app.payfunnels.com Open in urlscan Pro
2606:4700:20::681a:631 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://payment.madcraft.co/
Effective URL:
https://app.payfunnels.com/business/invalid
Submission: On August 17 via automatic, source certstream-suspicious (August 17th 2023, 1:24:44 pm UTC) — Scanned from DE

Summary HTTP 106 Redirects Behaviour Indicators

Summary

This website contacted 25 IPs in 3 countries across 19 domains to perform 106 HTTP transactions. The main IP is 2606:4700:20::681a:631, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.payfunnels.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 8th 2023. Valid for: a year.

This is the only time app.payfunnels.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	2606:4700:20:... 2606:4700:20::681a:631	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	52.222.139.116 52.222.139.116	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2606:4700:303... 2606:4700:3035::6815:3ff8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	52.222.236.63 52.222.236.63	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c09::9d	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2606:4700:20:... 2606:4700:20::681a:731	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.239.94.54 18.239.94.54	16509 (AMAZON-02) (AMAZON-02)
2	3.221.242.7 3.221.242.7	14618 (AMAZON-AES) (AMAZON-AES)
1	52.222.139.20 52.222.139.20	16509 (AMAZON-02) (AMAZON-02)
3	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
1	34.214.57.8 34.214.57.8	16509 (AMAZON-02) (AMAZON-02)
3	108.139.243.118 108.139.243.118	() ()
2	18.65.40.12 18.65.40.12	16509 (AMAZON-02) (AMAZON-02)
106	25

28 2606:4700:20::681a:631 (United States)

ASN13335 (CLOUDFLARENET, US)

payment.madcraft.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.payfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.139.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-116.ams50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:3ff8 (United States)

ASN13335 (CLOUDFLARENET, US)

beta.affiliatehunt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.236.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-63.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c09::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:731 (United States)

ASN13335 (CLOUDFLARENET, US)

api3.payfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.239.94.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-94-54.ams1.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.221.242.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-242-7.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.139.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-20.ams50.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.214.57.8 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-214-57-8.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.139.243.118 (United States)

ASN- ()
PTR: server-108-139-243-118.mxp63.r.cloudfront.net

beacon-v2.helpscout.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.65.40.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-40-12.ams1.r.cloudfront.net

d3hb14vkzrxvla.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	payfunnels.com api3.payfunnels.com app.payfunnels.com	2 MB
10	stripe.com js.stripe.com — Cisco Umbrella Rank: 1947 q.stripe.com — Cisco Umbrella Rank: 16679 Failed m.stripe.com — Cisco Umbrella Rank: 1748 Failed	296 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	408 KB
7	madcraft.co payment.madcraft.co	2 MB
6	google.com www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 2706	2 KB
4	stripe.network m.stripe.network — Cisco Umbrella Rank: 2076	32 KB
4	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 1992 heapanalytics.com — Cisco Umbrella Rank: 1727	72 KB
4	google.de www.google.de — Cisco Umbrella Rank: 5345	729 B
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 122	542 B
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 62	42 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	312 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 991 script.hotjar.com — Cisco Umbrella Rank: 1166	118 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 76	283 KB
3	helpscout.net beacon-v2.helpscout.net — Cisco Umbrella Rank: 11928	33 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	257 B
2	cloudfront.net d3hb14vkzrxvla.cloudfront.net	7 KB
2	affiliatehunt.com beta.affiliatehunt.com	5 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3131	14 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 3143	260 B
106	19

	Domain	Requested by
21	app.payfunnels.com	payment.madcraft.co app.payfunnels.com
7	payment.madcraft.co	payment.madcraft.co
6	js.stripe.com	payment.madcraft.co js.stripe.com app.payfunnels.com
5	fonts.gstatic.com	payment.madcraft.co app.payfunnels.com
4	m.stripe.network	js.stripe.com m.stripe.network
4	www.google.de	payment.madcraft.co app.payfunnels.com
4	stats.g.doubleclick.net	www.googletagmanager.com payment.madcraft.co www.google-analytics.com
4	www.google-analytics.com	www.googletagmanager.com payment.madcraft.co www.google-analytics.com
4	connect.facebook.net	payment.madcraft.co connect.facebook.net app.payfunnels.com
4	www.googletagmanager.com	payment.madcraft.co www.googletagmanager.com app.payfunnels.com
4	www.google.com	payment.madcraft.co app.payfunnels.com
3	beacon-v2.helpscout.net	app.payfunnels.com beacon-v2.helpscout.net
3	q.stripe.com	payment.madcraft.co
3	api3.payfunnels.com	payment.madcraft.co
3	www.facebook.com	payment.madcraft.co app.payfunnels.com
2	d3hb14vkzrxvla.cloudfront.net	app.payfunnels.com
2	heapanalytics.com	payment.madcraft.co app.payfunnels.com
2	cdn.heapanalytics.com	payment.madcraft.co app.payfunnels.com
2	region1.analytics.google.com	www.googletagmanager.com
2	script.hotjar.com	static.hotjar.com
2	beta.affiliatehunt.com	payment.madcraft.co app.payfunnels.com
2	static.hotjar.com	payment.madcraft.co app.payfunnels.com
2	www.gstatic.com	www.google.com
2	stackpath.bootstrapcdn.com	payment.madcraft.co app.payfunnels.com
1	vc.hotjar.io	script.hotjar.com
1	m.stripe.com	m.stripe.network
106	26

This site contains no links.

Subject Issuer	Validity	Valid
payment.madcraft.co GTS CA 1P5	`2023-08-17` - `2023-11-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-07-31` - `2023-11-30`	4 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-26` - `2023-08-24`	3 months	crt.sh
affiliatehunt.com GTS CA 1P5	`2023-06-23` - `2023-09-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M01	`2023-06-29` - `2024-07-27`	a year	crt.sh
heapanalytics.com Amazon RSA 2048 M02	`2022-12-09` - `2024-01-07`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-08-01` - `2023-11-02`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-31` - `2023-10-26`	3 months	crt.sh
*.helpscout.net Amazon RSA 2048 M02	`2023-04-02` - `2024-04-30`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://app.payfunnels.com/business/invalid
Frame ID: 04F5DC646236549998B87BA27DD96E17
Requests: 87 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 362F9177EB52C53138C92F201C5AB3C5
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 00D7BCF3DAB94694FCF0F98CE0759C5A
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 9B2894C0DD87AC4029B1DC9E5FB03C27
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 2FE69CE104CFC48C60C2FDA5AB46E4CC
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Invalid Business

Page URL History Show full URLs

https://payment.madcraft.co/ Page URL
https://app.payfunnels.com/business/invalid Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

106
Requests

93 %
HTTPS

58 %
IPv6

19
Domains

26
Subdomains

25
IPs

3
Countries

6029 kB
Transfer

20980 kB
Size

31
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://payment.madcraft.co/ Page URL
https://app.payfunnels.com/business/invalid Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

106 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
payment.madcraft.co/ 17 KB
4 KB 364ms
228ms Document
text/html 2606:4700:20::681a:631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.madcraft.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:631 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 38071680da51f56355d3b3c381e4b4460f73e05254bc96b3b9b067b1529a8498

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7f823cf9bd8068e5-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 17 Aug 2023 13:24:35 GMT
last-modified: Fri, 04 Aug 2023 09:18:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gaHXZ4dqw1wThdQwXq3pjLXlgtNe%2F%2FwJSzcrDwDK0fknWrkm1zAmwhRikgOivHXEq4c%2BY8WHY8qrOY3MpVuhDOhorBQbK7nHbFghkjYKdr384%2F3YMGVYo1BMUN0pZPoQbq7%2FSfqjAE9HOUseh6de1zo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 vegur
x-powered-by: Express

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 142ms
56ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: payment.madcraft.co
URL: https://payment.madcraft.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://payment.madcraft.co/
Origin: https://payment.madcraft.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:24:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
cdn-edgestorageid: 722
cdn-cachedat: 05/01/2023 15:40:29
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 63dc4278359e2feb2dfba53e33d9b8a5
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7f823cfc683e2c5b-FRA
cdn-requestpullsuccess: True

GET
H2 200 v3 Show response
js.stripe.com/ 519 KB
145 KB 160ms
39ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: payment.madcraft.co
URL: https://payment.madcraft.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

99617f56dcb44f5ed721eb02838cf5c5b3c15848a9e932128b8f5d7a934211c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.madcraft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 17 Aug 2023 13:24:35 GMT
via: 1.1 varnish
age: 55
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 148243
x-request-id: f8195a87-3f9c-4df7-ab68-ca84599c7111
x-served-by: cache-fra-eddf8230026-FRA
last-modified: Thu, 17 Aug 2023 01:33:25 GMT
server: Fastly
etag: "abd4e080c15f87823db9119feafa967b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 31

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
877 B 139ms
49ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: payment.madcraft.co
URL: https://payment.madcraft.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

45a66a05249a9a90553e6173c2b862904c26c181a906ff76408b39c3ba7eb572

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.madcraft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 557
x-xss-protection: 1; mode=block
expires: Thu, 17 Aug 2023 13:24:35 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
65 KB 144ms
55ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-118123762-1

Requested by

Host: payment.madcraft.co
URL: https://payment.madcraft.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a3192f3f16869398df53fc9af56a2957cf47ce441fc8c2d0707581e4153c690

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.madcraft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:24:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66573
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 17 Aug 2023 13:24:36 GMT

GET
H2 200 runtime-es2015.3cf8033b79d6b5fdba86.js Show response
payment.madcraft.co/ 4 KB
3 KB 236ms
235ms Script
application/javascript 2606:4700:20::681a:631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.madcraft.co/runtime-es2015.3cf8033b79d6b5fdba86.js
Requested by: Host: payment.madcraft.co
URL: https://payment.madcraft.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:631 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 56e90108042910b01c6af7f1e6dcf39fa7ac27f009f1a906b216329afce6824d

Request headers

Referer: https://payment.madcraft.co/
Origin: https://payment.madcraft.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:24:36 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 04 Aug 2023 09:16:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"1109-189bfd5c830"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aGgn6943N%2BKvT8t0fsZvnF0VQMr4lydn5bvAnCTmAW60fOsFqxAztZxFeqQZ1GgAaHfwTA2t%2FgVj%2B6wvthzI7mJkKRH1OqvxUJrt1qoapMp1sAoRTODrkzJTEw6hSFfVuxx8N%2FfTx8F1HnxVh1ihfTE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7f823cfbeffc68e5-FRA

GET
H2 200 polyfills-es2015.c8dbb24107db24327be7.js Show response
payment.madcraft.co/ 33 KB
12 KB 335ms
334ms Script
application/javascript 2606:4700:20::681a:631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.madcraft.co/polyfills-es2015.c8dbb24107db24327be7.js
Requested by: Host: payment.madcraft.co
URL: https://payment.madcraft.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:631 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 905f7246ebb1d5a1715fb7b821447feb1077f3e3fd073948fea7f2d7a4f62f3f

