qav2.petersons.com Open in urlscan Pro
184.72.253.96 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://test-embedded-api.petersonssurveys.com/
Effective URL:
https://qav2.petersons.com/
Submission: On October 21 via api (October 21st 2022, 12:17:45 pm UTC) from US — Scanned from US

Summary HTTP 60 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 12 domains to perform 60 HTTP transactions. The main IP is 184.72.253.96, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is qav2.petersons.com.
TLS certificate: Issued by Amazon on July 18th 2022. Valid for: a year.

This is the only time qav2.petersons.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.206.186.158 52.206.186.158	14618 (AMAZON-AES) (AMAZON-AES)
32	184.72.253.96 184.72.253.96	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:200... 2600:9000:2009:d000:4:d54d:1f40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:81d::2008	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.85.151.61 52.85.151.61	16509 (AMAZON-02) (AMAZON-02)
1	54.197.20.93 54.197.20.93	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4006:81d::200e	15169 (GOOGLE) (GOOGLE)
1	99.84.191.41 99.84.191.41	16509 (AMAZON-02) (AMAZON-02)
2	99.84.191.45 99.84.191.45	16509 (AMAZON-02) (AMAZON-02)
1	13.32.208.120 13.32.208.120	16509 (AMAZON-02) (AMAZON-02)
1	51.222.11.30 51.222.11.30	16276 (OVH) (OVH)
2	2620:1ec:40::40 2620:1ec:40::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	54.229.245.170 54.229.245.170	16509 (AMAZON-02) (AMAZON-02)
1	13.32.208.2 13.32.208.2	16509 (AMAZON-02) (AMAZON-02)
1	54.246.176.35 54.246.176.35	16509 (AMAZON-02) (AMAZON-02)
1	99.84.191.109 99.84.191.109	16509 (AMAZON-02) (AMAZON-02)
1	35.171.123.11 35.171.123.11	14618 (AMAZON-AES) (AMAZON-AES)
3	20.75.32.255 20.75.32.255	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.110.81.91 20.110.81.91	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	138.199.40.58 138.199.40.58	60068 (CDN77 ^_^) (CDN77 ^_^)
1	52.85.151.8 52.85.151.8	16509 (AMAZON-02) (AMAZON-02)
60	22

1 52.206.186.158 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-186-158.compute-1.amazonaws.com

test-embedded-api.petersonssurveys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 184.72.253.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-72-253-96.compute-1.amazonaws.com

qav2.petersons.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2009:d000:4:d54d:1f40:93a1 (United States)

ASN16509 (AMAZON-02, US)

dist.petersons.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.151.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-151-61.iad89.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.197.20.93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-20-93.compute-1.amazonaws.com

sentry-2.petersons.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.191.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-191-41.iad89.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.191.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-191-45.iad89.r.cloudfront.net

www.youvisit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.208.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-208-120.iad66.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.222.11.30 (Canada)

ASN16276 (OVH, FR)
PTR: ns5004195.ip-51-222-11.net

servedbyadbutler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:40::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.245.170 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-245-170.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.208.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-208-2.iad66.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.246.176.35 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-176-35.eu-west-1.compute.amazonaws.com

ws7.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.191.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-191-109.iad89.r.cloudfront.net

trck.youvisit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.171.123.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-123-11.compute-1.amazonaws.com

sp.youvisit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.75.32.255 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

b.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.81.91 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.199.40.58 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-40-58.datapacket.com

a.opmnstr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.151.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-151-8.iad89.r.cloudfront.net

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	petersons.com qav2.petersons.com dist.petersons.com — Cisco Umbrella Rank: 625815 sentry-2.petersons.com — Cisco Umbrella Rank: 751294	1 MB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 565 b.clarity.ms — Cisco Umbrella Rank: 5269 c.clarity.ms — Cisco Umbrella Rank: 1062	26 KB
5	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 619 script.hotjar.com — Cisco Umbrella Rank: 789 vars.hotjar.com — Cisco Umbrella Rank: 916 in.hotjar.com — Cisco Umbrella Rank: 1656 ws7.hotjar.com — Cisco Umbrella Rank: 59669	70 KB
4	youvisit.com www.youvisit.com — Cisco Umbrella Rank: 16518 trck.youvisit.com — Cisco Umbrella Rank: 17714 sp.youvisit.com — Cisco Umbrella Rank: 17785	171 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 379 c.bing.com — Cisco Umbrella Rank: 236	14 KB
2	omappapi.com a.omappapi.com — Cisco Umbrella Rank: 4628 api.omappapi.com — Cisco Umbrella Rank: 4818	4 KB
1	opmnstr.com a.opmnstr.com — Cisco Umbrella Rank: 18687	41 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2195	258 B
1	servedbyadbutler.com servedbyadbutler.com — Cisco Umbrella Rank: 15346	13 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	20 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	44 KB
1	petersonssurveys.com 1 redirects test-embedded-api.petersonssurveys.com	204 B
60	12

	Domain	Requested by
32	qav2.petersons.com	qav2.petersons.com
3	b.clarity.ms	qav2.petersons.com
3	bat.bing.com	qav2.petersons.com bat.bing.com
2	c.clarity.ms	1 redirects
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	www.youvisit.com	www.googletagmanager.com www.youvisit.com
2	dist.petersons.com	qav2.petersons.com
1	api.omappapi.com	qav2.petersons.com
1	a.omappapi.com	a.opmnstr.com
1	a.opmnstr.com	www.googletagmanager.com
1	c.bing.com	1 redirects
1	sp.youvisit.com	qav2.petersons.com
1	trck.youvisit.com	qav2.petersons.com
1	ws7.hotjar.com	qav2.petersons.com
1	vc.hotjar.io	qav2.petersons.com
1	in.hotjar.com	qav2.petersons.com
1	servedbyadbutler.com	www.googletagmanager.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	www.google-analytics.com	qav2.petersons.com
1	sentry-2.petersons.com	qav2.petersons.com
1	static.hotjar.com	qav2.petersons.com
1	www.googletagmanager.com	qav2.petersons.com
1	test-embedded-api.petersonssurveys.com	1 redirects
60	24

This site contains links to these domains. Also see Links.

Domain
www.google.com
www.microsoft.com
www.mozilla.org
apps.apple.com
play.google.com
twitter.com
www.facebook.com
www.youtube.com
support.petersons.com

Subject Issuer	Validity	Valid
petersons.com Amazon	`2022-07-18` - `2023-08-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
www.youvisit.com Amazon	`2022-06-24` - `2023-07-23`	a year	crt.sh
servedbyadbutler.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-18` - `2023-01-11`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
*.hotjar.io Amazon	`2022-07-18` - `2023-08-16`	a year	crt.sh
trck.youvisit.com Amazon	`2022-06-09` - `2023-07-08`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
a.opmnstr.com R3	`2022-10-18` - `2023-01-16`	3 months	crt.sh
a.omappapi.com R3	`2022-10-18` - `2023-01-16`	3 months	crt.sh
api.opmnstr.com Amazon	`2022-02-09` - `2023-03-10`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://qav2.petersons.com/
Frame ID: 0EF98C56953EC9359201661FAC7149D4
Requests: 62 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-c1417f7b48595d0dbca01c86f95d6dbb.html
Frame ID: 23E4358EBAB8AB66C57C0EDB9032DF88
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Test Prep | College Finder | Scholarship Search

Page URL History Show full URLs

http://test-embedded-api.petersonssurveys.com/ HTTP 302
https://qav2.petersons.com/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

60
Requests

98 %
HTTPS

23 %
IPv6

12
Domains

24
Subdomains

22
IPs

3
Countries

1756 kB
Transfer

3925 kB
Size

31
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/chrome
Title: Chrome

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/edge
Title: Edge

Search URL Search Domain Scan URL

URL: https://www.mozilla.org/en-US/firefox/new/
Title: Firefox

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/petersons-test-prep/id1547771930

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.petersons.testprep

Search URL Search Domain Scan URL

URL: https://twitter.com/Petersons

Search URL Search Domain Scan URL

URL: https://www.facebook.com/petersons?ref=bookmarks

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC7nEhBBUJjeArRQUIQc8Dkg

Search URL Search Domain Scan URL

URL: https://support.petersons.com/hc/en-us
Title: Help Center

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://test-embedded-api.petersonssurveys.com/ HTTP 302
https://qav2.petersons.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=59F1CCE042CE460D913C44718BA35C78&RedC=c.clarity.ms&MXFR=028FA96B9744692A0E09BB2F93446727 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=59F1CCE042CE460D913C44718BA35C78&MUID=1203AF6EAB48650B3A01BD2AAA61644B

60 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
qav2.petersons.com/
Redirect Chain

http://test-embedded-api.petersonssurveys.com/
https://qav2.petersons.com/

19 KB
12 KB

403ms
311ms

Document
text/html

184.72.253.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://qav2.petersons.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

