/ 		23 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://appointment-4.easymoney.university/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
d2eee287f403b8acc340f7e6e6f3ac8a27cb8e73b52ad7d5d13dcb87da133205
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
age
43
cache-control
public, max-age=0, must-revalidate
content-disposition
inline
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 19 May 2024 15:14:07 GMT
etag
W/"13dd49f6f4aff8ba665e5d7fd8edd748"
server
Vercel
strict-transport-security
max-age=63072000
x-vercel-cache
HIT
x-vercel-id
fra1::67cwg-1716131647265-280229584ed1
invite-referrals-1.0.js
appointment-4.easymoney.university/js/ 		34 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appointment-4.easymoney.university/js/invite-referrals-1.0.js
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
2515e5fdb3d5f9735a581c54987fbc77cae991cac23fd33dccfebd96ef254c0d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 15:14:07 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::ds6pc-1716131647312-4d102df1b4dc
age
0
etag
W/"895acafdf508dcd3e6bc4e4380ba30d7"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="invite-referrals-1.0.js"
gtm.js
appointment-4.easymoney.university/js/ 		311 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appointment-4.easymoney.university/js/gtm.js
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
3b420f497756f580773dbb836f79074631405547737b31928a2f3cd5e99322bf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 15:14:07 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::cj6n7-1716131647312-507843992bed
age
0
etag
W/"7647d36c56811e318f674f3434231f4a"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="gtm.js"
firebase-app.js
www.gstatic.com/firebasejs/9.6.0/ 		50 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/9.6.0/firebase-app.js
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bfee8581a3b0759d02bf1019dd9a0abf9b0213b70675024de2c455cd4f8bfc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 11:40:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
272021
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10807
x-xss-protection
0
last-modified
Thu, 02 Dec 2021 22:45:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 16 May 2025 11:40:26 GMT
firebase.js
cdn.firebase.com/js/client/2.2.1/ 		126 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.firebase.com/js/client/2.2.1/firebase.js
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
518b731b6199f76c37019787532becd97b039fac1c702f0796cee256b95755f2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926
content-encoding
gzip
date
Sun, 19 May 2024 15:14:07 GMT
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
42203
x-served-by
cache-fra-etou8220088-FRA
last-modified
Wed, 15 Jul 2020 22:46:44 GMT
x-timer
S1716131647.405828,VS0,VE1
etag
"3f28a52a4862dcf057748c28f09e4a9a6d501c1cdd4e794e84507a42f71378aa"
vary
x-fh-requested-host, accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=432000
accept-ranges
bytes
x-cache-hits
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 22:58:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58554
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33434
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 May 2025 22:58:13 GMT
firebase-app.js
www.gstatic.com/firebasejs/9.2.0/ 		58 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/9.2.0/firebase-app.js
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb98387940ae14afcfe6310255c5887dd866f7677172bddc7a7aa74aa485266f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 05:51:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33770
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13064
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 21:57:02 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 19 May 2025 05:51:17 GMT
firebase-firestore.js
www.gstatic.com/firebasejs/9.2.0/ 		745 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/9.2.0/firebase-firestore.js
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96deccf3b51c408b123f6724f0d870e7513c439c13f0bb7c7ba8d6fe53d75d58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 18:37:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
160601
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
189848
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 21:57:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 17 May 2025 18:37:26 GMT
firebase-firestore.js
www.gstatic.com/firebasejs/9.6.0/ 		748 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/9.6.0/firebase-firestore.js
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74b5b35acca1bdd37e99a04a4f72c825dae8b7b4be065a954e579f6cbda07e9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 15:11:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
183
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
190256
x-xss-protection
0
last-modified
Thu, 02 Dec 2021 22:45:26 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 19 May 2025 15:11:04 GMT
main.css
appointment-4.easymoney.university/css/ 		83 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://appointment-4.easymoney.university/css/main.css
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
a5288de9390e9035586fcc1a84491a94900d4f22aae36574894a368402a7939b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 15:14:07 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::8bpwx-1716131647312-4252034faf08
age
0
etag
W/"455f3922bc6358960c52117cfb2872b0"
x-vercel-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="main.css"
proof.js
appointment-4.easymoney.university/js/ 		486 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appointment-4.easymoney.university/js/proof.js
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
e6afd4fed5a209864850fefa27bec3d60763f20da608ad46b0c48ee095939d61
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 15:14:07 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::bd4wm-1716131647665-cca56263842b
age
0
etag
W/"1ccdf8ad8e2ec3cafa6434e5d77c3569"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="proof.js"
10046555-10047243.js
appointment-4.easymoney.university/js/ 		213 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appointment-4.easymoney.university/js/10046555-10047243.js
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
8ce2e84d8aa5dc77df08c5271fe191296f2a4bc2a5f70a123187b15c2899a527
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 15:14:07 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::jk8sg-1716131647312-d35c9f8a307e
age
0
etag
W/"b25bc9633c8f6b9f8fd85e1f7b31fd30"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="10046555-10047243.js"
logo.png
appointment-4.easymoney.university/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://appointment-4.easymoney.university/images/logo.png
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
8bafaf07665d398a466f3b7342c77ef57c6dcdbed05518af60deea9f11d3b595
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 15:14:07 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::zffjj-1716131647343-5a08661d3d35
age
0
etag
"4c211fbe45a0432afa2020e63d9eb0a9"
x-vercel-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="logo.png"
accept-ranges
bytes
content-length
11789
getTrackingCode
wg216.infusionsoft.app/app/webTracking/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wg216.infusionsoft.app/app/webTracking/getTrackingCode
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da637dbf3093a2b6c83aac24c1abdfe49f88231c16cf43c8b3345603c3ae1667
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 19 May 2024 15:14:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
server
cloudflare
via
1.1 google
vary
accept-encoding
content-type
text/javascript;charset=UTF-8
cache-control
no-cache, no-store
cf-ray
886508ee98389bee-FRA
x-xss-protection
1; mode=block
expires
Sun, 19 May 2024 15:14:07 GMT
main.js
appointment-4.easymoney.university/js/ 		217 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appointment-4.easymoney.university/js/main.js
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
7e31276ecfb52757e57a50e081d8c52996c6ced52fd12930aba44cab63e53c87
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Origin
https://appointment-4.easymoney.university
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 15:14:07 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::9zg2q-1716131647312-375306eeaf34
age
0
etag
W/"d8e1c547cb73d48c4a84724b2f354f39"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="main.js"
form-handler.js
appointment-4.easymoney.university/js/ 		23 B
184 B 		Script
General
Check archive.org
Download Go to
Full URL
https://appointment-4.easymoney.university/js/form-handler.js
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
3dc55e9f470855699d137359118ca0972c76f10b17bc8c5e8517aabae3e95d3c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Origin
https://appointment-4.easymoney.university
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 15:14:07 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::75sg8-1716131647313-c31749f9d8c6
age
0
etag
"1a9ecc7366211970f2068eff037ee84d"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="form-handler.js"