Request headers

Referer: https://payment.madcraft.co/
Origin: https://payment.madcraft.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:24:36 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 04 Aug 2023 09:16:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"85af-189bfd5cc18"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BfcEW0ooxlGF56fxkqPAmqYypD7rKuA6dKX%2FKgdXSZJk%2BU0gIY6DfBsht84%2B%2BGFd4za10OTwhbRZpTeKXsmDt0zU4XUT9xDWFtdRuWxItxHvJ%2Fv7y333uIJ5wV%2Ft3BAj8ECd%2FzWQCwf5PF0KmTuzgFM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7f823cfbeffe68e5-FRA

GET
H2 200 scripts.4d07607e15edcd56a219.js Show response
payment.madcraft.co/ 389 KB
102 KB 610ms
609ms Script
application/javascript 2606:4700:20::681a:631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.madcraft.co/scripts.4d07607e15edcd56a219.js
Requested by: Host: payment.madcraft.co
URL: https://payment.madcraft.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:631 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ef92dc434f10920d2469d029074986260f78a959d16da77404097898f2a251de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.madcraft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:24:36 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 04 Aug 2023 09:16:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"61585-189bfd5c448"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZq2spfDV9H0wHDrHPHxnkQCJhdeKQb9OkNpK96GvSU6Wm8rb9SNA4nxngVFYJAThY%2B9d5xxVQo4bD%2FsqPAtmS4ibU66Klep%2BpUr%2Bs%2BVLzZVy36ksI8%2FHewsi58cjCJnohb%2Bpcd3in5zWw9wsdyvgEY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7f823cfdca3268e5-FRA

GET
H2 200 main-es2015.383f09ca6716d7f4da67.js Show response
payment.madcraft.co/ 6 MB
2 MB 677ms
676ms Script
application/javascript 2606:4700:20::681a:631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.madcraft.co/main-es2015.383f09ca6716d7f4da67.js
Requested by: Host: payment.madcraft.co
URL: https://payment.madcraft.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:631 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: dce0d7ca04dab71f2a8dd85843db714d8dee6dd34242b91112e35f40f250822a

Request headers

Referer: https://payment.madcraft.co/
Origin: https://payment.madcraft.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:24:36 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 04 Aug 2023 09:18:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"619c5d-189bfd74318"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5tQ3ILbi4pXJAD8zwndV2TaqOzLmT46qB%2BVi%2FPf2lBuRFlyZoIQNimYFGOiQSdhwroJ1rgXglFsNRt1ko40xrKbwI5QuaJ%2FO4rM6PU7SAhywb6SgFI38ts4blvaasYoNlpE2xA%2F4u777cu9iuBuJ4iE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7f823cfbe80268e5-FRA

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/ 453 KB
182 KB 128ms
39ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6a162cb53d79e0ee3a6d020bc72c80cde5644ffbeb9913b96c3c4833a4a65d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payment.madcraft.co/
Origin: https://payment.madcraft.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 07:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 186041
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 14:49:49 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Aug 2024 07:09:02 GMT

GET
H2 200 hotjar-1550729.js Show response
static.hotjar.com/c/ 10 KB
4 KB 163ms
75ms Script
application/javascript 52.222.139.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1550729.js?sv=6

Requested by

Host: payment.madcraft.co
URL: https://payment.madcraft.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.139.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-139-116.ams50.r.cloudfront.net

Software

Resource Hash

b392a311ade87f6677ee4df882a95e0ef9b1e3ff868fe9bd20b79e7e4bfba44d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.madcraft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 17 Aug 2023 13:24:36 GMT
via: 1.1 9463f100725b8b17da2d778617835760.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
etag: W/853fa08c1cceb26245fae3f10127cef0
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 7xxx_9H9iqj_wmcIY8_lzyaCWZs6zRhFmjE4hw-V5qyJxmW9TPs49Q==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 172 KB
47 KB 128ms
40ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: payment.madcraft.co
URL: https://payment.madcraft.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

07b896a6d0efd4c2b706477a0f2c2ada2dff59d654a3cd4bf2ed84333a90d7c7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.madcraft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 17 Aug 2023 13:24:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 47245
x-xss-protection: 0
pragma: public
x-fb-debug: BJ8/v4gazEDXwlAv6LFB6Aomp0/78kqaIQcLhdAS8l32ZP0/2lLW2KECdJm82wjwV22I/vv/ZJC86oejz0uTdg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ah.js Show response
beta.affiliatehunt.com/assets/js/ 10 KB
3 KB 544ms
442ms Script
application/javascript 2606:4700:3035::6815:3ff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.affiliatehunt.com/assets/js/ah.js
Requested by: Host: payment.madcraft.co
URL: https://payment.madcraft.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3ff8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d2a4bb0e2e8a59f48fe6b261745572f4eb5bea388757f67e538f712e43d0073d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.madcraft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:24:36 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 21 Jul 2023 09:55:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"29cb-18977e08088"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xf8xBl2IXslNKBmo%2FKf%2Bs2dq%2FHnvmJ1QwyXuCZGmnakJddv6PBVvITLeKdq6tj%2FjDaD2o2zbbW5nwL9iey1uGUj2f6TofQxs5btPPavCcYMmZTvscvWw89n1gDnKDbDtKqvIvDAkwzWN2tQtgP2ex3GMmyxT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7f823cfe684b9250-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 styles.a9ae5c79f083a45b935c.css
payment.madcraft.co/ 404 KB
80 KB 692ms
691ms Stylesheet
text/css 2606:4700:20::681a:631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.madcraft.co/styles.a9ae5c79f083a45b935c.css
Requested by: Host: payment.madcraft.co
URL: https://payment.madcraft.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:631 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3047cfc1cad20d75bd3aa6bcfd5ca1780fa08a0cb31a7c7dafa53ceee3102330

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.madcraft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:24:36 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 04 Aug 2023 09:16:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"64e6b-189bfd5c448"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJRdc3keb8NAPtLgXeEbg8c2KmQ%2Buyzqu6mCZ9LYs2TgQ2A1tshuAx0LhcL%2BBIldIj5b0Y71OcFBtuePkr1P2GRwh6rycejhcUkCDJM9BtC5cgZEtjkRcb6N0M4XEvhbWWenwaVXtlPWlYb5A2DxasM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7f823cfdca3668e5-FRA

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 132ms
45ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: payment.madcraft.co
URL: https://payment.madcraft.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payment.madcraft.co/
Origin: https://payment.madcraft.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 08:12:20 GMT
x-content-type-options: nosniff
age: 450736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8892
x-xss-protection: 0
last-modified: Wed, 11 Oct 2017 21:49:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 08:12:20 GMT

GET
H2 200 modules.be28aa100b6c5e9c734a.js Show response
script.hotjar.com/ 223 KB
55 KB 145ms
45ms Script
application/javascript 52.222.236.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.be28aa100b6c5e9c734a.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1550729.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-63.fra56.r.cloudfront.net

Software

Resource Hash

b76eb0fb853247a10ef2d06dd156815be1d8ae1d5e6fc23db338968e133006ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.madcraft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 10:35:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 96570
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55605
last-modified: Wed, 16 Aug 2023 10:34:51 GMT
etag: "452f7cb7245126a3677ef01e073b98fc"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: kuyJC25GEg3wew6tDvlxQ4PSN2mKx2aIEsXpDpt0cB65-0T3nMZbAg==

GET
H2 200 181466379399546 Show response
connect.facebook.net/signals/config/ 384 KB
109 KB 144ms
144ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/181466379399546?v=2.9.123&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

78a18c45d5c98f8ca5a5016d8227ee8a73a4be68b404a0041d9cb969168048b6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.madcraft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 17 Aug 2023 13:24:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: YDUZKG740EZ15w39Is6UJFT3d3jrhcQLfdbI3d0niNFv/ZbkfSATEqztkNsJ7ysJ3ddxmQ3/80QCiMtlrA/Nzg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
76 KB 57ms
57ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EV8MTMZG81&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-118123762-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

15f83320d16ebe790af610667b9002f58e64cb690f82b2c3ffc8ee4dce6ece6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.madcraft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:24:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78045
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 17 Aug 2023 13:24:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 130ms
39ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-118123762-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.madcraft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 17 Aug 2023 11:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5693
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 17 Aug 2023 13:49:43 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 134ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-EV8MTMZG81&gtm=45je38g0h2&_p=1286110229&_gaz=1&cid=1298605852.1692278676&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1692278676&sct=1&seg=0&dl=https%3A%2F%2Fpayment.madcraft.co%2F&dt=Payfunnels&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EV8MTMZG81&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.madcraft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:24:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payment.madcraft.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
247 B 146ms
49ms Ping
text/plain 2a00:1450:400c:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-EV8MTMZG81&cid=1298605852.1692278676&gtm=45je38g0h2&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EV8MTMZG81&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.madcraft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:24:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payment.madcraft.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 169ms
82ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EV8MTMZG81&cid=1298605852.1692278676&gtm=45je38g0h2&aip=1&z=1415046059

Requested by

Host: payment.madcraft.co
URL: https://payment.madcraft.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.madcraft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:24:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
209 B 47ms
47ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1286110229&t=pageview&_s=1&dl=https%3A%2F%2Fpayment.madcraft.co%2F&ul=en-us&de=UTF-8&dt=Payfunnels&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=555674802&gjid=67154549&cid=1298605852.1692278676&tid=UA-118123762-1&_gid=900257925.1692278677&_r=1&gtm=457e3890&jsscut=1&z=2094959484

Requested by

Host: payment.madcraft.co
URL: https://payment.madcraft.co/polyfills-es2015.c8dbb24107db24327be7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://payment.madcraft.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:24:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payment.madcraft.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 127ms
39ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=181466379399546&ev=PageView&dl=https%3A%2F%2Fpayment.madcraft.co%2F&rl=&if=false&ts=1692278676543&sw=1600&sh=1200&v=2.9.123&r=stable&ec=0&o=30&fbp=fb.1.1692278676542.1481631987&cs_est=true&it=1692278676330&coo=false&rqm=GET

Requested by

Host: payment.madcraft.co
URL: https://payment.madcraft.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.madcraft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 17 Aug 2023 13:24:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 48ms
48ms XHR
text/plain 2a00:1450:400c:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-118123762-1&cid=1298605852.1692278676&jid=555674802&gjid=67154549&_gid=900257925.1692278677&_u=YADAAUAAAAAAACAAI~&z=1341044437

Requested by

Host: payment.madcraft.co
URL: https://payment.madcraft.co/polyfills-es2015.c8dbb24107db24327be7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://payment.madcraft.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 17 Aug 2023 13:24:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payment.madcraft.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 81ms
80ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-118123762-1&cid=1298605852.1692278676&jid=555674802&_u=YADAAUAAAAAAACAAI~&z=1853046346

Requested by

Host: payment.madcraft.co
URL: https://payment.madcraft.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.madcraft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:24:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 79ms
79ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-118123762-1&cid=1298605852.1692278676&jid=555674802&_u=YADAAUAAAAAAACAAI~&z=1853046346