184.72.253.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-184-72-253-96.compute-1.amazonaws.com

Software

nginx/1.23.2 / PHP/8.1.11

Resource Hash

eecfc8edacd70e4e53f10d787886827b3406c6d750ba7544033294ca94832ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 21 Oct 2022 12:17:33 GMT
server: nginx/1.23.2
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.11
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 110
Content-Type: text/html
Date: Fri, 21 Oct 2022 12:17:32 GMT
Location: https://qav2.petersons.com:443/
Server: awselb/2.0

GET
H2 200 main.css
qav2.petersons.com/new/css/ 44 KB
7 KB 15ms
13ms Stylesheet
text/css 184.72.253.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://qav2.petersons.com/new/css/main.css?id=972d7e2158c992c0581c4e891437eb4a
Requested by: Host: qav2.petersons.com
URL: https://qav2.petersons.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.253.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-253-96.compute-1.amazonaws.com
Software: nginx/1.23.2 /
Resource Hash: 2fb865529187bc55ffd4e6b4a28cbd61710453eba6a47c216207b254bc3dad33

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Fri, 21 Oct 2022 12:17:33 GMT
content-encoding: gzip
last-modified: Thu, 20 Oct 2022 13:54:58 GMT
server: nginx/1.23.2
etag: W/"63515332-b0aa"
content-type: text/css
cache-control: max-age=2592000, public
expires: Sun, 20 Nov 2022 12:17:33 GMT

GET
H2 200 app.js Show response
qav2.petersons.com/new/ 281 KB
91 KB 17ms
16ms Script
application/javascript 184.72.253.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://qav2.petersons.com/new/app.js?id=bb5fecda7da32c2e2e2d5d4b04740cf5
Requested by: Host: qav2.petersons.com
URL: https://qav2.petersons.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.253.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-253-96.compute-1.amazonaws.com
Software: nginx/1.23.2 /
Resource Hash: e0f1cfc3412ba914ba232831dfbb6001cf27031b4da0bc6520d31875f2e252ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Fri, 21 Oct 2022 12:17:33 GMT
content-encoding: gzip
last-modified: Thu, 20 Oct 2022 13:54:58 GMT
server: nginx/1.23.2
etag: W/"63515332-46394"
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
expires: Sun, 20 Nov 2022 12:17:33 GMT

GET
H2 200 jquery-old.js Show response
qav2.petersons.com/js/ 171 KB
52 KB 75ms
22ms Script
application/javascript 184.72.253.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://qav2.petersons.com/js/jquery-old.js?id=c92ccab9e1322ad35536c612f3dc4bdd
Requested by: Host: qav2.petersons.com
URL: https://qav2.petersons.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.253.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-253-96.compute-1.amazonaws.com
Software: nginx/1.23.2 /
Resource Hash: d18bbdb17a8e6f18dbca87bad4b73182e70351fa65290ad9cd14beb1f8a4a5b1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Fri, 21 Oct 2022 12:17:33 GMT
content-encoding: gzip
last-modified: Thu, 20 Oct 2022 13:55:07 GMT
server: nginx/1.23.2
etag: W/"6351533b-2ac12"
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
expires: Sun, 20 Nov 2022 12:17:33 GMT

GET
H2 200 smartbanner.min.js Show response
dist.petersons.com/js/ 13 KB
4 KB 197ms
12ms Script
application/javascript 2600:9000:2009:d000:4:d54d:1f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dist.petersons.com/js/smartbanner.min.js
Requested by: Host: qav2.petersons.com
URL: https://qav2.petersons.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2009:d000:4:d54d:1f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 682a17f0b5673976fc1af4c8c54b0941bb4b8f7c46745f56a33f8cc7ada4a2cc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 21:10:32 GMT
content-encoding: gzip
via: 1.1 5a45573ebecfd555d93af04bbbcf0556.cloudfront.net (CloudFront)
last-modified: Wed, 29 Sep 2021 13:38:39 GMT
server: AmazonS3
x-amz-cf-pop: IAD66-C2
age: 54422
etag: W/"aa5aa71f62c948ebfc0ebff1675a1c36"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 7UX0ZIuw0oPkAaYsa9HLcKTUjpO8TIAl7fDdsCe0JEmDsn_tNgTOhQ==

GET
H2 200 smartbanner.min.css
dist.petersons.com/css/ 3 KB
1 KB 193ms
11ms Stylesheet
text/css 2600:9000:2009:d000:4:d54d:1f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dist.petersons.com/css/smartbanner.min.css
Requested by: Host: qav2.petersons.com
URL: https://qav2.petersons.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2009:d000:4:d54d:1f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 111d5349381a9e8f6e2fb551a06de98feb7b7957ba1eff38443f9e696519683b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 05:56:25 GMT
content-encoding: gzip
via: 1.1 5a45573ebecfd555d93af04bbbcf0556.cloudfront.net (CloudFront)
last-modified: Wed, 29 Sep 2021 13:39:47 GMT
server: AmazonS3
x-amz-cf-pop: IAD66-C2
age: 22869
etag: W/"3eef0e2bb5662f5d01c4d4d2cca64768"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: Ne7DqYdyqI8LH723XfJKDoli8ldzMTNknPSn_f4qAo2Fc_1M478hZQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 111 KB
44 KB 198ms
46ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TCSNTCJ

Requested by

Host: qav2.petersons.com
URL: https://qav2.petersons.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b099801f9b531ea95d19a6753e36235483a393571c2e4f1619ac9b4adbcb637b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 12:17:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44399
x-xss-protection: 0
last-modified: Fri, 21 Oct 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Oct 2022 12:17:33 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 182ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: qav2.petersons.com
URL: https://qav2.petersons.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 21 Oct 2022 12:17:33 GMT
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 390FD1B45D41478384D0077568B5F180 Ref B: EWR30EDGE0107 Ref C: 2022-10-21T12:17:33Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11367

GET
H2 200 hotjar-2567602.js Show response
static.hotjar.com/c/ 4 KB
2 KB 264ms
113ms Script
application/javascript 52.85.151.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2567602.js?sv=6

Requested by

Host: qav2.petersons.com
URL: https://qav2.petersons.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.151.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-151-61.iad89.r.cloudfront.net

Software

Resource Hash

27191bc53c353c2b11395dfa1160fdd270e6858a5225b7d64b3080c1876457ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 12:17:33 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 97971aa6c140e2dfc8adaee6c929eedc.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C3
etag: W/b30701ca7386d997dd8a49886a1ec5c8
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 3-SOnBAOF1hmyWl4PxCrgICuqBaQBCoWKqFPd8pxqCJ3vei4Jz2zNA==

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9f56f717f81ea8b0e4774824cf735baae3c7e3dbef8dd96a4988a47b9d8ee76

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4f7cd0b793292ba2febff0cf7a179faab8c648894d369d48e44fa9f2b6d1065

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba16cb593c14b96da93c4559cc30d09dfdf6d9489f00ff17e239d155d2b94b6d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 NunitoSans-Regular.woff2
qav2.petersons.com/new/fonts/NunitoSans/ 37 KB
37 KB 64ms
32ms Font
font/woff2 184.72.253.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://qav2.petersons.com/new/fonts/NunitoSans/NunitoSans-Regular.woff2
Requested by: Host: qav2.petersons.com
URL: https://qav2.petersons.com/new/css/main.css?id=972d7e2158c992c0581c4e891437eb4a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.253.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-253-96.compute-1.amazonaws.com
Software: nginx/1.23.2 /
Resource Hash: 944c4327576aa31eb402daf00809b4718d71e85430b1cae2d5a8e9a436502a6f

Request headers

Referer: https://qav2.petersons.com/new/css/main.css?id=972d7e2158c992c0581c4e891437eb4a
Origin: https://qav2.petersons.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Fri, 21 Oct 2022 12:17:33 GMT
last-modified: Thu, 20 Oct 2022 13:54:58 GMT
server: nginx/1.23.2
etag: "63515332-9268"
content-type: font/woff2
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 37480
expires: Sun, 20 Nov 2022 12:17:33 GMT

POST
H2 200 / Show response
sentry-2.petersons.com/api/26/envelope/ 2 B
195 B 520ms
0ms Fetch
application/json 54.197.20.93
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sentry-2.petersons.com/api/26/envelope/?sentry_key=907e48d4796149fc889a3e95f9a6b863&sentry_version=7
Requested by: Host: qav2.petersons.com
URL: https://qav2.petersons.com/new/app.js?id=bb5fecda7da32c2e2e2d5d4b04740cf5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.197.20.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-20-93.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://qav2.petersons.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://qav2.petersons.com
date: Fri, 21 Oct 2022 12:17:34 GMT
access-control-expose-headers: x-sentry-rate-limits, x-sentry-error, retry-after
server: nginx
content-length: 2
vary: Origin
content-type: application/json