accept-ranges
bytes
content-length
23
wr-1c31075838609bee0fee01e53afbee12.js
appointment-4.easymoney.university/js/ 		421 B
564 B 		Script
General
Check archive.org
Download Go to
Full URL
https://appointment-4.easymoney.university/js/wr-1c31075838609bee0fee01e53afbee12.js
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
4f8cfe025cb03c6331c634495fa41a4212dbf6bfb5c9f0ebd477e55763054093
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 15:14:07 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::8bpwx-1716131647665-21b686535343
age
0
etag
"4027f0121ad84856a8bd3628d340637a"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="wr-1c31075838609bee0fee01e53afbee12.js"
accept-ranges
bytes
content-length
421
firebase.js
www.gstatic.com/firebasejs/7.13.1/ 		829 KB
239 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/7.13.1/firebase.js
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
303744ae0aa915d32d38f2129ef56b6020eace38b8a0a762649afb74e58043a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 19:33:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70820
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
244975
x-xss-protection
0
last-modified
Fri, 27 Mar 2020 23:06:16 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 May 2025 19:33:47 GMT
init.js
www.gstatic.com/firebasejs/firebase/ 		0
0
firebase-app.js
www.gstatic.com/firebasejs/7.13.1/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/7.13.1/firebase-app.js
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a763cce5aab1fcc80de8437a79eb495e5f0587375e0da4bbb45ae045f5cabf7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 02:18:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
478552
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6595
x-xss-protection
0
last-modified
Fri, 27 Mar 2020 23:06:14 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 May 2025 02:18:15 GMT
firebase-analytics.js
www.gstatic.com/firebasejs/7.13.1/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/7.13.1/firebase-analytics.js
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d111ac6b1f2009b66bbf360f01d5c313d01ea60534f933b5ff2d6b61c35ca21f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 00:43:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
225008
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8533
x-xss-protection
0
last-modified
Fri, 27 Mar 2020 23:06:14 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 17 May 2025 00:43:59 GMT
firebase-auth.js
www.gstatic.com/firebasejs/7.13.1/ 		171 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/7.13.1/firebase-auth.js
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce3d14f19a99ef80b53d9008c311c2fbd52bc77a47ea616a3a637bbf6ca89c93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 05:26:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35228
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55346
x-xss-protection
0
last-modified
Fri, 27 Mar 2020 23:06:15 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 19 May 2025 05:26:59 GMT
firebase-firestore.js
www.gstatic.com/firebasejs/7.13.1/ 		308 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/7.13.1/firebase-firestore.js
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a7d5bde69d555a36cc2e66135d64442a3ec856c1c9df86d34cd5fa584576ac4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 07:35:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27528
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
90176
x-xss-protection
0
last-modified
Fri, 27 Mar 2020 23:06:16 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 19 May 2025 07:35:19 GMT
tnp_js_modal.css
cdn.invitereferrals.com/css/widget/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.invitereferrals.com/css/widget/tnp_js_modal.css
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/js/invite-referrals-1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-20.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
58883c1f8ab1c5177718e3a0508b29ec7fcb8770e5f56a0edae4c926bbcaa66d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront), 1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
date
Sun, 19 May 2024 13:30:16 GMT
x-amz-cf-pop
FRA56-P6, PRG50-C1
age
6343
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Tue, 26 Oct 2021 09:16:18 GMT
server
nginx
etag
W/"6177c762-cf9"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
x-amz-cf-id
BVFrSgouqLzCMiO75UlS90WzQeY10Lv6dmcPwNquXPiCkX11Q73fFg==
expires
Sun, 19 May 2024 17:28:24 GMT
gtm.js
www.googletagmanager.com/ 		329 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TFJWWZ5
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d93a02f121b4892260c31a03d2ea6bc63b4c82cadd7ebb3d7c179577188b81e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 15:14:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103731
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 19 May 2024 15:14:07 GMT
truncated
/ 		64 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
invite-referrals-1.0.js
cdn.invitereferrals.com/js/ 		34 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.invitereferrals.com/js/invite-referrals-1.0.js
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-20.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
2515e5fdb3d5f9735a581c54987fbc77cae991cac23fd33dccfebd96ef254c0d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
via
1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront), 1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
date
Sun, 19 May 2024 13:04:42 GMT
x-amz-cf-pop
FRA56-P6, PRG50-C1
age
8126
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 28 Dec 2023 05:04:12 GMT
server
nginx
etag
W/"658d01cc-87ef"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
x-amz-cf-id
0m5kEpZ-uHtCPItkY8hCi-vBCTF5eWexzRkX-1Cd2ixpum3j9F7qlg==
expires
Sun, 19 May 2024 16:58:41 GMT
SalvoSans-Light.woff2
appointment-4.easymoney.university/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://appointment-4.easymoney.university/fonts/SalvoSans-Light.woff2
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
ca7650e7accfcb194a9469d12a4c605f90e1cc2da92e0da7d06dbc499f1d0088
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/css/main.css
Origin
https://appointment-4.easymoney.university
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 15:14:07 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::jk8sg-1716131647713-2ed03e045831
age
0
etag
"1c5bb0c3683d0628f075883f841b9e32"
x-vercel-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="SalvoSans-Light.woff2"
accept-ranges
bytes
content-length
18612
FuturaLT-CondensedExtraBold.woff2
appointment-4.easymoney.university/fonts/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://appointment-4.easymoney.university/fonts/FuturaLT-CondensedExtraBold.woff2
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
701c032f55cf15a19ce1717fedef3e650f4543befae30a66db90126c4c628d24
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/css/main.css
Origin
https://appointment-4.easymoney.university
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 15:14:07 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::ds6pc-1716131647764-9a2536c2ef30
age
0
etag
"383d5474957a6c741a73b76a669e9eec"
x-vercel-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="FuturaLT-CondensedExtraBold.woff2"
accept-ranges
bytes
content-length
9628
qg-trailer-preview-1.mp4
appointment-4.easymoney.university/media/ 		4 MB
4 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://appointment-4.easymoney.university/media/qg-trailer-preview-1.mp4
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
76c5e19f89d51fc05082067e0fd9defd65752e956f3964f34de5fb332db9fe43
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://appointment-4.easymoney.university/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 15:14:08 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::ttwcj-1716131647713-894a3188b8dc
age
0
etag
"8fa7b30ad589ae22abb67887651f6d23"
x-vercel-cache
HIT
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-4342447/4342448
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="qg-trailer-preview-1.mp4"
accept-ranges
bytes
Content-Length
4342448
js
www.googletagmanager.com/gtag/ 		342 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QMG3LJL3FD&l=dataLayer&cx=c
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/js/gtm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bdcbbb6e1e84a38978f5691266c5b8ea945419991ea1cc71c0fdf4b894509620
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 15:14:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
108267
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 19 May 2024 15:14:07 GMT
loader.js
www.gstatic.com/wcm/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/wcm/loader.js
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/js/gtm.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
670f77f11cb4c747f5de1affa5b53687cf7a20d1eaf99b0ef5c9c60858aefa55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 14:48:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
1552
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2133
x-xss-protection
0
last-modified