Requested by

Host: payment.madcraft.co
URL: https://payment.madcraft.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.madcraft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:24:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 graphql
api3.payfunnels.com/ Frame 0
0 392ms
274ms Preflight 2606:4700:20::681a:731
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api3.payfunnels.com/graphql
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:731 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://payment.madcraft.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-headers: authorization,content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 7f823d049c5c2bce-FRA
content-length: 0
date: Thu, 17 Aug 2023 13:24:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uphd0i1NnUcg1ihWGZxAgmljf6NlLGC0%2FKcgCQxryoNwIevh1eujQJ7pqAM%2F3d01BJm2E4YnxsHzPgGXg%2BNatv0KVgp3SjUt1OkCzILhNagFlqKIVGghhV4JjKD0a0FlR58dmWLeEaL2GFp8y%2Fka2Ec%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Access-Control-Request-Headers
via: 1.1 vegur
x-powered-by: Express

GET
H2 200 336-es2015.5939b3b7632107c05ea2.js
payment.madcraft.co/ 175 KB
56 KB 494ms
493ms Script
application/javascript 2606:4700:20::681a:631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.madcraft.co/336-es2015.5939b3b7632107c05ea2.js
Requested by: Host: payment.madcraft.co
URL: https://payment.madcraft.co/runtime-es2015.3cf8033b79d6b5fdba86.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:631 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.madcraft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:24:37 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 04 Aug 2023 09:17:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"2bd76-189bfd60a98"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RshRrkZwldRvRSABqcbZskg4lDh%2FwW1Gz0UtBXjIBg%2Bewnak%2FzFrYT7JfwviqIw612hFv4ZzedhY3TqaOSvKAuOP040bqrkaek%2F1W2%2FAvdqTMsorWjNKMRp1tZOknC%2FyGzV40LLRofaK9y1qpbWlfY0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7f823d03a82c68e5-FRA

GET
H2 200 heap-1040244817.js
cdn.heapanalytics.com/js/ 111 KB
36 KB 242ms
148ms Script
application/javascript 18.239.94.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-1040244817.js

Requested by

Host: payment.madcraft.co
URL: https://payment.madcraft.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.94.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-94-54.ams1.r.cloudfront.net

Software

nginx / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.madcraft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:24:09 GMT
content-encoding: br
via: 1.1 03335b4388aac682bcebdd7893781376.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: AMS1-P3
age: 28
x-powered-by: Express
etag: W/"1bbf6-Mr0993m/Gbgp1Zgvf1OZXx8WZqo"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: pCmHMGc_FhKgceRIavVBPjRDtgSLfBPzPpS_uNrVHNLrwdCkkXFVfw==

GET
H2 400 status
api3.payfunnels.com/ 52 B
432 B 407ms
284ms XHR
application/json 2606:4700:20::681a:731
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api3.payfunnels.com/status
Requested by: Host: payment.madcraft.co
URL: https://payment.madcraft.co/polyfills-es2015.c8dbb24107db24327be7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:731 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: application/json, text/plain, */*
Referer: https://payment.madcraft.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:24:37 GMT
via: 1.1 vegur
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"34-/clgTer/YB3hbRkw++sAVEhuzwA"
x-powered-by: Express
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS,HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6rDatTfPnpIeWvcSKkHkFvbBq%2B07DkOOoJ%2BtgNEiyEOkhxH9TBK14e2YknIkT8d5Fu5XrhWgkrYuClGEiI0tYr6oMXF2ALLeDI75YHBjtFThHbMdUAx1MFYGXF%2Bd5E0lhpk9KriR9QYgaWUL5pT2i3s%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7f823d049c5a2bce-FRA
access-control-allow-headers: *
content-length: 52

POST
H2 200 graphql
api3.payfunnels.com/ 147 B
433 B 243ms
243ms XHR
application/json 2606:4700:20::681a:731
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api3.payfunnels.com/graphql
Requested by: Host: payment.madcraft.co
URL: https://payment.madcraft.co/polyfills-es2015.c8dbb24107db24327be7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:731 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: application/json, text/plain, */*
Referer: https://payment.madcraft.co/
accept-language: de-DE,de;q=0.9
Authorization: Bearer null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 17 Aug 2023 13:24:37 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"93-tyW5jIH/TiOmziByT5taWqGYPzw"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iSwCxMasViW6PI34v4jFOHWNog6Y2keqbIw0lK7tYkwQGvzylu2%2FvyUXe7w70uea%2FpgesVva0A40hXqRGH%2BAIPDTwju%2BpD6k093R1QAgHmBoBwezCv09aB2179ONx1PRFUTERTul2hhgEO9q54HhTw4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 7f823d064e982bce-FRA

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html
js.stripe.com/v3/ Frame 362F 200 B
812 B 39ms
39ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://payment.madcraft.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 19491129
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 17 Aug 2023 13:24:37 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Wed, 21 Dec 2022 18:20:45 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 218593
x-content-type-options: nosniff
x-request-id: 90d56833-960a-434b-9368-39748cd34244
x-served-by: cache-fra-eddf8230026-FRA

GET
H3 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js
js.stripe.com/v3/fingerprinted/js/ Frame 362F 631 B
757 B 39ms
39ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 17 Aug 2023 13:24:37 GMT
via: 1.1 varnish
age: 6019764
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 396
x-request-id: ca078e9f-88b1-48b7-a723-8da9070a9f72
x-served-by: cache-fra-eddf8230120-FRA
last-modified: Thu, 08 Jun 2023 20:06:50 GMT
server: Fastly
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 412423

POST csp-report
q.stripe.com/ Frame 362F 0
0

GET
H2 200 inner.html
m.stripe.network/ Frame 00D7 930 B
1 KB 61ms
39ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 10
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 17 Aug 2023 13:24:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 13
x-content-type-options: nosniff
x-request-id: 34ed8d8e-abdb-4bce-8e8a-ea447fb3dd35
x-served-by: cache-fra-eddf8230026-FRA
x-timer: S1692278677.306786,VS0,VE0

GET
H2 200 h
heapanalytics.com/ 37 B
261 B 372ms
118ms Image
image/gif 3.221.242.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1040244817&u=870379432993176&v=1402243951209547&s=397819660118167&b=web&tv=4.0&z=0&h=%2F&d=payment.madcraft.co&t=Payfunnels&ts=1692278677314&st=1692278677317

Requested by

Host: payment.madcraft.co
URL: https://payment.madcraft.co/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.221.242.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-221-242-7.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.madcraft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:24:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

POST csp-report
q.stripe.com/ Frame 00D7 0
0

GET
H2 200 out-4.5.43.js
m.stripe.network/ Frame 00D7 87 KB
15 KB 39ms
39ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Thu, 17 Aug 2023 13:24:37 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 151
x-cache: HIT
content-length: 15509
x-request-id: 3d2469de-3c0f-448a-9f4d-bc3fa77235a7
x-served-by: cache-fra-eddf8230026-FRA
server: Fastly
x-timer: S1692278677.352157,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 124

POST 6
m.stripe.com/ Frame 00D7 0
0

GET
H2 200 Primary Request invalid Show response
app.payfunnels.com/business/ 17 KB
4 KB 358ms
243ms Document
text/html 2606:4700:20::681a:631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.payfunnels.com/business/invalid
Requested by: Host: payment.madcraft.co
URL: https://payment.madcraft.co/main-es2015.383f09ca6716d7f4da67.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:631 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 38071680da51f56355d3b3c381e4b4460f73e05254bc96b3b9b067b1529a8498

Request headers

Referer: https://payment.madcraft.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7f823d0718761d92-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 17 Aug 2023 13:24:37 GMT
last-modified: Fri, 04 Aug 2023 09:18:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u7Fuz86tZUkN%2Fmo%2F%2Frmwi1Dr%2FWVkzLUIlio6f75jTajn7ZletflRJ%2Fwnh7I6KFFoZ7NaLWq2qXJzzBSx4dVBg5Huf70aTQzC8%2FEwsMo5SbrC%2FaW8ywHkmlWm7w8xoALBsZm9mTS1aRsTVf4Uvtm7xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 vegur
x-powered-by: Express

OPTIONS graphql
api3.payfunnels.com/ Frame 0
0

POST graphql
api3.payfunnels.com/ 0
0

POST collect
region1.analytics.google.com/g/ 0
0

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 59ms
58ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: app.payfunnels.com
URL: https://app.payfunnels.com/business/invalid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.payfunnels.com/
Origin: https://app.payfunnels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:24:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 722
cdn-cachedat: 05/01/2023 15:40:29
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 791cfc190243720c8ba39d6fdd5d1d12
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7f823d08b8b42c5b-FRA
cdn-requestpullsuccess: True

GET
H3 200 v3 Show response
js.stripe.com/ 519 KB
145 KB 41ms
40ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: app.payfunnels.com
URL: https://app.payfunnels.com/business/invalid

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

99617f56dcb44f5ed721eb02838cf5c5b3c15848a9e932128b8f5d7a934211c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.payfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 17 Aug 2023 13:24:37 GMT
via: 1.1 varnish
age: 58
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 148243
x-request-id: 941a31a2-7b01-46c4-9d24-5fffc320ee1a
x-served-by: cache-fra-eddf8230120-FRA
last-modified: Thu, 17 Aug 2023 01:33:25 GMT
server: Fastly
etag: "abd4e080c15f87823db9119feafa967b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 25

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
855 B 49ms
48ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: app.payfunnels.com
URL: https://app.payfunnels.com/business/invalid

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

158589b741eac0343f21e5729a7cac29619c17c33f614d75123c4036692b994b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.payfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:24:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 834
x-xss-protection: 1; mode=block
expires: Thu, 17 Aug 2023 13:24:37 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
65 KB 52ms
52ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-118123762-1

Requested by

Host: app.payfunnels.com
URL: https://app.payfunnels.com/business/invalid

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3eb875a8a1a147b53fc0f6cb771f4fd0e5f7925a684eb06da802058e60b08981

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.payfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:24:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66555
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 17 Aug 2023 13:24:37 GMT

GET
H2 200 runtime-es2015.3cf8033b79d6b5fdba86.js Show response
app.payfunnels.com/ 4 KB
3 KB 253ms
253ms Script
application/javascript 2606:4700:20::681a:631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.payfunnels.com/runtime-es2015.3cf8033b79d6b5fdba86.js
Requested by: Host: app.payfunnels.com
URL: https://app.payfunnels.com/business/invalid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:631 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 56e90108042910b01c6af7f1e6dcf39fa7ac27f009f1a906b216329afce6824d

Request headers

Referer: https://app.payfunnels.com/business/invalid
Origin: https://app.payfunnels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:24:38 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 04 Aug 2023 09:16:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"1109-189bfd5c830"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YKiweVOxfImkgW9HMgoVTykaZr74UwKaeX%2FsV1rlHSreQDAIzg2JZMsuZjqvgx1KOGLJGHDz5j76Vqs724QBZbOXQe2HKh8yURY26Br6lIfN7YXEuchVm7o9OVTiSr7aidrRwhvSz66iV4upuTpYGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7f823d092b341d92-FRA