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 449ms
0ms Script
text/javascript 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: qav2.petersons.com
URL: https://qav2.petersons.com/new/app.js?id=bb5fecda7da32c2e2e2d5d4b04740cf5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 21 Oct 2022 10:34:58 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6156
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 21 Oct 2022 12:34:58 GMT

GET
H2 200 678.js Show response
qav2.petersons.com/new/ 105 KB
20 KB 95ms
0ms Script
application/javascript 184.72.253.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://qav2.petersons.com/new/678.js?id=2764343e81c72e4e
Requested by: Host: qav2.petersons.com
URL: https://qav2.petersons.com/new/app.js?id=bb5fecda7da32c2e2e2d5d4b04740cf5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.253.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-253-96.compute-1.amazonaws.com
Software: nginx/1.23.2 /
Resource Hash: 9c10470c9e7913b1bd8dd5e79333fe6f0b6faa49a77e24c5ab920a4c05d36ea4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Fri, 21 Oct 2022 12:17:33 GMT
content-encoding: gzip
last-modified: Thu, 20 Oct 2022 13:54:58 GMT
server: nginx/1.23.2
etag: W/"63515332-1a59f"
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
expires: Sun, 20 Nov 2022 12:17:33 GMT

GET
H2 200 2732.js Show response
qav2.petersons.com/new/ 13 KB
5 KB 87ms
0ms Script
application/javascript 184.72.253.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://qav2.petersons.com/new/2732.js?id=3a986b78834b9836
Requested by: Host: qav2.petersons.com
URL: https://qav2.petersons.com/new/app.js?id=bb5fecda7da32c2e2e2d5d4b04740cf5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.253.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-253-96.compute-1.amazonaws.com
Software: nginx/1.23.2 /
Resource Hash: 5a2b8bd8ad53e426f50cfa998b4b0294241819ae19d95e45da24ae7d56bd959a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Fri, 21 Oct 2022 12:17:33 GMT
content-encoding: gzip
last-modified: Thu, 20 Oct 2022 13:54:58 GMT
server: nginx/1.23.2
etag: W/"63515332-34f3"
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
expires: Sun, 20 Nov 2022 12:17:33 GMT

GET
H2 200 4121.js Show response
qav2.petersons.com/new/ 152 KB
37 KB 214ms
0ms Script
application/javascript 184.72.253.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://qav2.petersons.com/new/4121.js?id=51013997e4bafd83
Requested by: Host: qav2.petersons.com
URL: https://qav2.petersons.com/new/app.js?id=bb5fecda7da32c2e2e2d5d4b04740cf5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.253.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-253-96.compute-1.amazonaws.com
Software: nginx/1.23.2 /
Resource Hash: f18a81ab5007bd1023e83b8dd34464dd4dac65d7fd70da1ed5476b9a8f2a3cf0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Fri, 21 Oct 2022 12:17:33 GMT
content-encoding: gzip
last-modified: Thu, 20 Oct 2022 13:54:58 GMT
server: nginx/1.23.2
etag: W/"63515332-25f4b"
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
expires: Sun, 20 Nov 2022 12:17:33 GMT

GET
H2 200 4062.js Show response
qav2.petersons.com/new/ 73 KB
15 KB 237ms
12ms Script
application/javascript 184.72.253.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://qav2.petersons.com/new/4062.js?id=503779e72608be4b
Requested by: Host: qav2.petersons.com
URL: https://qav2.petersons.com/new/app.js?id=bb5fecda7da32c2e2e2d5d4b04740cf5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.253.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-253-96.compute-1.amazonaws.com
Software: nginx/1.23.2 /
Resource Hash: f029a154577b794a87359fc425ab2c08cf428c332bc9a2beb8e1b361d46e656b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Fri, 21 Oct 2022 12:17:33 GMT
content-encoding: gzip
last-modified: Thu, 20 Oct 2022 13:54:58 GMT
server: nginx/1.23.2
etag: W/"63515332-1229d"
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
expires: Sun, 20 Nov 2022 12:17:33 GMT

GET
H2 200 8504.js Show response
qav2.petersons.com/new/ 12 KB
5 KB 99ms
0ms Script
application/javascript 184.72.253.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://qav2.petersons.com/new/8504.js?id=d4630ec5bcfae8f2
Requested by: Host: qav2.petersons.com
URL: https://qav2.petersons.com/new/app.js?id=bb5fecda7da32c2e2e2d5d4b04740cf5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.253.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-253-96.compute-1.amazonaws.com
Software: nginx/1.23.2 /
Resource Hash: ba9d4f10c3cf8393ef33b97964ca54cc5cada688f35bd4bffd361a2527617e1a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Fri, 21 Oct 2022 12:17:33 GMT
content-encoding: gzip
last-modified: Thu, 20 Oct 2022 13:54:58 GMT
server: nginx/1.23.2
etag: W/"63515332-2e5c"
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
expires: Sun, 20 Nov 2022 12:17:33 GMT

GET
H2 200 56334870.js Show response
bat.bing.com/p/action/ 3 KB
2 KB 306ms
41ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56334870.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

628cd30897e87704e30f139d67eda19ac989047d0466162d7739a9fc481ec568

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 21 Oct 2022 12:17:33 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E1F68E841CFB4BEC8A0B1A6EE18C2E18 Ref B: EWR30EDGE0107 Ref C: 2022-10-21T12:17:34Z
x-powered-by: ARR/3.0
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 1423

GET
H2 204 0
bat.bing.com/action/ 0
176 B 259ms
0ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56334870&Ver=2&mid=dee9cde8-81bf-42a1-95a2-658d7bbb70cc&sid=57b84a40513a11eda534018c5fd34566&vid=57c305d0513a11edb90b1b04594fd2ae&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Test%20Prep%20%7C%20College%20Finder%20%7C%20Scholarship%20Search&p=https%3A%2F%2Fqav2.petersons.com%2F&r=&lt=1170&evt=pageLoad&sv=1&rn=981658

Requested by

Host: qav2.petersons.com
URL: https://qav2.petersons.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 21 Oct 2022 12:17:33 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6EF0ACB9AB654D2997E224374E2EA071 Ref B: EWR30EDGE0107 Ref C: 2022-10-21T12:17:34Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.5f63ca60a03298133ad8.js Show response
script.hotjar.com/ 254 KB
65 KB 413ms
0ms Script
application/javascript 99.84.191.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.5f63ca60a03298133ad8.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2567602.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.191.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-191-41.iad89.r.cloudfront.net

Software

Resource Hash

f433122da8de4f7e86aaa0422f1a1a782729938a6cf58632a1f591178b5b91f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 12:18:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 6c2e384f59feb64a0c739aee7f890066.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 259167
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 66045
last-modified: Tue, 18 Oct 2022 12:17:20 GMT
etag: "eb4f228026ced3bcaadde65163571860"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: exGAZdk2rb9zlDVKf4dh0iQP8F5uWt8PJJ1p3vYP77mk8nDpcEbUIw==

GET
H2 200 js2 Show response
www.youvisit.com/tour/Embed/ 14 KB
6 KB 468ms
30ms Script
application/javascript 99.84.191.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youvisit.com/tour/Embed/js2

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TCSNTCJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.191.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-191-45.iad89.r.cloudfront.net

Software

Resource Hash

f5fa6c6409a751031b33185f744a7c8545cd77927f380958973b838f889210b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 12:17:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
user-cache-control: max-age=1800
content-encoding: gzip
x-amz-cf-pop: IAD89-C2
via: 1.1 4f9e9e3e8a2a5cea2848aac8473267f2.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 5162
pragma: cache
referrer-policy: strict-origin-when-cross-origin
server
vary: X-Forwarded-Proto,Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800
x-amz-cf-id: iJxCxUoyh3xChD2Ycj_YZyvl4LNVdX1bX0W5z5Pd3fyYdW-Horg3Cg==
expires: Fri, 21 Oct 2022 12:47:34

GET
H2 200 box-c1417f7b48595d0dbca01c86f95d6dbb.html Show response
vars.hotjar.com/ Frame 23E4 2 KB
1 KB 373ms
0ms Document
text/html 13.32.208.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-c1417f7b48595d0dbca01c86f95d6dbb.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2567602.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.208.120 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-208-120.iad66.r.cloudfront.net

Software

Resource Hash

c0a4830af55fb7faabcbe34e804d186959aac83e6832495817e0e62122d2748f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://qav2.petersons.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 270328
cache-control: max-age=31536000
content-encoding: br
content-length: 1035
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 09:12:06 GMT
etag: "d2c298a660a1ee92f094a3d504e3e2e6"
last-modified: Tue, 18 Oct 2022 09:11:19 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 0c9c133650294ca2485db2f5e74b2d10.cloudfront.net (CloudFront)
x-amz-cf-id: q4xZyxZ4ArAOYYPTm7DUwFDIDZJKI3nVsuFaxxrkZvfhOouodb841A==
x-amz-cf-pop: IAD66-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 is-logged Show response
qav2.petersons.com/ 56 B
957 B 340ms
139ms XHR
application/json 184.72.253.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://qav2.petersons.com/is-logged