Wed, 20 Mar 2024 23:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 19 May 2024 15:48:15 GMT
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 19 May 2024 15:14:07 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57845
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1294, tbw=2769, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
8O9ERyaWxeUnSIoWhHlasMCubiISfDqk2pZPg5gWN34x0vWHzQtDm3hfWIV5dnl7GF+B9m2mSl5KL3biMrHPiA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/js/gtm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 19 May 2024 14:23:20 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3047
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 19 May 2024 16:23:20 GMT
settings
www.ref-r.com/campaign/t1/ 		474 B
945 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ref-r.com/campaign/t1/settings?bid_e=E52F2622D498B08A1B1D44E92F302947&bid=47903&sso_key=&rt=&t=420&userParams=%7B%22fname%22%3A%22%22%7D&screenWidth=1600&screenHeight=1200&pageUrl=https%3A%2F%2Fappointment-4.easymoney.university%2F&integration=js&js_callback=json1
Requested by
Host: cdn.invitereferrals.com
URL: https://cdn.invitereferrals.com/js/invite-referrals-1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.66.164.63 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-66-164-63.ap-south-1.compute.amazonaws.com
Software
nginx /
Resource Hash
96cc37839892792e51854b3904b065214ebfbadc1c303871049a050f1456e3d9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 15:14:08 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
x-xss-protection
1; mode=block
call-tracking_9.js
www.gstatic.com/call-tracking/ 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/call-tracking/call-tracking_9.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
6d8f8fd6de0b42e3acc7b2f3005c599e9f54d21355c3d6850a5c13daca10d5ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 17:40:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
77600
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20777
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 22:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-telephony"
vary
Accept-Encoding
report-to
{"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 May 2025 17:40:47 GMT
widget.js
widget.wickedreports.com/ 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.wickedreports.com/widget.js
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/js/wr-1c31075838609bee0fee01e53afbee12.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-75.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97f03aa7de4112351586ed0089fbd8d2c1b14f3031346b70c130d07b488b0e8b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 23:46:16 GMT
via
1.1 d19bc25644fc0cb24d9e1c2cb87755ca.cloudfront.net (CloudFront)
last-modified
Tue, 30 Apr 2024 12:14:14 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
55671
x-amz-server-side-encryption
AES256
etag
"a573e0323f255d4ff82173d608f94309"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
25893
x-amz-cf-id
ieIZ_EchzuUVi1UNsyqBGCxKKOaVMTqKAcLeN2b7Lt7MSCmeJC3KjQ==
wcm
www.googleadservices.com/pagead/conversion/863392153/ 		81 B
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/863392153/wcm?cc=ZZ&dn=1300858250&cl=_EqvCKj66aoBEJmj2ZsD&ct_eid=2
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/call-tracking/call-tracking_9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
d22d4f2250deeb2d80f1587d7d81d85e17d412bbcd98315e18fd9e35dc021c3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 15:14:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
https://appointment-4.easymoney.university
content-type
application/json; charset=UTF-8
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72
x-xss-protection
0
index.html
cdn.useproof.com/proxy/ Frame 4E8F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.useproof.com/proxy/index.html
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/js/proof.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2f0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://appointment-4.easymoney.university/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
cache-control
max-age=315360000, no-transform, public
cf-cache-status
DYNAMIC
cf-ray
886508f0296e9956-FRA
content-length
325
content-type
text/html
date
Sun, 19 May 2024 15:14:08 GMT
etag
"f92252b1f21fd30ac52b59395971ecdb"
last-modified
Mon, 29 Jun 2020 14:15:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6PVeJNwpamlMOnjeouN9x8zQTnfp3hUowT0q5q7jxf6UbI0AUcllCq9htqXRxofG0WAGbSd0TaNfvs2j4%2F7ZE3r4k7JIY8eiLWCk9imkp7De%2FHI78kTnPMp%2BiQj2xNnntpqevSgfdvp%2FFyBD30v8"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-amz-id-2
dnJLBCzIOyWHcI6KW6gYSKrFnz/xrkgsQy2TbJ+DLRVdiKFWxRk0ujOz8KGro8vsiwKjxg0PNA0=
x-amz-request-id
BYZ7PXZ7FW1DDJTE
x-amz-version-id
6OysE9MvUGgGn.qn_BXpeYijOLHR8713
collect
www.google-analytics.com/j/ 		15 B
234 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=530323948&t=pageview&_s=1&dl=https%3A%2F%2Fappointment-4.easymoney.university%2F&ul=de-de&de=UTF-8&dt=Quantum%20Growth%E2%84%A2%20By%20Easymoney%20University&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABBAAAACAAI~&jid=1633037945&gjid=1812182103&cid=1965916747.1716131648&tid=UA-51795207-1&_gid=481939786.1716131648&_slc=1&gtm=45He4270n81TFJWWZ5v76665445za200&gcd=13l3l3l3l1&dma=0&z=226510116
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1525cff0bcb6e3b5d91a565a02ff8240ee50d7f5b545ff44532d768cbf720d77
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 19 May 2024 15:14:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://appointment-4.easymoney.university
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-51795207-1&cid=1965916747.1716131648&jid=1633037945&gjid=1812182103&_gid=481939786.1716131648&_u=YGBAiEABBAAAAGAAI~&z=975143790
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 19 May 2024 15:14:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://appointment-4.easymoney.university
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		346 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QMG3LJL3FD&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0906372ea7906d755eecf75411dd1ab5e3a69d95008e2b02186bc7bd9a6a67c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 15:14:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
110122
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 19 May 2024 15:14:07 GMT
1579306589005240
connect.facebook.net/signals/config/ 		66 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1579306589005240?v=2.9.156&r=stable&domain=appointment-4.easymoney.university&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
837fb8764fd71f56e4ccb955b50e90e2535dbdb13e9e6f5b47793848877199d6
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 19 May 2024 15:14:08 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=45, rtx=0, c=64, mss=1294, tbw=63369, tp=-1, tpl=-1, uplat=167, ullat=0
pragma
public
x-fb-debug
WQVLiv+UHt1a6p9AoanX+em6ce21L3IZJpv00xzJQL8HHI16K8E8cv9RVLB5XER0+0FhrIGvhFQEyVbVi5DqxA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-QMG3LJL3FD&gtm=45je45f0v885993370z876665445za200&_p=1716131647595&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1965916747.1716131648&ecid=1558399805&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&ec_mode=a&_eu=AAAI&_s=1&sid=1716131647&sct=1&seg=0&dl=https%3A%2F%2Fappointment-4.easymoney.university%2F&dt=Quantum%20Growth%E2%84%A2%20By%20Easymoney%20University&en=page_view&_fv=1&_ss=1&tfd=843
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QMG3LJL3FD&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 19 May 2024 15:14:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://appointment-4.easymoney.university
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QMG3LJL3FD&cid=1965916747.1716131648&gtm=45je45f0v885993370z876665445za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QMG3LJL3FD&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 19 May 2024 15:14:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://appointment-4.easymoney.university
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QMG3LJL3FD&cid=1965916747.1716131648&gtm=45je45f0v885993370z876665445za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1423240247
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 19 May 2024 15:14:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.php
track.wickedreports.com/ 		118 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.wickedreports.com/index.php?WickedClientID=3178&WickedEmail=&WickedTrackingDate=1716131647995&WickedURL=https%3A%2F%2Fappointment-4.easymoney.university%2F&WickedReferrerURL=&WickedNullURL=https%3A%2F%2Fappointment-4.easymoney.university%2F%3Futm_source%3DDirect%26utm_medium%3DDirect%26utm_campaign%3DDirect%26utm_content%3Dappointment-4.easymoney.university%26utm_term%3DOrganic%20traffic&WickedNullReferrerURL=
Requested by
Host: widget.wickedreports.com
URL: https://widget.wickedreports.com/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.69.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-69-209.compute-1.amazonaws.com
Software
nginx / PHP/8.1.26
Resource Hash
af97ab97040d7732a1a2b5ec0f859db3c28689ee7f0226592347e0880e48d718