GET
H2 200 polyfills-es2015.c8dbb24107db24327be7.js Show response
app.payfunnels.com/ 33 KB
12 KB 335ms
335ms Script
application/javascript 2606:4700:20::681a:631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.payfunnels.com/polyfills-es2015.c8dbb24107db24327be7.js
Requested by: Host: app.payfunnels.com
URL: https://app.payfunnels.com/business/invalid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:631 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 905f7246ebb1d5a1715fb7b821447feb1077f3e3fd073948fea7f2d7a4f62f3f

Request headers

Referer: https://app.payfunnels.com/business/invalid
Origin: https://app.payfunnels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:24:38 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 04 Aug 2023 09:16:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"85af-189bfd5cc18"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WN1OfeCkQTN%2FBE%2BhkqDW3Axy%2Bd7mMeE3pAEGOw9cZtwDFA%2FGSGdN3AiDNyQfbs2a74mAtlwplEu9C3eC6JIu3xpxWBuH8qyKVSt5pvLNl%2BPhq9w0BXDyCeotMcwdLWDsRubyEQWXNU2LwcOnXRVWKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7f823d092b361d92-FRA

GET
H2 200 scripts.4d07607e15edcd56a219.js Show response
app.payfunnels.com/ 389 KB
102 KB 603ms
600ms Script
application/javascript 2606:4700:20::681a:631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.payfunnels.com/scripts.4d07607e15edcd56a219.js
Requested by: Host: app.payfunnels.com
URL: https://app.payfunnels.com/business/invalid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:631 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ef92dc434f10920d2469d029074986260f78a959d16da77404097898f2a251de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.payfunnels.com/business/invalid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:24:38 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 04 Aug 2023 09:16:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"61585-189bfd5c448"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hfZHbEhJZrVtilt89Hzj9fkIB8XTPGpi82QhmR2gl7eTKuUi0tzavk9Tt%2FHPhnBo7Jqc5CaQ5%2FomNBkHDMCCsaA7mV23%2Ftestrhv5Rb92G5vKt41h%2FSFgvE5ugOqvLLSB554DGbwPcyp7tIMpHs1Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7f823d09bbee1d92-FRA

GET
H2 200 main-es2015.383f09ca6716d7f4da67.js Show response
app.payfunnels.com/ 6 MB
2 MB 805ms
805ms Script
application/javascript 2606:4700:20::681a:631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.payfunnels.com/main-es2015.383f09ca6716d7f4da67.js
Requested by: Host: app.payfunnels.com
URL: https://app.payfunnels.com/business/invalid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:631 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: dce0d7ca04dab71f2a8dd85843db714d8dee6dd34242b91112e35f40f250822a

Request headers

Referer: https://app.payfunnels.com/business/invalid
Origin: https://app.payfunnels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:24:38 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 04 Aug 2023 09:18:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"619c5d-189bfd74318"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7IOnuFXdnpBFOof%2BsW6bXGHH8zkltFZ6yiqOWT5lL7n%2BQIVeioAxTHx9KKm%2BgR0KlXUW4fxpy2LICPFSvgqncQtovwSLsACiAxt%2FBCsel8%2FiLve%2Bkh%2BNwEJAXJ1LGGoXmlEovg2BcJ9M%2Fm3PUqYBxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7f823d092b371d92-FRA

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/ 453 KB
182 KB 44ms
41ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6a162cb53d79e0ee3a6d020bc72c80cde5644ffbeb9913b96c3c4833a4a65d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.payfunnels.com/
Origin: https://app.payfunnels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 07:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 186041
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 14:49:49 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Aug 2024 07:09:02 GMT

GET
H2 200 hotjar-1550729.js Show response
static.hotjar.com/c/ 10 KB
4 KB 45ms
42ms Script
application/javascript 52.222.139.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1550729.js?sv=6

Requested by

Host: app.payfunnels.com
URL: https://app.payfunnels.com/business/invalid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.139.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-139-116.ams50.r.cloudfront.net

Software

Resource Hash

b392a311ade87f6677ee4df882a95e0ef9b1e3ff868fe9bd20b79e7e4bfba44d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.payfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 17 Aug 2023 13:24:36 GMT
via: 1.1 9463f100725b8b17da2d778617835760.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
age: 2
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/853fa08c1cceb26245fae3f10127cef0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: 6yv5jt5NMVr6rqn4qSWsjpRIBZrOYpctvkpoYfN5Ht5y0_Q5wWa9Cg==

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 172 KB
46 KB 44ms
42ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: app.payfunnels.com
URL: https://app.payfunnels.com/business/invalid

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

07b896a6d0efd4c2b706477a0f2c2ada2dff59d654a3cd4bf2ed84333a90d7c7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.payfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 17 Aug 2023 13:24:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 47245
x-xss-protection: 0
pragma: public
x-fb-debug: 0A+4EnWn54E7822+8podNeNNnbWyhqjqu41rYQCPBkz5qi27CFtn43h5ns0wzKhGtGG3Bv+e3g4lE9rucVsIlQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ah.js Show response
beta.affiliatehunt.com/assets/js/ 10 KB
3 KB 54ms
51ms Script
application/javascript 2606:4700:3035::6815:3ff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.affiliatehunt.com/assets/js/ah.js
Requested by: Host: app.payfunnels.com
URL: https://app.payfunnels.com/business/invalid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3ff8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d2a4bb0e2e8a59f48fe6b261745572f4eb5bea388757f67e538f712e43d0073d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.payfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:24:38 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 21 Jul 2023 09:55:49 GMT
server: cloudflare
etag: W/"29cb-18977e08088"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pqlKD%2Fe3e1oOXWm5IEc11NuOJLH0xoqR5Dr7ZtLFzwTjTFJrswtfZCAkhDst1OKLnTKKmbj7EQr%2B1StQymKM%2Bo1U5Tq4kUILOx8JEwhfZL%2B%2BX1IT75Ve4oytAbc9m0UfVKiO9wvEQMICZE67PaeG8YwtWvWD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7f823d09bc969250-FRA

GET
H2 200 styles.a9ae5c79f083a45b935c.css
app.payfunnels.com/ 404 KB
80 KB 642ms
639ms Stylesheet
text/css 2606:4700:20::681a:631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.payfunnels.com/styles.a9ae5c79f083a45b935c.css
Requested by: Host: app.payfunnels.com
URL: https://app.payfunnels.com/business/invalid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:631 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3047cfc1cad20d75bd3aa6bcfd5ca1780fa08a0cb31a7c7dafa53ceee3102330

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.payfunnels.com/business/invalid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:24:38 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 04 Aug 2023 09:16:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"64e6b-189bfd5c448"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZq1ybpCimxubrsuzwULugdKSSKE4rHV9icMU51cm0Mpkf5e9vVjrkF3cvo3eGieLKzzVKJXcp51oI1G%2BBw%2BCnSGx%2BbZPYRia8KaFlQFits1C28bxrtYz6qb2aqxU4G3Cq8SnH9FIHTn2wXzR%2Fs1lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7f823d09bbf01d92-FRA

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 43ms
42ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: app.payfunnels.com
URL: https://app.payfunnels.com/business/invalid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.payfunnels.com/
Origin: https://app.payfunnels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 08:12:20 GMT
x-content-type-options: nosniff
age: 450738
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8892
x-xss-protection: 0
last-modified: Wed, 11 Oct 2017 21:49:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 08:12:20 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
77 KB 60ms
59ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EV8MTMZG81&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-118123762-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6112595639115f76e0699c38fad9e1a178039ea1b2f6be9585d172b5caa2e824

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.payfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:24:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78330
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 17 Aug 2023 13:24:38 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-118123762-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.payfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 17 Aug 2023 11:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5695
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 17 Aug 2023 13:49:43 GMT

GET
H2 200 modules.be28aa100b6c5e9c734a.js Show response
script.hotjar.com/ 223 KB
55 KB 51ms
50ms Script
application/javascript 52.222.236.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.be28aa100b6c5e9c734a.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1550729.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-63.fra56.r.cloudfront.net

Software

Resource Hash

b76eb0fb853247a10ef2d06dd156815be1d8ae1d5e6fc23db338968e133006ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.payfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 10:35:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 96572
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55605
last-modified: Wed, 16 Aug 2023 10:34:51 GMT
etag: "452f7cb7245126a3677ef01e073b98fc"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 2g2d170476vYd7IwkHnbIBZtuzdOaFzX580tC--nauhlf8oByytdRg==

GET
H3 200 181466379399546 Show response
connect.facebook.net/signals/config/ 384 KB
109 KB 48ms
47ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/181466379399546?v=2.9.123&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

78a18c45d5c98f8ca5a5016d8227ee8a73a4be68b404a0041d9cb969168048b6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.payfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 17 Aug 2023 13:24:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 111724
x-xss-protection: 0
pragma: public
x-fb-debug: YDUZKG740EZ15w39Is6UJFT3d3jrhcQLfdbI3d0niNFv/ZbkfSATEqztkNsJ7ysJ3ddxmQ3/80QCiMtlrA/Nzg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 47ms
46ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=177551695&t=pageview&_s=1&dl=https%3A%2F%2Fapp.payfunnels.com%2Fbusiness%2Finvalid&dr=https%3A%2F%2Fpayment.madcraft.co%2F&ul=en-us&de=UTF-8&dt=Payfunnels&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=770830658&gjid=1389434859&cid=998518668.1692278678&tid=UA-118123762-1&_gid=373879204.1692278678&_r=1&gtm=457e3890&jsscut=1&z=1112312907

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.payfunnels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:24:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.payfunnels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 1550729 Show response
vc.hotjar.io/sessions/ 0
260 B 194ms
63ms XHR
text/plain 52.222.139.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/1550729?s=0.25&r=0.02952273293991925
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.be28aa100b6c5e9c734a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-20.ams50.r.cloudfront.net
Software: Python/3.8 aiohttp/3.8.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.payfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:24:38 GMT
via: 1.1 abc3ecd1d98ae9cd426d47386509de18.cloudfront.net (CloudFront)
server: Python/3.8 aiohttp/3.8.4
x-amz-cf-pop: AMS50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: 3H_OHFRK2qLITQ3MVlWp2aYFvMwTwL4NXTInbHklAfPVa1FQCvhSBQ==

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 40ms
39ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=181466379399546&ev=PageView&dl=https%3A%2F%2Fapp.payfunnels.com%2Fbusiness%2Finvalid&rl=https%3A%2F%2Fpayment.madcraft.co%2F&if=false&ts=1692278678260&sw=1600&sh=1200&v=2.9.123&r=stable&ec=0&o=30&fbp=fb.1.1692278678260.196425984&cs_est=true&it=1692278678104&coo=false&rqm=GET