Requested by

Host: qav2.petersons.com
URL: https://qav2.petersons.com/new/app.js?id=bb5fecda7da32c2e2e2d5d4b04740cf5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

184.72.253.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-184-72-253-96.compute-1.amazonaws.com

Software

nginx/1.23.2 / PHP/8.1.11

Resource Hash

bceca204ef507572fc0db3b666b8288784372735b20b072ac387e052ff59d9c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://qav2.petersons.com/
X-XSRF-TOKEN: eyJpdiI6IldGNE03NHZnK1N5QkJRL2U5bHU5ekE9PSIsInZhbHVlIjoiVlJQTWxpRFFFOVV6T00rVUdzUGVuYzF3eDV5NlZ5QUJ2L3Bic3ZRMnFQbkZjSWlGRXczWkRHeFBCblJod3RLa0FEdWx2S0hENHl3UTFWMjFSVVg5ZTdvRGwvUTcwOHJ4MWs5aTJBbEphbzdzUUxtMEl1RGl4UmJFb0d0WjZRa0YiLCJtYWMiOiJkYThkN2E1YTRhMDI1NDAzNGM4YzIwZTBiMmE5M2Y4M2IwNDI0YzRhNjJiNzlhNGI1NDhmYjgxNmFhNDRjNzY0IiwidGFnIjoiIn0=
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 12:17:34 GMT
x-content-type-options: nosniff
server: nginx/1.23.2
x-powered-by: PHP/8.1.11
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 icons.svg
qav2.petersons.com/icons/ 21 KB
22 KB 168ms
0ms Other
image/svg+xml 184.72.253.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://qav2.petersons.com/icons/icons.svg
Requested by: Host: qav2.petersons.com
URL: https://qav2.petersons.com/new/app.js?id=bb5fecda7da32c2e2e2d5d4b04740cf5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.253.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-253-96.compute-1.amazonaws.com
Software: nginx/1.23.2 /
Resource Hash: 6ad8c185449c0991d6356002d130cb58dea749e2de52cf4a33dbce8d88182b75

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Fri, 21 Oct 2022 12:17:34 GMT
last-modified: Thu, 20 Oct 2022 13:54:58 GMT
server: nginx/1.23.2
etag: "63515332-55b6"
content-type: image/svg+xml
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 21942
expires: Sun, 20 Nov 2022 12:17:34 GMT

GET
H2 200 logo-pcom-compact.svg
qav2.petersons.com/new/images/ 449 B
686 B 282ms
100ms Image
image/svg+xml 184.72.253.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qav2.petersons.com/new/images/logo-pcom-compact.svg
Requested by: Host: qav2.petersons.com
URL: https://qav2.petersons.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.253.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-253-96.compute-1.amazonaws.com
Software: nginx/1.23.2 /
Resource Hash: 6fb2d6bc4a76e42b9631143801e247ee43dad31fccbdec03c6bb200263ae65b8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Fri, 21 Oct 2022 12:17:34 GMT
last-modified: Thu, 20 Oct 2022 13:55:13 GMT
server: nginx/1.23.2
etag: "63515341-1c1"
content-type: image/svg+xml
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 449
expires: Sun, 20 Nov 2022 12:17:34 GMT

GET
H2 200 logo-pcom.svg
qav2.petersons.com/new/images/ 4 KB
4 KB 280ms
99ms Image
image/svg+xml 184.72.253.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qav2.petersons.com/new/images/logo-pcom.svg
Requested by: Host: qav2.petersons.com
URL: https://qav2.petersons.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.253.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-253-96.compute-1.amazonaws.com
Software: nginx/1.23.2 /
Resource Hash: 442ce48e42f75348562fd8f795d5953007d5904d1368e804c07a10d14912a689

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Fri, 21 Oct 2022 12:17:34 GMT
last-modified: Thu, 20 Oct 2022 13:55:13 GMT
server: nginx/1.23.2
etag: "63515341-f2f"
content-type: image/svg+xml
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 3887
expires: Sun, 20 Nov 2022 12:17:34 GMT

GET
H2 200 Roboto-Medium.woff2
qav2.petersons.com/new/fonts/Roboto/ 65 KB
65 KB 176ms
0ms Font
font/woff2 184.72.253.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://qav2.petersons.com/new/fonts/Roboto/Roboto-Medium.woff2
Requested by: Host: qav2.petersons.com
URL: https://qav2.petersons.com/new/css/main.css?id=972d7e2158c992c0581c4e891437eb4a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.253.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-253-96.compute-1.amazonaws.com
Software: nginx/1.23.2 /
Resource Hash: 2571d35a7c5f55783fcc3445e285fd22a2f01c48acc93b98b9860547e43b6942

Request headers

Referer: https://qav2.petersons.com/new/css/main.css?id=972d7e2158c992c0581c4e891437eb4a
Origin: https://qav2.petersons.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Fri, 21 Oct 2022 12:17:34 GMT
last-modified: Thu, 20 Oct 2022 13:54:58 GMT
server: nginx/1.23.2
etag: "63515332-10494"
content-type: font/woff2
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 66708
expires: Sun, 20 Nov 2022 12:17:34 GMT

GET
H2 200 Roboto-Bold.woff2
qav2.petersons.com/new/fonts/Roboto/ 64 KB
65 KB 190ms
11ms Font
font/woff2 184.72.253.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://qav2.petersons.com/new/fonts/Roboto/Roboto-Bold.woff2
Requested by: Host: qav2.petersons.com
URL: https://qav2.petersons.com/new/css/main.css?id=972d7e2158c992c0581c4e891437eb4a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.253.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-253-96.compute-1.amazonaws.com
Software: nginx/1.23.2 /
Resource Hash: 195a79c3a4ad21e1b897dd21799f8432e4431a719b8cdc6931f92a6a7ab4c167

Request headers

Referer: https://qav2.petersons.com/new/css/main.css?id=972d7e2158c992c0581c4e891437eb4a
Origin: https://qav2.petersons.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Fri, 21 Oct 2022 12:17:34 GMT
last-modified: Thu, 20 Oct 2022 13:54:58 GMT
server: nginx/1.23.2
etag: "63515332-101d4"
content-type: font/woff2
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 66004
expires: Sun, 20 Nov 2022 12:17:34 GMT

GET
H2 200 logo-pcom-footer.svg
qav2.petersons.com/new/images/ 4 KB
4 KB 124ms
0ms Image
image/svg+xml 184.72.253.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qav2.petersons.com/new/images/logo-pcom-footer.svg
Requested by: Host: qav2.petersons.com
URL: https://qav2.petersons.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.253.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-253-96.compute-1.amazonaws.com
Software: nginx/1.23.2 /
Resource Hash: ee9e95c7f34f5b670049c78afceebf11aef309286732411582ebe54b0904a6d1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Fri, 21 Oct 2022 12:17:34 GMT
last-modified: Thu, 20 Oct 2022 13:55:13 GMT
server: nginx/1.23.2
etag: "63515341-ec0"
content-type: image/svg+xml
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 3776
expires: Sun, 20 Nov 2022 12:17:34 GMT

GET
H2 200 Roboto-Regular.woff2
qav2.petersons.com/new/fonts/Roboto/ 64 KB
65 KB 126ms
0ms Font
font/woff2 184.72.253.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://qav2.petersons.com/new/fonts/Roboto/Roboto-Regular.woff2
Requested by: Host: qav2.petersons.com
URL: https://qav2.petersons.com/new/css/main.css?id=972d7e2158c992c0581c4e891437eb4a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.253.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-253-96.compute-1.amazonaws.com
Software: nginx/1.23.2 /
Resource Hash: 56de0d03455d412c89d88c63da6037845d9d2e726e6fdc7adcd3e9aed0d2150a

Request headers

Referer: https://qav2.petersons.com/new/css/main.css?id=972d7e2158c992c0581c4e891437eb4a
Origin: https://qav2.petersons.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Fri, 21 Oct 2022 12:17:34 GMT
last-modified: Thu, 20 Oct 2022 13:54:58 GMT
server: nginx/1.23.2
etag: "63515332-100e4"
content-type: font/woff2
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 65764
expires: Sun, 20 Nov 2022 12:17:34 GMT

GET
H2 200 4652.js Show response
qav2.petersons.com/new/ 509 B
762 B 38ms
8ms Script
application/javascript 184.72.253.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://qav2.petersons.com/new/4652.js?id=1d4a920a140bdbbf
Requested by: Host: qav2.petersons.com
URL: https://qav2.petersons.com/new/app.js?id=bb5fecda7da32c2e2e2d5d4b04740cf5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.253.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-253-96.compute-1.amazonaws.com
Software: nginx/1.23.2 /
Resource Hash: 6edda1c4b8d37889b501784f6b30315629ecb1e1670e2a227f5048e0707a0fa5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Fri, 21 Oct 2022 12:17:34 GMT
last-modified: Thu, 20 Oct 2022 13:54:58 GMT
server: nginx/1.23.2
etag: "63515332-1fd"
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 509
expires: Sun, 20 Nov 2022 12:17:34 GMT