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 19 May 2024 15:14:08 GMT
server
nginx
x-powered-by
PHP/8.1.26
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-headers
*
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-51795207-1&cid=1965916747.1716131648&jid=1633037945&_u=YGBAiEABBAAAAGAAI~&z=519806866
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s11-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 19 May 2024 15:14:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-51795207-1&cid=1965916747.1716131648&jid=1633037945&_u=YGBAiEABBAAAAGAAI~&z=519806866
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 19 May 2024 15:14:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pro.ip-api.com/json/ 		39 B
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json/?key=xdE0u3qK4coQ9a7&fields=status,countryCode
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/js/main.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
6c6489a7d04f10c1a0342b15616350774cb7fbe16e98341d13bde9ff539b7c51

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 19 May 2024 15:14:08 GMT
Content-Length
39
Content-Type
application/json; charset=utf-8
1367668553374989
connect.facebook.net/signals/config/ 		24 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1367668553374989?v=2.9.156&r=stable&domain=appointment-4.easymoney.university&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C124%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C117%2C217%2C152%2C110%2C133%2C126%2C114
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
f4262c314ab8d286a5acf4040a6bd21e7d7d98cdb9dc1a5799b011b8ba68530c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 19 May 2024 15:14:08 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=44, rtx=0, c=23, mss=1232, tbw=4314, tp=9, tpl=0, uplat=168, ullat=0
pragma
public
x-fb-debug
bDZCpzrjUHjaWXJnau14ulQYBzsRC9fWA0qOHBXI4kl990STXrBU0q28m0ohbcV73jzVD80NNU9cNn1h/hYjeg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1579306589005240&ev=PageView&dl=https%3A%2F%2Fappointment-4.easymoney.university%2F&rl=&if=false&ts=1716131648175&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1716131648173.1018593813&cs_est=true&ler=empty&cdl=API_unavailable&it=1716131647943&coo=false&rqm=GET
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1294, tbw=2761, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 19 May 2024 15:14:08 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
739799479814402
connect.facebook.net/signals/config/ 		21 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/739799479814402?v=2.9.156&r=stable&domain=appointment-4.easymoney.university&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C124%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C117%2C217%2C152%2C110%2C133%2C126%2C114
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
e202f15046d7d182ac1161f33714a58374ad19ddec9b8978f78dde008371eb1c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 19 May 2024 15:14:08 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=42, rtx=0, c=28, mss=1232, tbw=10042, tp=15, tpl=0, uplat=39, ullat=0
pragma
public
x-fb-debug
1sn8eM9WLn58669FhZFQDeMNSPg9DJRbelGlIqk7RIvCGvzk0gVs6ftbVyaoJPnq1jLzy/TMKS5d7+u5vPY6vg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1367668553374989&ev=PageView&dl=https%3A%2F%2Fappointment-4.easymoney.university%2F&rl=&if=false&ts=1716131648387&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1716131648173.1018593813&cs_est=true&ler=empty&cdl=API_unavailable&it=1716131647943&coo=false&rqm=GET
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1294, tbw=3114, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 19 May 2024 15:14:08 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
231123841532052
connect.facebook.net/signals/config/ 		20 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/231123841532052?v=2.9.156&r=stable&domain=appointment-4.easymoney.university&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C124%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C117%2C217%2C152%2C110%2C133%2C126%2C114
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
d045f7af46c53a9232c68b34a0bf60f7e87bc6fe9ad71d3424f55249383edad2
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 19 May 2024 15:14:08 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=0, c=30, mss=1232, tbw=13242, tp=19, tpl=0, uplat=37, ullat=0
pragma
public
x-fb-debug
MrLfjKGMjqiKyU4TqHDNoFdIT3x1Bk5sqtt2AUl4NCqpie3y1z/UfheKGfD0fOJEC6kSFUuXVfquGXk3VKdEcg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=739799479814402&ev=PageView&dl=https%3A%2F%2Fappointment-4.easymoney.university%2F&rl=&if=false&ts=1716131648469&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1716131648173.1018593813&ler=empty&cdl=API_unavailable&it=1716131647943&coo=false&rqm=GET
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=23, mss=1232, tbw=4316, tp=9, tpl=0, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 19 May 2024 15:14:08 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=231123841532052&ev=PageView&dl=https%3A%2F%2Fappointment-4.easymoney.university%2F&rl=&if=false&ts=1716131648549&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1716131648173.1018593813&ler=empty&cdl=API_unavailable&it=1716131647943&coo=false&rqm=GET
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=23, mss=1232, tbw=4732, tp=13, tpl=0, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 19 May 2024 15:14:08 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
websiteTriggerIframe
wg216.infusionsoft.app/app/webTracking/ Frame 571E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://wg216.infusionsoft.app/app/webTracking/websiteTriggerIframe
Requested by
Host: wg216.infusionsoft.app
URL: https://wg216.infusionsoft.app/app/webTracking/getTrackingCode
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9620 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://appointment-4.easymoney.university/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
886508f4bf6918db-FRA
content-encoding
gzip
content-language
de-DE
content-type
text/html;charset=UTF-8
date
Sun, 19 May 2024 15:14:08 GMT
expires
Sun, 19 May 2024 15:14:08 GMT
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-xss-protection
1; mode=block
utils.min.js
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.1.0/js/ 		244 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.1.0/js/utils.min.js
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/js/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a56fd92e67b23c9d6219ff1ab6be27ead9b9e4e091717c7d3080905186d6785e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 15:14:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
96126
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
45979
last-modified
Mon, 10 Apr 2023 11:04:18 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6433ed32-b39b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6eQPpKOVEf7%2BXJS9h1HPoCzqLTxHiuVly8uzGX5BRj6oixxR9Tdn6EXVr2dQuZNNeL2QwI39GLx9%2BcKjt6pWc%2Fp8ttz5xi34wb4Wv%2FyAnsQzKJ%2BKbFK3GKe5x%2B5F8mkY8m6hhLk2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
886508f48a43a022-FRA
expires
Fri, 09 May 2025 15:14:08 GMT
roundtrip.js
s.adroll.com/j/ 		86 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: appointment-4.easymoney.university
URL: https://appointment-4.easymoney.university/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:fa00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
be16734dd292f8bb65d676f465a1d9fd9f1277639dbbe1f385ee497cecb3dfc6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