Requested by

Host: app.payfunnels.com
URL: https://app.payfunnels.com/business/invalid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.payfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 17 Aug 2023 13:24:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 47ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-EV8MTMZG81&gtm=45je3890&_p=177551695&_gaz=1&cid=998518668.1692278678&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1692278678&sct=1&seg=0&dl=https%3A%2F%2Fapp.payfunnels.com%2Fbusiness%2Finvalid&dr=https%3A%2F%2Fpayment.madcraft.co%2F&dt=Payfunnels&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EV8MTMZG81&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.payfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:24:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.payfunnels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
74 B 49ms
48ms Ping
text/plain 2a00:1450:400c:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-EV8MTMZG81&cid=998518668.1692278678&gtm=45je3890&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EV8MTMZG81&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.payfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:24:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.payfunnels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 83ms
82ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EV8MTMZG81&cid=998518668.1692278678&gtm=45je3890&aip=1&z=1447140077

Requested by

Host: app.payfunnels.com
URL: https://app.payfunnels.com/business/invalid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.payfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:24:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 48ms
48ms XHR
text/plain 2a00:1450:400c:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-118123762-1&cid=998518668.1692278678&jid=770830658&gjid=1389434859&_gid=373879204.1692278678&_u=YEBAAUAAAAAAACAAI~&z=1099436669

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.payfunnels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 17 Aug 2023 13:24:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.payfunnels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 79ms
79ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-118123762-1&cid=998518668.1692278678&jid=770830658&_u=YEBAAUAAAAAAACAAI~&z=2100650972

Requested by

Host: app.payfunnels.com
URL: https://app.payfunnels.com/business/invalid

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.payfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:24:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 80ms
80ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-118123762-1&cid=998518668.1692278678&jid=770830658&_u=YEBAAUAAAAAAACAAI~&z=2100650972

Requested by

Host: app.payfunnels.com
URL: https://app.payfunnels.com/business/invalid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.payfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:24:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 336-es2015.5939b3b7632107c05ea2.js Show response
app.payfunnels.com/ 175 KB
56 KB 513ms
513ms Script
application/javascript 2606:4700:20::681a:631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.payfunnels.com/336-es2015.5939b3b7632107c05ea2.js
Requested by: Host: app.payfunnels.com
URL: https://app.payfunnels.com/runtime-es2015.3cf8033b79d6b5fdba86.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:631 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1edd44d50865a60bdb1776a7975832e742908364a00ed096829dfe0a721426fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.payfunnels.com/business/invalid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:24:39 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 04 Aug 2023 09:17:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"2bd76-189bfd60a98"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ks%2F1oyevtW8%2BRUKX%2FMTNWmzoaHp0XQ5p%2BwjcxG5kFuPOpTH8qQV5YK%2F8q6ZRLPPH6S2ZS5sxStjUj0%2ByFWLwtBi4ZnjG57%2Fan%2FPEVreZY2CthlXdmcCGCvG6hO2DnLRp5gdtHQ2g2EElgzN6LVSoKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7f823d123f7d1d92-FRA

GET
H2 200 heap-1040244817.js Show response
cdn.heapanalytics.com/js/ 111 KB
36 KB 47ms
46ms Script
application/javascript 18.239.94.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-1040244817.js

Requested by

Host: app.payfunnels.com
URL: https://app.payfunnels.com/business/invalid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.94.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-94-54.ams1.r.cloudfront.net

Software

nginx / Express

Resource Hash

5ec654dc81257435ad0fff25354b6e6a8d1f1d89f59ec84a35aabf1443fde262

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.payfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:24:09 GMT
content-encoding: br
via: 1.1 03335b4388aac682bcebdd7893781376.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: AMS1-P3
age: 30
x-powered-by: Express
etag: W/"1bbf6-Mr0993m/Gbgp1Zgvf1OZXx8WZqo"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: H_gSGV_gidTI9JmwOS-HWWyEfeu1hfpmoVaG0s2b3uI-06Ym4FqdHw==

GET
H2 200 common-es2015.8f141719a5276da63571.js Show response
app.payfunnels.com/ 3 KB
1 KB 228ms
227ms Script
application/javascript 2606:4700:20::681a:631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.payfunnels.com/common-es2015.8f141719a5276da63571.js
Requested by: Host: app.payfunnels.com
URL: https://app.payfunnels.com/runtime-es2015.3cf8033b79d6b5fdba86.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:631 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 6b0c3df2ec70598d9e7e93b333ceed37591f967d09383524a6c022568df5f2a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.payfunnels.com/business/invalid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:24:39 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 04 Aug 2023 09:17:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"d53-189bfd66c40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aWG81%2Fd9b%2F2zET%2BQNsjRI8WpmCzFKkxYrDGtoPy7uJY6zpGMPmGtNdlwveYjwO%2F1Bi%2FUGFjnGkXbHqLqUIEY7F7k0MnDRT8UliWcFUDSavnERfTgwFWkD5JZo%2FTPXARwAJhti2wClgzsX3x%2BhyUSuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7f823d126fba1d92-FRA

GET
H2 200 998-es2015.e8980073fdebac204dd5.js Show response
app.payfunnels.com/ 236 KB
36 KB 695ms
692ms Script
application/javascript 2606:4700:20::681a:631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.payfunnels.com/998-es2015.e8980073fdebac204dd5.js
Requested by: Host: app.payfunnels.com
URL: https://app.payfunnels.com/runtime-es2015.3cf8033b79d6b5fdba86.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:631 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9a0f4d20aac186dc5e3ef73d280ac6218b005c6fb3dbe006ec7eab3b9960b3aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.payfunnels.com/business/invalid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:24:39 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 04 Aug 2023 09:17:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"3af4a-189bfd63978"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4xf1CPVlsW%2BnNpI7x2m6jYEfy%2Ffuc%2F%2BGg93lV0GhgfxOmsjgo4st5COCaI6yyBYP0RSL0jDYOmcyx1I5XFDh9m9GcV5L5jyaI%2B%2FXObXHBEXJrh7nF63bbM3JuAtULwlrpBuS5%2F2JyMHDKvYzz%2FTo%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7f823d126fc21d92-FRA

GET
H2 200 99-es2015.2e7f2ba62ed96afe1359.js Show response
app.payfunnels.com/ 246 KB
37 KB 693ms
691ms Script
application/javascript 2606:4700:20::681a:631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.payfunnels.com/99-es2015.2e7f2ba62ed96afe1359.js
Requested by: Host: app.payfunnels.com
URL: https://app.payfunnels.com/runtime-es2015.3cf8033b79d6b5fdba86.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:631 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 7a919078c2bef512bba7d50ee6751345b695ccf15a771ea16e053b0f207bc729

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.payfunnels.com/business/invalid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:24:39 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 04 Aug 2023 09:17:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"3d69d-189bfd64148"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1WUZzLfxiBFQ%2BFC4WGfsmiOAkgi3usODu4rUFbaeaysGaZ10awbueHV3%2B%2FuULApJH952%2F1kRsgbxMi211eTfvo7UJhfemtkFjfy15yLZFhnnGEpYm8uZHAR1ukIJKcvpbYUYmdYgXWmRhfyT8i1PYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7f823d126fc41d92-FRA

GET
H2 200 759-es2015.1c5ab35aa3cc4178c0b6.js Show response
app.payfunnels.com/ 105 KB
17 KB 512ms
509ms Script
application/javascript 2606:4700:20::681a:631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.payfunnels.com/759-es2015.1c5ab35aa3cc4178c0b6.js
Requested by: Host: app.payfunnels.com
URL: https://app.payfunnels.com/runtime-es2015.3cf8033b79d6b5fdba86.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:631 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f1913f84aecbd9bc98ce6ac1fabd58e8be8f885d790b92200feb5015ae43e48c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.payfunnels.com/business/invalid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:24:39 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 04 Aug 2023 09:17:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"1a4a2-189bfd63590"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=35QoRmydh%2Bc%2FW6%2Be%2FdR0JA8ozsr%2Bp8z86OLfI7xBdQzMceVb2OylLiLEUekFiY61shZHYJ3qsPrxANm7nxDtcVv9l3K5mV7qLpO%2Bso3NrX5OTZPgWZH%2BuduwEx64xYEYBsYABHTpe3QuH%2F65Qt8ZPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7f823d126fc51d92-FRA

GET
H2 200 419-es2015.a30c741cb326ae1b9391.js Show response
app.payfunnels.com/ 240 KB
35 KB 692ms
689ms Script
application/javascript 2606:4700:20::681a:631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.payfunnels.com/419-es2015.a30c741cb326ae1b9391.js
Requested by: Host: app.payfunnels.com
URL: https://app.payfunnels.com/runtime-es2015.3cf8033b79d6b5fdba86.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:631 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b4a63daa62aa8722af18d3282c85f39e09dcae69668c2f404da4e4d6cca70511

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.payfunnels.com/business/invalid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:24:39 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 04 Aug 2023 09:17:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"3be49-189bfd66470"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NbzclPr5sTtFUBf%2Bz%2Bdv%2BD6FxHxvwfctDaxa2QUASgxFZ3VaTxDmuu3U6kzGboeSwic67aKOMdJSDRSYiu5uJYoPVZSfWyGM6YMJ6HMwwAB%2FZjVbKXCNxPk8mL%2BjPWJYCdWKScZRmYlOi7calNLqjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7f823d126fc61d92-FRA

GET
H2 200 931-es2015.6cbe65363f4892722071.js Show response
app.payfunnels.com/ 43 KB
10 KB 423ms
421ms Script
application/javascript 2606:4700:20::681a:631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.payfunnels.com/931-es2015.6cbe65363f4892722071.js
Requested by: Host: app.payfunnels.com
URL: https://app.payfunnels.com/runtime-es2015.3cf8033b79d6b5fdba86.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:631 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 6ca5ab1d8bee60e5fded61e2d6294f75084335e90241d5fbe58b7dbdb43f0b82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.payfunnels.com/business/invalid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:24:39 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 04 Aug 2023 09:17:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"ac62-189bfd64918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LNqTxUM%2FYan0smPYTQ5fpTOpuYP8KNMcdsHXEDJzdVyDZjTW03YnJZgl68d%2BBxpuWvSXUW0ZeAzaVpz7KJTf%2B6TEaHxwvBqAm7ukZyMvv3XMD%2F51xVba0S1ZEGiwxCV%2F3e69D0katf9z3HVS29X1eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7f823d126fc71d92-FRA

GET
H2 200 950-es2015.1a159dd27387434a86f6.js Show response
app.payfunnels.com/ 195 KB
31 KB 503ms
501ms Script
application/javascript 2606:4700:20::681a:631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.payfunnels.com/950-es2015.1a159dd27387434a86f6.js
Requested by: Host: app.payfunnels.com
URL: https://app.payfunnels.com/runtime-es2015.3cf8033b79d6b5fdba86.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:631 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 6eee0f8b3874d287350832dd36e27cbc97cdf7e5c42885b8e446cdc8bffb52c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.payfunnels.com/business/invalid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:24:39 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 04 Aug 2023 09:17:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"30a0c-189bfd66858"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1zjvg0kdjSoafH9lekXjjjqfrDjRe3QSQzQrEIw%2FT%2BlGKbtcO6SJt6ROqMBWkQEk6LzooA1V6t7lxdXoUEfQQMiWrPf6Zz209Pd7jiGdXSyKLD3o0wwbD8wZw4C6csQVkaYTF1YIvrhMNZkS3EqzRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7f823d126fc81d92-FRA