GET
H2 200 app-store.png
qav2.petersons.com/new/images/pages/home/ 1 KB
1 KB 64ms
15ms Image
image/png 184.72.253.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qav2.petersons.com/new/images/pages/home/app-store.png
Requested by: Host: qav2.petersons.com
URL: https://qav2.petersons.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.253.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-253-96.compute-1.amazonaws.com
Software: nginx/1.23.2 /
Resource Hash: 31ad3bef335b8e2c9745e8a465cbfcaf0d6529d666ae57a85b4c1095622907bc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Fri, 21 Oct 2022 12:17:35 GMT
last-modified: Thu, 20 Oct 2022 13:55:13 GMT
server: nginx/1.23.2
etag: "63515341-42d"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1069
expires: Sun, 20 Nov 2022 12:17:35 GMT

GET
H2 200 google-play.png
qav2.petersons.com/new/images/pages/home/ 1 KB
1 KB 53ms
6ms Image
image/png 184.72.253.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qav2.petersons.com/new/images/pages/home/google-play.png
Requested by: Host: qav2.petersons.com
URL: https://qav2.petersons.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.253.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-253-96.compute-1.amazonaws.com
Software: nginx/1.23.2 /
Resource Hash: e34dec86e6201b95fcf9271af6e447b0f59ab50676dbdd4b0f12bb850d46cebb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Fri, 21 Oct 2022 12:17:35 GMT
last-modified: Thu, 20 Oct 2022 13:55:13 GMT
server: nginx/1.23.2
etag: "63515341-4c0"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1216
expires: Sun, 20 Nov 2022 12:17:35 GMT

GET
H2 200 live-tutoring.png
qav2.petersons.com/new/images/pages/home/ 417 KB
418 KB 72ms
25ms Image
image/png 184.72.253.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qav2.petersons.com/new/images/pages/home/live-tutoring.png
Requested by: Host: qav2.petersons.com
URL: https://qav2.petersons.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.253.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-253-96.compute-1.amazonaws.com
Software: nginx/1.23.2 /
Resource Hash: fb4ec4f83fc52b4d20d4f5f75f0a7ef901f9d2216884cdd081e476f858e50fd4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Fri, 21 Oct 2022 12:17:35 GMT
last-modified: Thu, 20 Oct 2022 13:55:14 GMT
server: nginx/1.23.2
etag: "63515342-683c6"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 426950
expires: Sun, 20 Nov 2022 12:17:35 GMT

GET
H2 200 gale-logo.svg
qav2.petersons.com/new/images/trusted-by/ 5 KB
5 KB 65ms
18ms Image
image/svg+xml 184.72.253.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qav2.petersons.com/new/images/trusted-by/gale-logo.svg
Requested by: Host: qav2.petersons.com
URL: https://qav2.petersons.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.253.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-253-96.compute-1.amazonaws.com
Software: nginx/1.23.2 /
Resource Hash: 5b29973788ea86bd24620d80b9a7a896ad6fa2d5f5b00a73d22ab10600361681

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Fri, 21 Oct 2022 12:17:35 GMT
last-modified: Thu, 20 Oct 2022 13:55:13 GMT
server: nginx/1.23.2
etag: "63515341-133f"
content-type: image/svg+xml
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 4927
expires: Sun, 20 Nov 2022 12:17:35 GMT

GET
H2 200 military-com-logo.svg
qav2.petersons.com/new/images/trusted-by/ 2 KB
2 KB 123ms
78ms Image
image/svg+xml 184.72.253.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qav2.petersons.com/new/images/trusted-by/military-com-logo.svg
Requested by: Host: qav2.petersons.com
URL: https://qav2.petersons.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.253.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-253-96.compute-1.amazonaws.com
Software: nginx/1.23.2 /
Resource Hash: 77153f04a60a70c83534e99ee836c9eabb91a458455cb5ada178bc197c756aca

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Fri, 21 Oct 2022 12:17:35 GMT
last-modified: Thu, 20 Oct 2022 13:55:13 GMT
server: nginx/1.23.2
etag: "63515341-869"
content-type: image/svg+xml
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 2153
expires: Sun, 20 Nov 2022 12:17:35 GMT

GET
H2 200 kiplinger-logo.svg
qav2.petersons.com/new/images/trusted-by/ 1 KB
2 KB 136ms
91ms Image
image/svg+xml 184.72.253.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qav2.petersons.com/new/images/trusted-by/kiplinger-logo.svg
Requested by: Host: qav2.petersons.com
URL: https://qav2.petersons.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.253.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-253-96.compute-1.amazonaws.com
Software: nginx/1.23.2 /
Resource Hash: d7decfea7e19f5d2ea1c11751f349d774c73c4dda2d06ab1bd96357e482f0e3f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Fri, 21 Oct 2022 12:17:35 GMT
last-modified: Thu, 20 Oct 2022 13:55:13 GMT
server: nginx/1.23.2
etag: "63515341-5d2"
content-type: image/svg+xml
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1490
expires: Sun, 20 Nov 2022 12:17:35 GMT

GET
H2 200 money-logo.svg
qav2.petersons.com/new/images/trusted-by/ 1 KB
2 KB 121ms
76ms Image
image/svg+xml 184.72.253.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qav2.petersons.com/new/images/trusted-by/money-logo.svg
Requested by: Host: qav2.petersons.com
URL: https://qav2.petersons.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.253.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-253-96.compute-1.amazonaws.com
Software: nginx/1.23.2 /
Resource Hash: 377b65a1bb0ac033c05605e69b8f46874b2b43130d33b88457c085fcc66e8bd9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Fri, 21 Oct 2022 12:17:35 GMT
last-modified: Thu, 20 Oct 2022 13:55:13 GMT
server: nginx/1.23.2
etag: "63515341-567"
content-type: image/svg+xml
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1383
expires: Sun, 20 Nov 2022 12:17:35 GMT

GET
H2 200 prometric-logo.svg
qav2.petersons.com/new/images/trusted-by/ 10 KB
11 KB 119ms
75ms Image
image/svg+xml 184.72.253.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qav2.petersons.com/new/images/trusted-by/prometric-logo.svg
Requested by: Host: qav2.petersons.com
URL: https://qav2.petersons.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.253.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-253-96.compute-1.amazonaws.com
Software: nginx/1.23.2 /
Resource Hash: bfa90ec276209552504e129dcd9d3c4c25d80afd4d0a77c9cf45b3aac24b87e0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Fri, 21 Oct 2022 12:17:35 GMT
last-modified: Thu, 20 Oct 2022 13:55:13 GMT
server: nginx/1.23.2
etag: "63515341-29ac"
content-type: image/svg+xml
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 10668
expires: Sun, 20 Nov 2022 12:17:35 GMT

GET
H2 206 flashcard.mp4
qav2.petersons.com/new/images/pages/home/ 337 KB
338 KB 20ms
19ms Media
video/mp4 184.72.253.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://qav2.petersons.com/new/images/pages/home/flashcard.mp4

Requested by

Host: qav2.petersons.com
URL: https://qav2.petersons.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

184.72.253.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-184-72-253-96.compute-1.amazonaws.com

Software

nginx/1.23.2 /

Resource Hash

9a1f9b56a2f7ccba7facbf7f412a9ddb36c02de91577df95346e2954292d6183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://qav2.petersons.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 21 Oct 2022 12:17:35 GMT
x-content-type-options: nosniff
last-modified: Thu, 20 Oct 2022 13:54:58 GMT
server: nginx/1.23.2
etag: "63515332-545b4"
x-frame-options: SAMEORIGIN
content-type: video/mp4
Content-Range: bytes 0-345523/345524
Content-Length: 345524
x-xss-protection: 1; mode=block

GET
H2 200 app.js Show response
servedbyadbutler.com/ 66 KB
13 KB 151ms
27ms Script
application/javascript 51.222.11.30
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/app.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TCSNTCJ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.222.11.30 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5004195.ip-51-222-11.net
Software: nginx /
Resource Hash: 1d61bd9d966994b87624069418dc0a1ca58905d60e93ae058b68fb7faa428749

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 12:17:35 GMT
content-encoding: gzip
last-modified: Fri, 09 Sep 2022 15:49:41 GMT
server: nginx
etag: W/"631b6095-10987"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800
expires: Fri, 21 Oct 2022 12:47:35 GMT

GET
H2 200 56334870 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 172ms
20ms Script
application/x-javascript 2620:1ec:40::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/56334870
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/56334870.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:40::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: adfe01e109acf1f07eb78555269801d96f80094428e4278819e688b1bc2e49ce