X-Amz-Version-Id
tAH8QfeWCC6mM_QqALBKV_kUUTJMrdJx
Content-Encoding
gzip
Via
1.1 ca6609f4a83e693c532f54c00146f5f8.cloudfront.net (CloudFront)
Date
Sun, 19 May 2024 14:34:15 GMT
Age
2394
X-Amz-Cf-Pop
PRG50-C1
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 13 May 2024 18:54:40 GMT
Server
AmazonS3
Etag
W/"6bf130343fec9feb27ac853d74d9e708"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
600
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
OemQyOczyZkb-PPbf-SgLPZW4te4Kkh2BK9w7Hg1HoOYT9ONLrawVA==
index.js
s.adroll.com/j/pre/
Redirect Chain
  • https://s.adroll.com/j/pre/ZHX2BKGUNNEXDMYFVSC25O/DUXXGFEGF5B2NDSTQSAHWA/fpconsent.js
  • https://s.adroll.com/j/pre/index.js
0
756 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/index.js
Protocol
HTTP/1.1
Server
2600:9000:2127:fa00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://appointment-4.easymoney.university/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

X-Amz-Version-Id
nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date
Sat, 18 May 2024 23:20:08 GMT
Via
1.1 ca6609f4a83e693c532f54c00146f5f8.cloudfront.net (CloudFront)
Age
57923
X-Amz-Cf-Pop
PRG50-C1
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Wed, 15 Jan 2020 23:54:18 GMT
Server
AmazonS3
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
kSfcoL0eVWcG01eW4nn3pxFxtpkwIZXQCMUpqu1gAZb76wjj83gD0w==