GET
H2 200 741-es2015.0cb6dd0d2fd1183be286.js Show response
app.payfunnels.com/ 56 KB
9 KB 426ms
423ms Script
application/javascript 2606:4700:20::681a:631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.payfunnels.com/741-es2015.0cb6dd0d2fd1183be286.js
Requested by: Host: app.payfunnels.com
URL: https://app.payfunnels.com/runtime-es2015.3cf8033b79d6b5fdba86.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:631 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 79e7fbd5d0b34f39e8bfd47407c23add8a32a7767fc19c76921a353ee7e8e2b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.payfunnels.com/business/invalid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:24:39 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 04 Aug 2023 09:17:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"de05-189bfd650e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N8lXAuZzeB1ldQX3hYnGTpr5arDLDxU2Tu4LdZUNZlMD2wsYyDSvDyYLWYNKrbyqX2oXsi%2BG87Cf1aQ79K2m7clJi7h3RIinREuQ5%2F2yoE0GgYqaw05DgGPTA65KG9j1YIe2lEAuu3cRROpkQB3Ycw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7f823d126fc91d92-FRA

GET
H2 200 167-es2015.9caac1fa3d1dbf755627.js Show response
app.payfunnels.com/ 170 KB
56 KB 498ms
496ms Script
application/javascript 2606:4700:20::681a:631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.payfunnels.com/167-es2015.9caac1fa3d1dbf755627.js
Requested by: Host: app.payfunnels.com
URL: https://app.payfunnels.com/runtime-es2015.3cf8033b79d6b5fdba86.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:631 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 96c06e0f3a70ec3682fa8ce8881f775844a3ef9bd10afc109fc0cbb087d4f394

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.payfunnels.com/business/invalid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:24:39 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 04 Aug 2023 09:17:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"2a61a-189bfd66088"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vphq3wNt5u5mL%2BzmB5voTtQT0KPcPtJYJSLDHWdxsybYmR%2F41x%2FBI8jGRWVxRfllsVTMCJ31RTxzQ3yF239hNrTwkbxkHUns9GwwhnxNCcudCJMK%2B0lH3F77g2mIkDurwMVozJQsWaNHyqeLs%2BqxCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7f823d126fcb1d92-FRA

GET
H2 200 498-es2015.88583c9c52e9008eb35a.js Show response
app.payfunnels.com/ 27 KB
6 KB 356ms
354ms Script
application/javascript 2606:4700:20::681a:631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.payfunnels.com/498-es2015.88583c9c52e9008eb35a.js
Requested by: Host: app.payfunnels.com
URL: https://app.payfunnels.com/runtime-es2015.3cf8033b79d6b5fdba86.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:631 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 03f4615e097f071ab3ff7029dea97983dd953faa61bd00e3323464263c82a62c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.payfunnels.com/business/invalid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:24:39 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 04 Aug 2023 09:17:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"6cba-189bfd66858"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jHn04eRurD5cJCO%2FwWknODOFBhSQlx4H4rmZhvb9JH4RENaHgtpPposY0VVgYVaLGumWXmSRTMXyPO45ICe5bn8aPo%2FNwWwI%2FMK1ocqNg9ntFEIQvhbDeN97FdyhS%2BpiArYyZ6IaSdDB30cjcStgPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7f823d12a8091d92-FRA

GET
H2 200 436-es2015.be0039600932db729223.js Show response
app.payfunnels.com/ 14 KB
4 KB 274ms
272ms Script
application/javascript 2606:4700:20::681a:631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.payfunnels.com/436-es2015.be0039600932db729223.js
Requested by: Host: app.payfunnels.com
URL: https://app.payfunnels.com/runtime-es2015.3cf8033b79d6b5fdba86.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:631 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b5dea84e756cfefab9189df664d99eb3c805341b389f6721c9a8b7cd810e955e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.payfunnels.com/business/invalid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:24:39 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 04 Aug 2023 09:17:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"38b0-189bfd66c40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UZtB%2B4GLLjz5H%2B0WG9bgIYUafQMpbt5WOhgczRu0UuIfwRd1F%2BA7X56RqeCxBtGfeu%2B9sezF8vrq1wRGY3MzsakAQJn0J50WoArNQbt24ET4S0tFgL7rbWZ7cqKjBMB4sbm0%2BqfqER4ZJO35NMAWew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7f823d12a80a1d92-FRA

GET
H2 200 949-es2015.68c2d64896eadccfefe0.js Show response
app.payfunnels.com/ 17 KB
5 KB 365ms
363ms Script
application/javascript 2606:4700:20::681a:631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.payfunnels.com/949-es2015.68c2d64896eadccfefe0.js
Requested by: Host: app.payfunnels.com
URL: https://app.payfunnels.com/runtime-es2015.3cf8033b79d6b5fdba86.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:631 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5035cb665b9038eef07c807e545949be2403367225344bf50fe4fba4344edcc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.payfunnels.com/business/invalid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:24:39 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 04 Aug 2023 09:17:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"4293-189bfd67028"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qB4iJTyQW9Q0ciNPnYbAZapepx%2FwZsLsAOtLYD6%2F7Xa9Dc2RL%2Bv3AdbX0jHC3i3i%2BwdLi%2BoJDMn8FWxYVMNCeAWbA1O3HdASi6HpnJIGNRrjpny4wJlMv8kDlaDvBoougYLV2t0HfsQTcePmOefDQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7f823d12a80b1d92-FRA

GET
H2 200 580-es2015.304e77ab48b303527cdb.js Show response
app.payfunnels.com/ 39 KB
10 KB 354ms
353ms Script
application/javascript 2606:4700:20::681a:631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.payfunnels.com/580-es2015.304e77ab48b303527cdb.js
Requested by: Host: app.payfunnels.com
URL: https://app.payfunnels.com/runtime-es2015.3cf8033b79d6b5fdba86.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:631 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 58d9285756ad5e2d21da3cf301f8b24f776943e9533e6e0c3cacc99ac67aceba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.payfunnels.com/business/invalid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:24:39 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 04 Aug 2023 09:17:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"9cd1-189bfd67028"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TgzAc%2BXxlHkDI0wWBN13zcRbae3wvbcjannuDOZi%2B88m1cDmni%2FG4R1t3vF1WUH19H1TrNGWNmJM6K57N4S5IS9McYh3rgw2aWRceqLh1O2YIexoSGMN%2BfTBAZyh4xSTD45LTanPABrrW5kjEu%2FQIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7f823d12a80c1d92-FRA

GET
H2 200 logo-dark.svg
app.payfunnels.com/assets/img/brand/ 17 KB
6 KB 348ms
348ms Image
image/svg+xml 2606:4700:20::681a:631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.payfunnels.com/assets/img/brand/logo-dark.svg
Requested by: Host: app.payfunnels.com
URL: https://app.payfunnels.com/business/invalid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:631 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 638d8f89c62db28816070f6cfeab42c56af20793df821b97ab7cc11f0c911994

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.payfunnels.com/business/invalid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:24:39 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 04 Aug 2023 09:18:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"426c-189bfd74318"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1rAoOeyVv5aaXT2mewhtDDUiLKdDiQkSr4zVlnuFv8P4ttCzM7E5b%2FY9tXf1LgVpcIlKWZlzFqquVryc%2BEWrmlqu9DFx3cFnnhWSv%2BjmsqvRfImhioYOgzBuGmuiYZ0Y4b4o0JKx1tKIBna3%2Fug%2Bnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 7f823d12a80d1d92-FRA

GET
H3 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 9B28 200 B
939 B 40ms
39ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.payfunnels.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 19491131
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 17 Aug 2023 13:24:39 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Wed, 21 Dec 2022 18:20:45 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 436100
x-content-type-options: nosniff
x-request-id: 2a0630a1-c25c-40e4-9c2b-452d4908580a
x-served-by: cache-fra-eddf8230120-FRA

GET
H3 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: app.payfunnels.com
URL: https://app.payfunnels.com/business/invalid

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50dda9aac0fcea362bdda27ae7833240485ad5a20ccc105c1cd13ea26802a8bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.payfunnels.com/
Origin: https://app.payfunnels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:20:07 GMT
x-content-type-options: nosniff
age: 482672
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8916
x-xss-protection: 0
last-modified: Wed, 11 Oct 2017 21:49:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Aug 2024 23:20:07 GMT

GET
H3 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: app.payfunnels.com
URL: https://app.payfunnels.com/business/invalid

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.payfunnels.com/
Origin: https://app.payfunnels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 23:35:55 GMT
x-content-type-options: nosniff
age: 481724
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8800
x-xss-protection: 0
last-modified: Wed, 11 Oct 2017 21:49:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Aug 2024 23:35:55 GMT

GET
H3 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 46ms
46ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: app.payfunnels.com
URL: https://app.payfunnels.com/business/invalid

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35a21333c81302e934ee42b7b85b2c6a731bfffb418fe52fe795cb1974186976

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.payfunnels.com/
Origin: https://app.payfunnels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 19:34:29 GMT
x-content-type-options: nosniff
age: 496210
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8732
x-xss-protection: 0
last-modified: Wed, 11 Oct 2017 21:49:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Aug 2024 19:34:29 GMT

GET
H3 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9B28 631 B
756 B 40ms
39ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 17 Aug 2023 13:24:39 GMT
via: 1.1 varnish
age: 6019766
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 396
x-request-id: 20ca11ea-fa79-4e86-857c-4e11778852bc
x-served-by: cache-fra-eddf8230120-FRA
last-modified: Thu, 08 Jun 2023 20:06:50 GMT
server: Fastly
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 412424

GET
H2 200 h
heapanalytics.com/ 37 B
260 B 122ms
122ms Image
image/gif 3.221.242.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1040244817&u=3569365410388536&v=6265290539234915&s=8433466304469843&b=web&tv=4.0&z=0&h=%2Fbusiness%2Finvalid&d=app.payfunnels.com&t=Invalid%20Business&r=https%3A%2F%2Fpayment.madcraft.co%2F&ts=1692278679651&st=1692278679653

Requested by

Host: app.payfunnels.com
URL: https://app.payfunnels.com/business/invalid

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.221.242.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-221-242-7.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.payfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:24:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