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: application/x-javascript
date: Fri, 21 Oct 2022 12:17:35 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 04I1SYwAAAADhjAaqHqerTYaUjBy0LkabTU5aMjIxMDYwNjExMDQ1ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H2 200 hero-image.jpg
qav2.petersons.com/new/images/pages/home/ 42 KB
42 KB 126ms
0ms Image
image/jpeg 184.72.253.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qav2.petersons.com/new/images/pages/home/hero-image.jpg
Requested by: Host: qav2.petersons.com
URL: https://qav2.petersons.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.253.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-253-96.compute-1.amazonaws.com
Software: nginx/1.23.2 /
Resource Hash: 3b8c02394c11ae3f282c281a433dfc6e7045acd5ee0fc530a14a2f7140e1c3d1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Fri, 21 Oct 2022 12:17:36 GMT
last-modified: Thu, 20 Oct 2022 13:55:13 GMT
server: nginx/1.23.2
etag: "63515341-a715"
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 42773
expires: Sun, 20 Nov 2022 12:17:36 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2567602/ 148 B
322 B 332ms
110ms XHR
application/json 54.229.245.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2567602/visit-data?sv=6
Requested by: Host: qav2.petersons.com
URL: https://qav2.petersons.com/new/app.js?id=bb5fecda7da32c2e2e2d5d4b04740cf5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.245.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-245-170.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a9106f8201be70decee33d6db0ed15214e640fb5760a3ee0492dcfb6ca7b8ad0

Request headers

Referer: https://qav2.petersons.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 21 Oct 2022 12:17:36 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 204 2567602 Show response
vc.hotjar.io/sessions/ 0
258 B 252ms
78ms XHR
text/plain 13.32.208.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2567602?s=0.25&r=0.11038532638976695
Requested by: Host: qav2.petersons.com
URL: https://qav2.petersons.com/new/app.js?id=bb5fecda7da32c2e2e2d5d4b04740cf5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.208.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-208-2.iad66.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 12:17:36 GMT
via: 1.1 7d1fc9eade7f4375a556b826b0b10c60.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: IAD66-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: -TWny4gadSwQ47Rd2pi6gRJaUIZKYzsgUeVC84QNlWJw4KQ409phOQ==

GET
H2 206 hero-video.mp4
qav2.petersons.com/new/images/pages/home/ 64 KB
0 74ms
9ms Media
video/mp4 184.72.253.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://qav2.petersons.com/new/images/pages/home/hero-video.mp4

Requested by

Host: qav2.petersons.com
URL: https://qav2.petersons.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

184.72.253.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-184-72-253-96.compute-1.amazonaws.com

Software

nginx/1.23.2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://qav2.petersons.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 21 Oct 2022 12:17:36 GMT
x-content-type-options: nosniff
last-modified: Thu, 20 Oct 2022 13:54:58 GMT
server: nginx/1.23.2
etag: "63515332-fcb11"
x-frame-options: SAMEORIGIN
content-type: video/mp4
Content-Range: bytes 0-1035024/1035025
Content-Length: 1035025
x-xss-protection: 1; mode=block

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2/s/0.6.43/ 54 KB
23 KB 75ms
11ms Script
application/javascript 2620:1ec:40::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2/s/0.6.43/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/56334870
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:40::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 12:17:36 GMT
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
etag: "1d8e493fccc944c"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
x-azure-ref: 04I1SYwAAAADLdlDv2EZTR6tC1N+CdSiRTU5aMjIxMDYwNjExMDQ1ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 smartscript.js Show response
www.youvisit.com/SmartScript/latest/ 164 KB
165 KB 72ms
33ms Script
application/javascript 99.84.191.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.youvisit.com/SmartScript/latest/smartscript.js?v=2022.13.5
Requested by: Host: www.youvisit.com
URL: https://www.youvisit.com/tour/Embed/js2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.191.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-191-45.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 859a27d10e46a5e3715873c0d649bf90ad615f665450d596b18b5c025c263ba7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 12:57:31 GMT
via: 1.1 4f9e9e3e8a2a5cea2848aac8473267f2.cloudfront.net (CloudFront)
last-modified: Fri, 07 Oct 2022 10:44:08 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C2
age: 84006
x-amz-server-side-encryption: AES256
etag: "54db207766c1cdd3f6ba7490d258000a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 168441
x-amz-cf-id: 38tXsobmrWbJKZwWLM_Sy_EfqskHcFEJC3VuQgoOn4t1IZwZgSaUhg==

GET
H2 206 hero-video.mp4
qav2.petersons.com/new/images/pages/home/ 19 KB
19 KB 90ms
83ms Media
video/mp4 184.72.253.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://qav2.petersons.com/new/images/pages/home/hero-video.mp4

Requested by

Host: qav2.petersons.com
URL: https://qav2.petersons.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

184.72.253.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-184-72-253-96.compute-1.amazonaws.com

Software

nginx/1.23.2 /

Resource Hash

4b863884619d29ae00e3a4222089cd2b5132605f93fada717f2834eb7c03bd25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://qav2.petersons.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range: bytes=1015808-

Response headers

date: Fri, 21 Oct 2022 12:17:36 GMT
x-content-type-options: nosniff
last-modified: Thu, 20 Oct 2022 13:54:58 GMT
server: nginx/1.23.2
etag: "63515332-fcb11"
x-frame-options: SAMEORIGIN
content-type: video/mp4
Content-Range: bytes 1015808-1035024/1035025
Content-Length: 19217
x-xss-protection: 1; mode=block

POST
H2 200 content Show response
ws7.hotjar.com/api/v2/sites/2567602/recordings/ 66 B
258 B 1411ms
270ms XHR
application/json 54.246.176.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws7.hotjar.com/api/v2/sites/2567602/recordings/content
Requested by: Host: qav2.petersons.com
URL: https://qav2.petersons.com/new/app.js?id=bb5fecda7da32c2e2e2d5d4b04740cf5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.176.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-176-35.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8429ebb0f08ab0c58721b05518ef47fdb40ecbd245a58a7026c02e6c5c2318c9

Request headers

Referer: https://qav2.petersons.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 21 Oct 2022 12:17:37 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 page.png
trck.youvisit.com/ 92 B
92 B 130ms
6ms Image
image/jpeg 99.84.191.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trck.youvisit.com/page.png?embed=82713779313602032&pageSessionId=0856211a-dc7f-42ae-ada7-b4bfe92ed36d&source=Partners
Requested by: Host: qav2.petersons.com
URL: https://qav2.petersons.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.191.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-191-109.iad89.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 12:17:36 GMT
content-encoding: UTF-8
via: 1.1 c242c974a465288488c7876cabca7752.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: IAD89-C2
x-cache: LambdaGeneratedResponse from cloudfront
content-type: image/jpeg
content-length: 92
x-amz-cf-id: u16WhYLn2F79-2zl3M5bJHriXj7DYxwDtqZpiYRQg3VKVZRuPMzJAw==

GET
H2 200 v1
sp.youvisit.com/com.snowplowanalytics.iglu/ 43 B
388 B 144ms
16ms Image
image/gif 35.171.123.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.youvisit.com/com.snowplowanalytics.iglu/v1?embed=82713779313602032&pageSessionId=0856211a-dc7f-42ae-ada7-b4bfe92ed36d&source=Partners&instid&locid&schema=iglu:com.youvisit/page_pixel_event/jsonschema/1-0-0
Requested by: Host: qav2.petersons.com
URL: https://qav2.petersons.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.123.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-123-11.compute-1.amazonaws.com
Software: akka-http/10.1.12 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 12:17:36 GMT
server: akka-http/10.1.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 43

POST
H2 204 collect Show response
b.clarity.ms/ 0
160 B 144ms
33ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: qav2.petersons.com
URL: https://qav2.petersons.com/new/app.js?id=bb5fecda7da32c2e2e2d5d4b04740cf5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://qav2.petersons.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: https://qav2.petersons.com
date: Fri, 21 Oct 2022 12:17:36 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 206 hero-video.mp4
qav2.petersons.com/new/images/pages/home/ 962 KB
0 42ms
30ms Media
video/mp4 184.72.253.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://qav2.petersons.com/new/images/pages/home/hero-video.mp4

Requested by

Host: qav2.petersons.com
URL: https://qav2.petersons.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

184.72.253.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-184-72-253-96.compute-1.amazonaws.com

Software

nginx/1.23.2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://qav2.petersons.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range: bytes=32768-

Response headers

date: Fri, 21 Oct 2022 12:17:36 GMT
x-content-type-options: nosniff
last-modified: Thu, 20 Oct 2022 13:54:58 GMT
server: nginx/1.23.2
etag: "63515332-fcb11"
x-frame-options: SAMEORIGIN
content-type: video/mp4
Content-Range: bytes 32768-1035024/1035025
Content-Length: 1002257
x-xss-protection: 1; mode=block