Redirect headers

Date
Sat, 18 May 2024 18:07:11 GMT
Via
1.1 ca6609f4a83e693c532f54c00146f5f8.cloudfront.net (CloudFront)
Age
76016
X-Amz-Cf-Pop
PRG50-C1
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Server
AmazonS3
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Location
https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
SCXhFMhNxujnijcx2C4eWgs8YthZLa7R6kS-Xqa1z3quOG1IrETC4w==
index.js
s.adroll.com/j/pre/ZHX2BKGUNNEXDMYFVSC25O/DUXXGFEGF5B2NDSTQSAHWA/ 		0
809 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/ZHX2BKGUNNEXDMYFVSC25O/DUXXGFEGF5B2NDSTQSAHWA/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:fa00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

X-Amz-Version-Id
6prLRfYpf1eSWq98lxX5U5AadhWWVxL0
Date
Sun, 19 May 2024 14:22:11 GMT
Via
1.1 ca6609f4a83e693c532f54c00146f5f8.cloudfront.net (CloudFront)
Age
3118
X-Amz-Cf-Pop
PRG50-C1
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Fri, 17 May 2024 12:18:50 GMT
Server
AmazonS3
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
YGmxv9JSbBthZllSWPZfuHqsCz9m2st6v5K4cm6mLKJvbOiDzri_RA==
spacer.gif
wg216.infusionsoft.app/slices/
Redirect Chain
  • https://wg216.infusionsoft.app/app/webTracking/contact/1716131648008?contactId=0&screenResolution=1600x1200&plugins=&javaEnabled=false&domain=appointment-4.easymoney.university&location=https://app...
  • https://wg216.infusionsoft.app/slices/spacer.gif
43 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wg216.infusionsoft.app/slices/spacer.gif
Protocol
H2
Server
2606:4700:4400::6812:25e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://localhost:10239 http://local.infusiontest.com:10239 https://local.infusiontest.com:10239 https://app.intg.infusiontest.com https://app.stge.infusiontest.com https://app.infusionsoft.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://appointment-4.easymoney.university/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Sun, 19 May 2024 15:14:09 GMT
content-security-policy
frame-ancestors 'self' http://localhost:10239 http://local.infusiontest.com:10239 https://local.infusiontest.com:10239 https://app.intg.infusiontest.com https://app.stge.infusiontest.com https://app.infusionsoft.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
content-encoding
gzip
age
5772849
via
1.1 google
x-xss-protection
1; mode=block
last-modified
Sat, 09 Mar 2024 17:01:06 GMT
server
cloudflare
etag
W/"43-1710003666749"
vary
accept-encoding
content-type
image/gif;charset=UTF-8
cache-control
public, max-age=25781151
cf-ray
886508f77c849bee-FRA
expires
Fri, 14 Mar 2025 00:40:00 GMT

Redirect headers

pragma
no-cache, no-cache
date
Sun, 19 May 2024 15:14:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
server
cloudflare
via
1.1 google
vary
accept-encoding
location
/slices/spacer.gif
cache-control
no-cache, no-store, no-cache, no-store
cf-ray
886508f62aad9bee-FRA
x-xss-protection
1; mode=block
expires
Sun, 19 May 2024 15:14:09 GMT, -1
ZHX2BKGUNNEXDMYFVSC25O
d.adroll.com/consent/check/ 		500 B
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/ZHX2BKGUNNEXDMYFVSC25O?pv=1173676132.1707644&arrfrr=https%3A%2F%2Fappointment-4.easymoney.university%2F&_s=114bea214263c69584a77cdac75b1fc7&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe04:99ec:1363:e4b8:9afa Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
eb6e74b9d7c4c6eb4f75454a67aa45006cec1a2f1d3841124d9458a828ff75ab