POST
H2 200 csp-report
q.stripe.com/ Frame 9B28 0
717 B 214ms
213ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: payment.madcraft.co
URL: https://payment.madcraft.co/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 17 Aug 2023 13:24:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1692278679782575
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1692278679781592
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 9B28 0
717 B 212ms
211ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: payment.madcraft.co
URL: https://payment.madcraft.co/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 17 Aug 2023 13:24:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1692278679782147
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1692278679781664
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 2FE6 930 B
710 B 40ms
39ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 12
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 17 Aug 2023 13:24:39 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 15
x-content-type-options: nosniff
x-request-id: 4a5fda89-e8ef-490a-b5f9-3f04c1e9b201
x-served-by: cache-fra-eddf8230026-FRA
x-timer: S1692278680.692259,VS0,VE0

POST
H2 200 csp-report
q.stripe.com/ Frame 2FE6 0
491 B 208ms
208ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: payment.madcraft.co
URL: https://payment.madcraft.co/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 17 Aug 2023 13:24:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1692278679828646
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1692278679828210
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 2FE6 87 KB
15 KB 41ms
41ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Thu, 17 Aug 2023 13:24:39 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 153
x-cache: HIT
content-length: 15509
x-request-id: 54f50cd8-74c5-4d1a-93fa-705bb87f4b04
x-served-by: cache-fra-eddf8230026-FRA
server: Fastly
x-timer: S1692278680.738583,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 126

POST
H2 200 6 Show response
m.stripe.com/ Frame 2FE6 156 B
670 B 322ms
321ms XHR
application/json 34.214.57.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.214.57.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-214-57-8.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

bd92321465f57e0269b761387a1eb17b2dd7af23f99c0cdc34389386742095a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Thu, 17 Aug 2023 13:24:39 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1692278679882494
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 5
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1692278679882191
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 40ms
40ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=181466379399546&ev=Microdata&dl=https%3A%2F%2Fapp.payfunnels.com%2Fbusiness%2Finvalid&rl=https%3A%2F%2Fpayment.madcraft.co%2F&if=false&ts=1692278679780&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Invalid%20Business%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.123&r=stable&ec=1&o=30&fbp=fb.1.1692278678260.196425984&it=1692278678104&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: app.payfunnels.com
URL: https://app.payfunnels.com/business/invalid

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.payfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 17 Aug 2023 13:24:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 / Show response
beacon-v2.helpscout.net/ 458 B
750 B 168ms
51ms Script
application/javascript 108.139.243.118

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon-v2.helpscout.net/
Requested by: Host: app.payfunnels.com
URL: https://app.payfunnels.com/business/invalid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.118 , United States, ASN (),
Reverse DNS: server-108-139-243-118.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d03418fa43e1ad5d4168c8af9af2bd9b165410003186b568939ce94ff63345d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.payfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:22:51 GMT
content-encoding: gzip
via: 1.1 a9eaf6e9a69fa6a7e0ae6b0894db715a.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P3
age: 110
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 326
last-modified: Tue, 25 Jul 2023 16:20:08 GMT
server: AmazonS3
etag: "4b0d67bdbfba9dd71df87faa9fdcdf88"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=120, s-maxage=120, public
accept-ranges: bytes
x-amz-cf-id: XBFzM5-wO5f1cgTm0FTFFuq2PG5sPpfLs6ocHd59UN7gYr_j_QzxsA==

GET
H2 200 vendor.51111976.js Show response
beacon-v2.helpscout.net/static/js/ 63 KB
22 KB 57ms
56ms Script
application/javascript 108.139.243.118

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon-v2.helpscout.net/static/js/vendor.51111976.js
Requested by: Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.118 , United States, ASN (),
Reverse DNS: server-108-139-243-118.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6a69a0f8da52f401b953914ed46f36a66de2a61dfd54fe5f92b4d6585773c76a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.payfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 12:28:43 GMT
content-encoding: gzip
via: 1.1 a9eaf6e9a69fa6a7e0ae6b0894db715a.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P3
age: 3358
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 22209
last-modified: Tue, 25 Jul 2023 16:20:08 GMT
server: AmazonS3
etag: "341cb1fe5323fabbbb2b06b250159329"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: de_Br1lf0Blz1FnfkifNk8rfM6mKAsrvwVkWSqMVAW0h0DKij9utMA==

GET
H2 200 main.ee6578e7.js Show response
beacon-v2.helpscout.net/static/js/ 25 KB
10 KB 67ms
66ms Script
application/javascript 108.139.243.118

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon-v2.helpscout.net/static/js/main.ee6578e7.js
Requested by: Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.118 , United States, ASN (),
Reverse DNS: server-108-139-243-118.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 308ce825fa83afdbc32440a33de4fb18ef252cd4b52c5f6bba3ff05232eb03b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.payfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 12:28:42 GMT
content-encoding: gzip
via: 1.1 a9eaf6e9a69fa6a7e0ae6b0894db715a.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P3
age: 3358
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 9711
last-modified: Tue, 25 Jul 2023 16:20:08 GMT
server: AmazonS3
etag: "b0cc95357602ae3e0e1a0cb1b24a725d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: rNQR7JtHvod7Nd2RlWeCVXXjK7z2pwU4QiIPC47CykvEy4JahBuFVA==

OPTIONS
H2 200 71f690ac-50e9-4e13-9884-010eaf6798c6
d3hb14vkzrxvla.cloudfront.net/v1/ Frame 0
0 269ms
154ms Preflight 18.65.40.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3hb14vkzrxvla.cloudfront.net/v1/71f690ac-50e9-4e13-9884-010eaf6798c6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.40.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-40-12.ams1.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: beacon-device-id,correlationid,helpscout-origin,helpscout-release
Access-Control-Request-Method: GET
Origin: https://app.payfunnels.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: beacon-device-id, correlationid, helpscout-origin, helpscout-release
access-control-allow-methods: GET
access-control-allow-origin: https://app.payfunnels.com
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, TRACE, PATCH
content-length: 0
date: Thu, 17 Aug 2023 13:24:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin,Access-Control-Request-Method
via: 1.1 ca1ae3b3ff3d7a9e41b26e307972401e.cloudfront.net (CloudFront)
x-amz-cf-id: 2neGIDCCkQ0vfzsmgcG6DJ7_ujtSh8YusOo1AxrBeErlDfNKm2cbAw==
x-amz-cf-pop: AMS1-P1
x-cache: Miss from cloudfront
x-ratelimit-limit-attachments-hour: 10
x-ratelimit-limit-chat-tokens-hour: 25
x-ratelimit-limit-conversations-hour: 10
x-ratelimit-limit-general-minute: 60
x-ratelimit-limit-identify-hour: 25
x-ratelimit-remaining-attachments-hour: 10
x-ratelimit-remaining-chat-tokens-hour: 25
x-ratelimit-remaining-conversations-hour: 10
x-ratelimit-remaining-general-minute: 60
x-ratelimit-remaining-identify-hour: 25

GET
H2 200 71f690ac-50e9-4e13-9884-010eaf6798c6 Show response
d3hb14vkzrxvla.cloudfront.net/v1/ 6 KB
7 KB 148ms
147ms XHR
application/json 18.65.40.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3hb14vkzrxvla.cloudfront.net/v1/71f690ac-50e9-4e13-9884-010eaf6798c6

Requested by

Host: app.payfunnels.com
URL: https://app.payfunnels.com/polyfills-es2015.c8dbb24107db24327be7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.40.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-40-12.ams1.r.cloudfront.net

Software

Resource Hash

ab3d1398179c0baab03ccc2bfe9ed8ed817aac94f027923b2492c41d15b50b0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

correlationId: 1ad86175-c5b7-459e-a7cc-7d240aeff760
Helpscout-Release: 2.2.105
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Accept: application/json, text/plain, */*
Beacon-Device-ID: 126e0fa2-8a13-4b1b-9c94-57097aeefbfd
Referer: https://app.payfunnels.com/
Helpscout-Origin: Beacon-Embed

Response headers

date: Thu, 17 Aug 2023 13:24:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ca1ae3b3ff3d7a9e41b26e307972401e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-cache: Miss from cloudfront
x-ratelimit-remaining-identify-hour: 25
x-ratelimit-limit-general-minute: 60
x-ratelimit-remaining-conversations-hour: 10
x-ratelimit-limit-identify-hour: 25
x-ratelimit-remaining-chat-tokens-hour: 25
x-ratelimit-limit-conversations-hour: 10
x-ratelimit-limit-attachments-hour: 10
vary: Origin,Access-Control-Request-Method
content-type: application/json
access-control-allow-origin: https://app.payfunnels.com
x-ratelimit-remaining-general-minute: 60
access-control-expose-headers: Resource-ID
cache-control: max-age=300
access-control-allow-credentials: true
x-ratelimit-remaining-attachments-hour: 10
x-amz-cf-id: vzoYNRr7aWxNLAlBM6Wtt94Jw7FHs5MysrBIUIMwm30ViZfkvcORzg==
x-ratelimit-limit-chat-tokens-hour: 25

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Domain: m.stripe.com
URL: https://m.stripe.com/6

Domain: api3.payfunnels.com
URL: https://api3.payfunnels.com/graphql

Domain: api3.payfunnels.com
URL: https://api3.payfunnels.com/graphql

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-EV8MTMZG81&gtm=45je38g0h2&_p=1286110229&cid=1298605852.1692278676&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=2&sid=1692278676&sct=1&seg=0&dl=https%3A%2F%2Fpayment.madcraft.co%2F&dt=Payfunnels&en=user_engagement&_et=1391