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=59F1CCE042CE460D913C44718BA35C78&RedC=c.clarity.ms&MXFR=028FA96B9744692A0E09BB2F93446727
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=59F1CCE042CE460D913C44718BA35C78&MUID=1203AF6EAB48650B3A01BD2AAA61644B

42 B
441 B

15ms
14ms

Image
image/gif

20.110.81.91
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=59F1CCE042CE460D913C44718BA35C78&MUID=1203AF6EAB48650B3A01BD2AAA61644B
Protocol: H2
Server: 20.110.81.91 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Oct 2022 12:17:36 GMT
last-modified: Thu, 13 Oct 2022 20:05:21 GMT
server: Microsoft-IIS/10.0
etag: "b656771f3fdfd81:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 21 Oct 2022 12:17:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 40AC34AAA9254539A9E4DCE7044079C9 Ref B: EWR30EDGE0107 Ref C: 2022-10-21T12:17:37Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=59F1CCE042CE460D913C44718BA35C78&MUID=1203AF6EAB48650B3A01BD2AAA61644B
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H2 204 collect Show response
b.clarity.ms/ 0
48 B 60ms
60ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: qav2.petersons.com
URL: https://qav2.petersons.com/new/app.js?id=bb5fecda7da32c2e2e2d5d4b04740cf5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://qav2.petersons.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: https://qav2.petersons.com
date: Fri, 21 Oct 2022 12:17:37 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 api.min.js Show response
a.opmnstr.com/app/js/ 129 KB
41 KB 64ms
10ms Script
application/javascript 138.199.40.58
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/api.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TCSNTCJ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-40-58.datapacket.com
Software: BunnyCDN-NY-885 /
Resource Hash: f4644cb8abcca0ee42b0cec6012003f5502e7291859d8d63fe7b19cc6b5bdfce

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

cdn-storagebalancer: NY-267
date: Fri, 21 Oct 2022 12:17:37 GMT
content-encoding: br
cdn-edgestorageid: 885
perma-cache: MISS
x-amz-request-id: PDSYX1X5K3W1C7H4
cdn-cachedat: 10/21/2022 06:18:18
cdn-pullzone: 293267
x-amz-id-2: KM0UaPSfYdkSOGXrXvFJYZbTw0GmEB65Tl37S4MMRfM0aDpwGgsQWzhRA74CCwL9lbYYhcfB2Os=
last-modified: Fri, 21 Oct 2022 06:18:07 GMT
server: BunnyCDN-NY-885
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"3ba362ec5a3bc2b34e62b8586fe6714b"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 35e9e4ca6a619d8f2de94078b481448d
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 api.min.css
a.omappapi.com/app/js/ 18 KB
3 KB 43ms
4ms Stylesheet
text/css 138.199.40.58
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.css
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-40-58.datapacket.com
Software: BunnyCDN-NY-885 /
Resource Hash: 103f4d3fbc08fff41f2ddb722186887b3d8977d2a7da27e7ed0f2f5752dc339f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

cdn-storagebalancer: NY-268
date: Fri, 21 Oct 2022 12:17:37 GMT
content-encoding: br
cdn-edgestorageid: 885
perma-cache: HIT
cdn-storageserver: DE-164
cdn-cachedat: 10/14/2022 15:31:25
cdn-pullzone: 293267
last-modified: Fri, 14 Oct 2022 15:31:24 GMT
server: BunnyCDN-NY-885
cdn-fileserver: 339
cdn-requestpullcode: 200
cdn-proxyver: 1.02
etag: W/"634980cc-464c"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 6e0c5b497128e475638601a658a3212c
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 56432 Show response
api.omappapi.com/v2/embed/ 227 B
828 B 141ms
68ms XHR
application/json 52.85.151.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/56432?d=qav2.petersons.com
Requested by: Host: qav2.petersons.com
URL: https://qav2.petersons.com/new/app.js?id=bb5fecda7da32c2e2e2d5d4b04740cf5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.151.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-151-8.iad89.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: 5aa4142a40b5a1e0cdee8d5416c145c0e3d8b785254a566b5393069dcd2e0de8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qav2.petersons.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 12:17:37 GMT
via: 1.1 600860a2fda807ac628822c14b5de860.cloudfront.net (CloudFront)
x-cache-config: 0 0
x-amz-cf-pop: IAD89-C3
x-cache-status: EXPIRED
x-cache: Miss from cloudfront
content-length: 227
x-optinmonster-account: 63664
x-user-agent: standard--
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Pagely Gateway/1.5.1
etag: "b91e5dc54e033e761837b7b846da520f"
vary: Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: X-OptinMonster-Account, X-User-Agent
cache-control: public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers: X-CSRF-Token
x-amz-cf-id: QN3_LEXdIxEV73h3LDcW8sCGv-v3nfZL0hQiRaqxNGxyWl-ou4luSg==
expires: Fri, 21 Oct 2022 12:18:07 GMT

POST
H2 204 collect Show response
b.clarity.ms/ 0
48 B 15ms
14ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: qav2.petersons.com
URL: https://qav2.petersons.com/new/app.js?id=bb5fecda7da32c2e2e2d5d4b04740cf5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://qav2.petersons.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: https://qav2.petersons.com
date: Fri, 21 Oct 2022 12:17:39 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bing.com/	1970-01-20 16:14:10	Name: MUID Value: 1203AF6EAB48650B3A01BD2AAA61644B
.bat.bing.com/	1970-01-20 07:02:39	Name: MR Value: 0
qav2.petersons.com/	1970-01-20 15:38:10	Name: cjevent Value: null
.petersons.com/	1970-01-20 06:54:01	Name: _uetsid Value: 57b84a40513a11eda534018c5fd34566
.petersons.com/	1970-01-20 16:14:10	Name: _uetvid Value: 57c305d0513a11edb90b1b04594fd2ae
.youvisit.com/	1970-01-20 06:54:01	Name: yvrequiregdrp19 Value: false
.youvisit.com/	1970-01-20 06:54:01	Name: yv_gpc Value: 0
.youvisit.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: lremi5h8dke054oq2rq9src56g
.youvisit.com/	1970-01-20 15:38:10	Name: embed Value: 82713779313602032
qav2.petersons.com/	1970-01-20 06:53:10	Name: XSRF-TOKEN Value: eyJpdiI6Ik5QVDZaUnZxWDEwZFhJTi9zOXRGemc9PSIsInZhbHVlIjoibWRjZ2poZnBoNmhFMFBxeEZGOFJmMGRaamN5ZDFjWDZ0T3YvWkxkQTVqNjVtVE5Tb3FYMGFGUkRhVm8rdityalFDLyt5SjZTMkJDTitrZUtGWDB5bDFDcHhPWld1VjhRUlc0RVNzM2Nqdkc0bGhzU1R6OG52WG9UdzJmKzRQOWsiLCJtYWMiOiIwMWY3MGRiNGMzYTFkNmRiODZmZWYyYjRmOTJlZWZiZDZhN2I1OTMxNGVlZTk5NTgzMTViYWE4YTBiNDQwOWMxIiwidGFnIjoiIn0%3D
qav2.petersons.com/	1970-01-20 06:53:10	Name: pcom_session Value: eyJpdiI6Iit6WVAwcGpUSktBUjFRYUxEY0NTb1E9PSIsInZhbHVlIjoiSGRNTFNhaEQ2TnZFOWwzQldMSmlCeDRCTkZNa0xCa2gxR1lYbUh3bGY3OUNGaFczTWtjUlB1QUFyYjhPaE5NVGRBbXhDamowMmVCZlhYWlpZbjU2dXR4cEhUQmMzMHZ3a0RoNkdSNlFhVVZTcHlIR1dxWEZ0aUx1NEQ3T1FqY0YiLCJtYWMiOiJhOTJiNDZjOWNkNGJjNGYwNWMzOTY3YmVhMDQwYmI1ZjRlODQ0NDA5NzNmYjc3YmNmNmIyMzAyYzJjY2M5MjI4IiwidGFnIjoiIn0%3D
.petersons.com/	1970-01-20 16:28:34	Name: _ga Value: GA1.2.284491348.1666354655
.petersons.com/	1970-01-20 06:54:01	Name: _gid Value: GA1.2.223550563.1666354655
www.clarity.ms/	1970-01-20 15:38:10	Name: CLID Value: 17ab90398ba843e0b315a733c8bb4241.20221021.20231021
.petersons.com/	1970-01-20 15:38:10	Name: _hjSessionUser_2567602 Value: eyJpZCI6ImVlNzcwZmVkLTc5NGMtNTkyYS05OTk3LTgzYWU3YzlkMzRjYyIsImNyZWF0ZWQiOjE2NjYzNTQ2NTYwOTAsImV4aXN0aW5nIjpmYWxzZX0=
.petersons.com/	1970-01-20 06:52:36	Name: _hjFirstSeen Value: 1
qav2.petersons.com/	1970-01-20 06:52:34	Name: _hjIncludedInSessionSample Value: 1
.petersons.com/	1970-01-20 06:52:36	Name: _hjSession_2567602 Value: eyJpZCI6ImZhNTI5ZDg4LThjNzItNDk5OC04ZTRlLTQ5N2MzMWQ5MzE3OSIsImNyZWF0ZWQiOjE2NjYzNTQ2NTYxODUsImluU2FtcGxlIjp0cnVlfQ==
qav2.petersons.com/	1970-01-20 06:52:34	Name: _hjIncludedInPageviewSample Value: 1
.petersons.com/	1970-01-20 06:52:36	Name: _hjAbsoluteSessionInProgress Value: 1
.petersons.com/	1970-01-20 15:38:10	Name: _clck Value: 1omse45\|1\|f5w\|0
.youvisit.com/	1970-01-20 15:38:10	Name: sp Value: c9797b5f-38d7-437f-bfb5-efb915688274
.petersons.com/	1970-01-20 06:54:01	Name: _clsk Value: 1xpshr9\|1666354656864\|1\|1\|b.clarity.ms/collect
.c.bing.com/	1970-01-20 07:02:39	Name: MR Value: 0
.c.bing.com/	1970-01-20 16:14:10	Name: SRM_B Value: 1203AF6EAB48650B3A01BD2AAA61644B
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 16:14:10	Name: MUID Value: 1203AF6EAB48650B3A01BD2AAA61644B
.c.clarity.ms/	1970-01-20 07:02:39	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 06:52:35	Name: ANONCHK Value: 0
qav2.petersons.com/	1970-01-20 16:28:34	Name: _omappvp Value: W65ZT6RVhYSPRhaYKeQxnTzh6oNWdsyBJV4vhtfetBkE2iWbnAmKMfuOLp3Qnai4mi0r9Ypvl1IMbJ906UuNM3o7FEh9ppkv
qav2.petersons.com/	1970-01-20 06:52:35	Name: _omappvs Value: 1666354657368