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 15:14:09 GMT
server
nginx/1.22.1
content-length
500
content-type
application/javascript
favicon.ico
appointment-4.easymoney.university/ 		39 B
216 B 		Other
General
Check archive.org
Download Go to
Full URL
https://appointment-4.easymoney.university/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
91218093a08027e8f69c8051f9deef1fe6c22b278b3f6bdf761e7587cb272774
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 15:14:09 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::9zg2q-1716131649273-349038e8198f
content-type
text/plain; charset=utf-8
cache-control
public, max-age=0, must-revalidate
content-length
39
x-vercel-error
NOT_FOUND
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-QMG3LJL3FD&gtm=45je45f0v885993370za200&_p=1716131647595&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1965916747.1716131648&ecid=1558399805&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=AEAI&_s=2&sid=1716131647&sct=1&seg=0&dl=https%3A%2F%2Fappointment-4.easymoney.university%2F&dt=Quantum%20Growth%E2%84%A2%20By%20Easymoney%20University&en=scroll&epn.percent_scrolled=90&_et=9&tfd=5858
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QMG3LJL3FD&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://appointment-4.easymoney.university/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 19 May 2024 15:14:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://appointment-4.easymoney.university
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.gstatic.com
URL
https://www.gstatic.com/firebasejs/firebase/init.js

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| find_onejs undefined| onejs_bid undefined| onejs_bid_e undefined| onejs_email undefined| onejs_name undefined| onejs_sso_key undefined| onejs_sso_rt undefined| onejs_async function| ir object| invite_referrals function| invtrfl_mainAction function| messageListener function| _ir_get_url_param function| Firebase function| $ function| jQuery object| dataLayer string| _kkajaxurl object| convert_temp object| loglyjson object| convertData object| matched function| REED_$ object| REED object| convert object| _conv_q function| getParameter boolean| utm_source boolean| utm_medium boolean| utm_campaign boolean| utm_term boolean| utm_content undefined| confirmation function| waitForFBQ function| triggerEventScripts object| firebase object| google_tag_manager object| google_tag_data function| _googWcmImpl string| _googWcmAk function| fbq function| _fbq string| adroll_adv_id string| adroll_pix_id object| previousURL string| currentURL string| GoogleAnalyticsObject function| ga function| saveLead object| wrWidgetSettings function| loadWR function| jspbGetTypeName function| _googWccDebug function| _googCallTrackingImpl function| _gaPhoneImpl function| setImmediate function| clearImmediate object| gaplugins object| gaGlobal object| gaData string| google_wcc_status function| onYouTubeIframeAPIReady function| _wr object| intlTelInputGlobals function| intlTelInput object| MicroModal function| simplyCountdown function| _kk_email_validation_api function| _kk_phone_validation_api function| kkSetAWValues function| kkGetAWValues object| iti object| json1 boolean| __adroll_loaded object| intlTelInputUtils string| adroll_sid object| adroll object| __adroll boolean| adroll_optout object| adroll_loaded object| adroll_ext_network object| adroll_callbacks function| adroll_tpc_callback object| __adroll_consent_data object| adroll_exp_list boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country

10 Cookies

Domain/Path Name / Value
.easymoney.university/ Name: _gcl_au
Value: 1.1.2101505521.1716131648
.easymoney.university/ Name: _gid
Value: GA1.2.481939786.1716131648
.easymoney.university/ Name: _dc_gtm_UA-51795207-1
Value: 1
.easymoney.university/ Name: _ga
Value: GA1.1.1965916747.1716131648
.easymoney.university/ Name: wickedfu_null
Value: %7B%22url%22%3A%22https%3A%2F%2Fappointment-4.easymoney.university%2F%3Futm_source%3DDirect%26utm_medium%3DDirect%26utm_campaign%3DDirect%26utm_content%3Dappointment-4.easymoney.university%26utm_term%3DOrganic%2520traffic%22%2C%22referrer%22%3A%22%22%2C%22time%22%3A1716131647995%2C%22c%22%3A3178%7D
.easymoney.university/ Name: _ga_QMG3LJL3FD
Value: GS1.1.1716131647.1.0.1716131648.59.0.1558399805
.easymoney.university/ Name: _fbp
Value: fb.1.1716131648173.1018593813
wg216.infusionsoft.app/ Name: InfusionsoftTrackingCookie
Value: 8379cc65db8542d84c0eb05670b94365
.infusionsoft.app/ Name: cf_clearance
Value: CQ_4J7gSwXa9aFNUgMKwupZ8XBnjMI5uFlpmAVQXxS8-1716131649-1.0.1.1-1I.w.b8fG9MTJlQYbmUqVkdRe0vj459K5C302oBR.aYfDXlCDg4u3pHsGWmohe8GCTGOuovakWzijMUms1RntQ
.infusionsoft.app/ Name: __cf_bm
Value: wEcuoUMLrsxAsWOCOavZtUK5D3KQw8nFx7FJRU0NoK8-1716131649-1.0.1.1-tlQuS9t5R3A_C0cyM_OC.So._jTvj6KL9x0hW3BusDpzlvcOtBeKIVood8E9UV7ynVth__jJ8q8xKXgOsz2o5waZl2iek8GB3VRbrUgNyYg