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.omappapi.com
a.opmnstr.com
api.omappapi.com
b.clarity.ms
bat.bing.com
c.bing.com
c.clarity.ms
dist.petersons.com
in.hotjar.com
qav2.petersons.com
script.hotjar.com
sentry-2.petersons.com
servedbyadbutler.com
sp.youvisit.com
static.hotjar.com
test-embedded-api.petersonssurveys.com
trck.youvisit.com
vars.hotjar.com
vc.hotjar.io
ws7.hotjar.com
www.clarity.ms
www.google-analytics.com
www.googletagmanager.com
www.youvisit.com
13.32.208.120
13.32.208.2
138.199.40.58
184.72.253.96
20.110.81.91
20.75.32.255
2600:9000:2009:d000:4:d54d:1f40:93a1
2607:f8b0:4006:81d::2008
2607:f8b0:4006:81d::200e
2620:1ec:40::40
2620:1ec:c11::200
35.171.123.11
51.222.11.30
52.206.186.158
52.85.151.61
52.85.151.8
54.197.20.93
54.229.245.170
54.246.176.35
99.84.191.109
99.84.191.41
99.84.191.45
103f4d3fbc08fff41f2ddb722186887b3d8977d2a7da27e7ed0f2f5752dc339f
111d5349381a9e8f6e2fb551a06de98feb7b7957ba1eff38443f9e696519683b
195a79c3a4ad21e1b897dd21799f8432e4431a719b8cdc6931f92a6a7ab4c167
1d61bd9d966994b87624069418dc0a1ca58905d60e93ae058b68fb7faa428749
2571d35a7c5f55783fcc3445e285fd22a2f01c48acc93b98b9860547e43b6942
27191bc53c353c2b11395dfa1160fdd270e6858a5225b7d64b3080c1876457ef
2fb865529187bc55ffd4e6b4a28cbd61710453eba6a47c216207b254bc3dad33
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
31ad3bef335b8e2c9745e8a465cbfcaf0d6529d666ae57a85b4c1095622907bc
377b65a1bb0ac033c05605e69b8f46874b2b43130d33b88457c085fcc66e8bd9
3b8c02394c11ae3f282c281a433dfc6e7045acd5ee0fc530a14a2f7140e1c3d1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
442ce48e42f75348562fd8f795d5953007d5904d1368e804c07a10d14912a689
4b863884619d29ae00e3a4222089cd2b5132605f93fada717f2834eb7c03bd25
56de0d03455d412c89d88c63da6037845d9d2e726e6fdc7adcd3e9aed0d2150a
5a2b8bd8ad53e426f50cfa998b4b0294241819ae19d95e45da24ae7d56bd959a
5aa4142a40b5a1e0cdee8d5416c145c0e3d8b785254a566b5393069dcd2e0de8
5b29973788ea86bd24620d80b9a7a896ad6fa2d5f5b00a73d22ab10600361681
628cd30897e87704e30f139d67eda19ac989047d0466162d7739a9fc481ec568
682a17f0b5673976fc1af4c8c54b0941bb4b8f7c46745f56a33f8cc7ada4a2cc
6ad8c185449c0991d6356002d130cb58dea749e2de52cf4a33dbce8d88182b75
6edda1c4b8d37889b501784f6b30315629ecb1e1670e2a227f5048e0707a0fa5
6fb2d6bc4a76e42b9631143801e247ee43dad31fccbdec03c6bb200263ae65b8
77153f04a60a70c83534e99ee836c9eabb91a458455cb5ada178bc197c756aca
8429ebb0f08ab0c58721b05518ef47fdb40ecbd245a58a7026c02e6c5c2318c9
859a27d10e46a5e3715873c0d649bf90ad615f665450d596b18b5c025c263ba7
944c4327576aa31eb402daf00809b4718d71e85430b1cae2d5a8e9a436502a6f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a1f9b56a2f7ccba7facbf7f412a9ddb36c02de91577df95346e2954292d6183
9c10470c9e7913b1bd8dd5e79333fe6f0b6faa49a77e24c5ab920a4c05d36ea4
a9106f8201be70decee33d6db0ed15214e640fb5760a3ee0492dcfb6ca7b8ad0
adfe01e109acf1f07eb78555269801d96f80094428e4278819e688b1bc2e49ce
b099801f9b531ea95d19a6753e36235483a393571c2e4f1619ac9b4adbcb637b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
ba16cb593c14b96da93c4559cc30d09dfdf6d9489f00ff17e239d155d2b94b6d
ba9d4f10c3cf8393ef33b97964ca54cc5cada688f35bd4bffd361a2527617e1a
bceca204ef507572fc0db3b666b8288784372735b20b072ac387e052ff59d9c4
bfa90ec276209552504e129dcd9d3c4c25d80afd4d0a77c9cf45b3aac24b87e0
c0a4830af55fb7faabcbe34e804d186959aac83e6832495817e0e62122d2748f
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11
d18bbdb17a8e6f18dbca87bad4b73182e70351fa65290ad9cd14beb1f8a4a5b1
d4f7cd0b793292ba2febff0cf7a179faab8c648894d369d48e44fa9f2b6d1065
d7decfea7e19f5d2ea1c11751f349d774c73c4dda2d06ab1bd96357e482f0e3f
e0f1cfc3412ba914ba232831dfbb6001cf27031b4da0bc6520d31875f2e252ea
e34dec86e6201b95fcf9271af6e447b0f59ab50676dbdd4b0f12bb850d46cebb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee9e95c7f34f5b670049c78afceebf11aef309286732411582ebe54b0904a6d1
eecfc8edacd70e4e53f10d787886827b3406c6d750ba7544033294ca94832ed9
f029a154577b794a87359fc425ab2c08cf428c332bc9a2beb8e1b361d46e656b
f18a81ab5007bd1023e83b8dd34464dd4dac65d7fd70da1ed5476b9a8f2a3cf0
f433122da8de4f7e86aaa0422f1a1a782729938a6cf58632a1f591178b5b91f8
f4644cb8abcca0ee42b0cec6012003f5502e7291859d8d63fe7b19cc6b5bdfce
f5fa6c6409a751031b33185f744a7c8545cd77927f380958973b838f889210b4
f9f56f717f81ea8b0e4774824cf735baae3c7e3dbef8dd96a4988a47b9d8ee76
fb4ec4f83fc52b4d20d4f5f75f0a7ef901f9d2216884cdd081e476f858e50fd4

qav2.petersons.com Open in urlscan Pro 184.72.253.96 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

98 %HTTPS

23 %IPv6

12 Domains

24 Subdomains

22 IPs

3 Countries

1756 kBTransfer

3925 kBSize

31 Cookies

9 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

qav2.petersons.com Open in urlscan Pro
184.72.253.96 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

98 %
HTTPS

23 %
IPv6

12
Domains

24
Subdomains

22
IPs

3
Countries

1756 kB
Transfer

3925 kB
Size

31
Cookies

60 HTTP transactions
3 data transactions