13 Console Messages

Source Level URL
Text
other warning URL: https://appointment-4.easymoney.university/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/1579306589005240?v=2.9.156&r=stable&domain=appointment-4.easymoney.university&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 107)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://appointment-4.easymoney.university/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://appointment-4.easymoney.university/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://appointment-4.easymoney.university/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://appointment-4.easymoney.university/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://appointment-4.easymoney.university/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://appointment-4.easymoney.university/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://appointment-4.easymoney.university/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://appointment-4.easymoney.university/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://appointment-4.easymoney.university/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://appointment-4.easymoney.university/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://appointment-4.easymoney.university/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
appointment-4.easymoney.university
cdn.firebase.com
cdn.invitereferrals.com
cdn.useproof.com
cdnjs.cloudflare.com
connect.facebook.net
d.adroll.com
pro.ip-api.com
region1.analytics.google.com
s.adroll.com
stats.g.doubleclick.net
track.wickedreports.com
wg216.infusionsoft.app
widget.wickedreports.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.ref-r.com
www.gstatic.com
104.17.25.14
142.250.185.195
142.250.185.99
151.101.65.195
157.240.252.13
157.240.252.35
172.217.16.130
2001:4860:4802:32::36
216.58.206.68
2600:9000:2127:fa00:6:9280:1080:93a1
2606:4700:3035::6815:2f0c
2606:4700:4400::6812:25e0
2606:4700:4400::ac40:9620
2a00:1450:4001:803::200e
2a00:1450:4001:806::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::200a
2a00:1450:400c:c1d::9a
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a05:d018:cc3:fe04:99ec:1363:e4b8:9afa
51.77.64.70
52.66.164.63
54.91.69.209
65.9.95.20
65.9.95.75
76.76.21.61
0906372ea7906d755eecf75411dd1ab5e3a69d95008e2b02186bc7bd9a6a67c7
1525cff0bcb6e3b5d91a565a02ff8240ee50d7f5b545ff44532d768cbf720d77
2515e5fdb3d5f9735a581c54987fbc77cae991cac23fd33dccfebd96ef254c0d
303744ae0aa915d32d38f2129ef56b6020eace38b8a0a762649afb74e58043a0
3b420f497756f580773dbb836f79074631405547737b31928a2f3cd5e99322bf
3dc55e9f470855699d137359118ca0972c76f10b17bc8c5e8517aabae3e95d3c
4f8cfe025cb03c6331c634495fa41a4212dbf6bfb5c9f0ebd477e55763054093
518b731b6199f76c37019787532becd97b039fac1c702f0796cee256b95755f2
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
58883c1f8ab1c5177718e3a0508b29ec7fcb8770e5f56a0edae4c926bbcaa66d
670f77f11cb4c747f5de1affa5b53687cf7a20d1eaf99b0ef5c9c60858aefa55
6a7d5bde69d555a36cc2e66135d64442a3ec856c1c9df86d34cd5fa584576ac4
6c6489a7d04f10c1a0342b15616350774cb7fbe16e98341d13bde9ff539b7c51
6d8f8fd6de0b42e3acc7b2f3005c599e9f54d21355c3d6850a5c13daca10d5ad
701c032f55cf15a19ce1717fedef3e650f4543befae30a66db90126c4c628d24
74b5b35acca1bdd37e99a04a4f72c825dae8b7b4be065a954e579f6cbda07e9c
76c5e19f89d51fc05082067e0fd9defd65752e956f3964f34de5fb332db9fe43
7e31276ecfb52757e57a50e081d8c52996c6ced52fd12930aba44cab63e53c87
837fb8764fd71f56e4ccb955b50e90e2535dbdb13e9e6f5b47793848877199d6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8bafaf07665d398a466f3b7342c77ef57c6dcdbed05518af60deea9f11d3b595
8bfee8581a3b0759d02bf1019dd9a0abf9b0213b70675024de2c455cd4f8bfc3
8ce2e84d8aa5dc77df08c5271fe191296f2a4bc2a5f70a123187b15c2899a527
91218093a08027e8f69c8051f9deef1fe6c22b278b3f6bdf761e7587cb272774
96cc37839892792e51854b3904b065214ebfbadc1c303871049a050f1456e3d9
96deccf3b51c408b123f6724f0d870e7513c439c13f0bb7c7ba8d6fe53d75d58
97f03aa7de4112351586ed0089fbd8d2c1b14f3031346b70c130d07b488b0e8b
a5288de9390e9035586fcc1a84491a94900d4f22aae36574894a368402a7939b
a56fd92e67b23c9d6219ff1ab6be27ead9b9e4e091717c7d3080905186d6785e
a763cce5aab1fcc80de8437a79eb495e5f0587375e0da4bbb45ae045f5cabf7c
af97ab97040d7732a1a2b5ec0f859db3c28689ee7f0226592347e0880e48d718
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
bdcbbb6e1e84a38978f5691266c5b8ea945419991ea1cc71c0fdf4b894509620
be16734dd292f8bb65d676f465a1d9fd9f1277639dbbe1f385ee497cecb3dfc6
ca7650e7accfcb194a9469d12a4c605f90e1cc2da92e0da7d06dbc499f1d0088
ce3d14f19a99ef80b53d9008c311c2fbd52bc77a47ea616a3a637bbf6ca89c93
d045f7af46c53a9232c68b34a0bf60f7e87bc6fe9ad71d3424f55249383edad2
d111ac6b1f2009b66bbf360f01d5c313d01ea60534f933b5ff2d6b61c35ca21f
d22d4f2250deeb2d80f1587d7d81d85e17d412bbcd98315e18fd9e35dc021c3b
d2eee287f403b8acc340f7e6e6f3ac8a27cb8e73b52ad7d5d13dcb87da133205
d93a02f121b4892260c31a03d2ea6bc63b4c82cadd7ebb3d7c179577188b81e1
da637dbf3093a2b6c83aac24c1abdfe49f88231c16cf43c8b3345603c3ae1667
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e202f15046d7d182ac1161f33714a58374ad19ddec9b8978f78dde008371eb1c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6afd4fed5a209864850fefa27bec3d60763f20da608ad46b0c48ee095939d61
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
eb6e74b9d7c4c6eb4f75454a67aa45006cec1a2f1d3841124d9458a828ff75ab
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4262c314ab8d286a5acf4040a6bd21e7d7d98cdb9dc1a5799b011b8ba68530c
fb98387940ae14afcfe6310255c5887dd866f7677172bddc7a7aa74aa485266f