Verdicts & Comments Add Verdict or Comment

251 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.madcraft.co/	1970-01-20 22:50:14	Name: _hjSessionUser_1550729 Value: eyJpZCI6IjFjZTg0OWQ1LWMwNjItNWExMi1iN2I5LTZmOWE0MTk2NzcxOCIsImNyZWF0ZWQiOjE2OTIyNzg2NzY0ODUsImV4aXN0aW5nIjpmYWxzZX0=
.madcraft.co/	1970-01-20 14:04:40	Name: _hjFirstSeen Value: 1
.madcraft.co/	1970-01-20 14:04:38	Name: _hjIncludedInSessionSample_1550729 Value: 0
.madcraft.co/	1970-01-20 14:04:40	Name: _hjSession_1550729 Value: eyJpZCI6IjU3M2I4NWI0LWViY2MtNGI4NC04MTQ3LWUwODZjOWQ4MTkyOSIsImNyZWF0ZWQiOjE2OTIyNzg2NzY0OTEsImluU2FtcGxlIjpmYWxzZX0=
.madcraft.co/	1970-01-20 14:04:40	Name: _hjAbsoluteSessionInProgress Value: 0
.madcraft.co/	1970-01-20 23:40:38	Name: _ga Value: GA1.2.1298605852.1692278676
.madcraft.co/	1970-01-20 14:06:05	Name: _gid Value: GA1.2.900257925.1692278677
.madcraft.co/	1970-01-20 14:04:38	Name: _gat_gtag_UA_118123762_1 Value: 1
.madcraft.co/	1970-01-20 16:14:14	Name: _fbp Value: fb.1.1692278676542.1481631987
payment.madcraft.co/	1969-12-31 23:59:59	Name: sidenav-state Value: pinned
.madcraft.co/	1970-01-20 22:50:14	Name: mp_3e2d37d7f6305a3b532dce181f5f912f_mixpanel Value: %7B%22distinct_id%22%3A%20%2218a03ab5e39632-0c1da3bb161ba3-1436347e-1d4c00-18a03ab5e3abd%22%2C%22%24device_id%22%3A%20%2218a03ab5e39632-0c1da3bb161ba3-1436347e-1d4c00-18a03ab5e3abd%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.madcraft.co/	1970-01-20 23:32:36	Name: _hp2_id.1040244817 Value: %7B%22userId%22%3A%22870379432993176%22%2C%22pageviewId%22%3A%221402243951209547%22%2C%22sessionId%22%3A%22397819660118167%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.madcraft.co/	1970-01-20 14:04:40	Name: _hp2_ses_props.1040244817 Value: %7B%22ts%22%3A1692278677314%2C%22d%22%3A%22payment.madcraft.co%22%2C%22h%22%3A%22%2F%22%7D
.madcraft.co/	1970-01-20 23:40:38	Name: _ga_EV8MTMZG81 Value: GS1.1.1692278676.1.0.1692278677.59.0.0
.payfunnels.com/	1970-01-20 14:06:05	Name: _gid Value: GA1.2.373879204.1692278678
.payfunnels.com/	1970-01-20 14:04:38	Name: _gat_gtag_UA_118123762_1 Value: 1
.payfunnels.com/	1970-01-20 22:50:14	Name: _hjSessionUser_1550729 Value: eyJpZCI6IjhlMjNlMjZjLWI2MWMtNWRiNS05YmM0LTZhZDJiMzc4OTAyZSIsImNyZWF0ZWQiOjE2OTIyNzg2NzgyMzYsImV4aXN0aW5nIjpmYWxzZX0=
.payfunnels.com/	1970-01-20 14:04:40	Name: _hjFirstSeen Value: 1
.payfunnels.com/	1970-01-20 14:04:38	Name: _hjIncludedInSessionSample_1550729 Value: 0
.payfunnels.com/	1970-01-20 14:04:40	Name: _hjSession_1550729 Value: eyJpZCI6IjE0ZjI3OTkxLTZkMjYtNDA5OS05MDNlLWQwYmRiMWI3NWI5YyIsImNyZWF0ZWQiOjE2OTIyNzg2NzgyMzgsImluU2FtcGxlIjpmYWxzZX0=
.payfunnels.com/	1970-01-20 14:04:40	Name: _hjAbsoluteSessionInProgress Value: 1
.payfunnels.com/	1970-01-20 16:14:14	Name: _fbp Value: fb.1.1692278678260.196425984
.payfunnels.com/	1970-01-20 23:40:38	Name: _ga_EV8MTMZG81 Value: GS1.1.1692278678.1.0.1692278678.60.0.0
.payfunnels.com/	1970-01-20 23:40:38	Name: _ga Value: GA1.1.998518668.1692278678
app.payfunnels.com/	1969-12-31 23:59:59	Name: sidenav-state Value: pinned
.payfunnels.com/	1970-01-20 22:50:14	Name: mp_3e2d37d7f6305a3b532dce181f5f912f_mixpanel Value: %7B%22distinct_id%22%3A%20%2218a03ab67561-0ca5b8209c3a6f-1436347e-1d4c00-18a03ab67571502%22%2C%22%24device_id%22%3A%20%2218a03ab67561-0ca5b8209c3a6f-1436347e-1d4c00-18a03ab67571502%22%2C%22%24initial_referrer%22%3A%20%22https%3A%2F%2Fpayment.madcraft.co%2F%22%2C%22%24initial_referring_domain%22%3A%20%22payment.madcraft.co%22%7D
.payfunnels.com/	1970-01-20 23:32:36	Name: _hp2_id.1040244817 Value: %7B%22userId%22%3A%223569365410388536%22%2C%22pageviewId%22%3A%226265290539234915%22%2C%22sessionId%22%3A%228433466304469843%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.payfunnels.com/	1970-01-20 14:04:40	Name: _hp2_ses_props.1040244817 Value: %7B%22r%22%3A%22https%3A%2F%2Fpayment.madcraft.co%2F%22%2C%22ts%22%3A1692278679651%2C%22d%22%3A%22app.payfunnels.com%22%2C%22h%22%3A%22%2Fbusiness%2Finvalid%22%7D
m.stripe.com/	1970-01-20 23:40:38	Name: m Value: 8970e838-6a4e-4515-92c6-ebbd11986ddd93de06
.app.payfunnels.com/	1970-01-20 22:50:14	Name: __stripe_mid Value: 5029f538-6c8a-4109-b7d8-dba8a198fb756c9bb9
.app.payfunnels.com/	1970-01-20 14:04:40	Name: __stripe_sid Value: 99dfd724-dcd0-4cac-b725-774ed8206ae4fdeafe

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network	error	URL: https://api3.payfunnels.com/status Message: Failed to load resource: the server responded with a status of 400 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api3.payfunnels.com
app.payfunnels.com
beacon-v2.helpscout.net
beta.affiliatehunt.com
cdn.heapanalytics.com
connect.facebook.net
d3hb14vkzrxvla.cloudfront.net
fonts.gstatic.com
heapanalytics.com
js.stripe.com
m.stripe.com
m.stripe.network
payment.madcraft.co
q.stripe.com
region1.analytics.google.com
script.hotjar.com
stackpath.bootstrapcdn.com
static.hotjar.com
stats.g.doubleclick.net
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
api3.payfunnels.com
m.stripe.com
q.stripe.com
region1.analytics.google.com
108.139.243.118
151.101.128.176
18.239.94.54
18.65.40.12
2001:4860:4802:34::36
2606:4700:20::681a:631
2606:4700:20::681a:731
2606:4700:3035::6815:3ff8
2606:4700::6812:bcf
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:828::2004
2a00:1450:4001:831::2008
2a00:1450:4001:831::200e
2a00:1450:400c:c09::9d
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.221.242.7
34.214.57.8
52.222.139.116
52.222.139.20
52.222.236.63
54.187.159.182
03f4615e097f071ab3ff7029dea97983dd953faa61bd00e3323464263c82a62c
07b896a6d0efd4c2b706477a0f2c2ada2dff59d654a3cd4bf2ed84333a90d7c7
158589b741eac0343f21e5729a7cac29619c17c33f614d75123c4036692b994b
15f83320d16ebe790af610667b9002f58e64cb690f82b2c3ffc8ee4dce6ece6f
1edd44d50865a60bdb1776a7975832e742908364a00ed096829dfe0a721426fa
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
2d03418fa43e1ad5d4168c8af9af2bd9b165410003186b568939ce94ff63345d
3047cfc1cad20d75bd3aa6bcfd5ca1780fa08a0cb31a7c7dafa53ceee3102330
308ce825fa83afdbc32440a33de4fb18ef252cd4b52c5f6bba3ff05232eb03b3
35a21333c81302e934ee42b7b85b2c6a731bfffb418fe52fe795cb1974186976
38071680da51f56355d3b3c381e4b4460f73e05254bc96b3b9b067b1529a8498
3eb875a8a1a147b53fc0f6cb771f4fd0e5f7925a684eb06da802058e60b08981
45a66a05249a9a90553e6173c2b862904c26c181a906ff76408b39c3ba7eb572
5035cb665b9038eef07c807e545949be2403367225344bf50fe4fba4344edcc5
50dda9aac0fcea362bdda27ae7833240485ad5a20ccc105c1cd13ea26802a8bd
56e90108042910b01c6af7f1e6dcf39fa7ac27f009f1a906b216329afce6824d
58d9285756ad5e2d21da3cf301f8b24f776943e9533e6e0c3cacc99ac67aceba
5ec654dc81257435ad0fff25354b6e6a8d1f1d89f59ec84a35aabf1443fde262
6112595639115f76e0699c38fad9e1a178039ea1b2f6be9585d172b5caa2e824
638d8f89c62db28816070f6cfeab42c56af20793df821b97ab7cc11f0c911994
6a69a0f8da52f401b953914ed46f36a66de2a61dfd54fe5f92b4d6585773c76a
6b0c3df2ec70598d9e7e93b333ceed37591f967d09383524a6c022568df5f2a9
6ca5ab1d8bee60e5fded61e2d6294f75084335e90241d5fbe58b7dbdb43f0b82
6eee0f8b3874d287350832dd36e27cbc97cdf7e5c42885b8e446cdc8bffb52c0
78a18c45d5c98f8ca5a5016d8227ee8a73a4be68b404a0041d9cb969168048b6
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79e7fbd5d0b34f39e8bfd47407c23add8a32a7767fc19c76921a353ee7e8e2b8
7a919078c2bef512bba7d50ee6751345b695ccf15a771ea16e053b0f207bc729
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
8a3192f3f16869398df53fc9af56a2957cf47ce441fc8c2d0707581e4153c690
905f7246ebb1d5a1715fb7b821447feb1077f3e3fd073948fea7f2d7a4f62f3f
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
96c06e0f3a70ec3682fa8ce8881f775844a3ef9bd10afc109fc0cbb087d4f394
99617f56dcb44f5ed721eb02838cf5c5b3c15848a9e932128b8f5d7a934211c2
9a0f4d20aac186dc5e3ef73d280ac6218b005c6fb3dbe006ec7eab3b9960b3aa
ab3d1398179c0baab03ccc2bfe9ed8ed817aac94f027923b2492c41d15b50b0a
b392a311ade87f6677ee4df882a95e0ef9b1e3ff868fe9bd20b79e7e4bfba44d
b4a63daa62aa8722af18d3282c85f39e09dcae69668c2f404da4e4d6cca70511
b5dea84e756cfefab9189df664d99eb3c805341b389f6721c9a8b7cd810e955e
b76eb0fb853247a10ef2d06dd156815be1d8ae1d5e6fc23db338968e133006ef
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd92321465f57e0269b761387a1eb17b2dd7af23f99c0cdc34389386742095a8
d2a4bb0e2e8a59f48fe6b261745572f4eb5bea388757f67e538f712e43d0073d
dce0d7ca04dab71f2a8dd85843db714d8dee6dd34242b91112e35f40f250822a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a162cb53d79e0ee3a6d020bc72c80cde5644ffbeb9913b96c3c4833a4a65d6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef92dc434f10920d2469d029074986260f78a959d16da77404097898f2a251de
f1913f84aecbd9bc98ce6ac1fabd58e8be8f885d790b92200feb5015ae43e48c
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be

app.payfunnels.com Open in urlscan Pro 2606:4700:20::681a:631 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

106 Requests

93 %HTTPS

58 %IPv6

19 Domains

26 Subdomains

25 IPs

3 Countries

6029 kBTransfer

20980 kBSize

31 Cookies

0 Outgoing links

Page URL History

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

app.payfunnels.com Open in urlscan Pro
2606:4700:20::681a:631 Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

93 %
HTTPS

58 %
IPv6

19
Domains

26
Subdomains

25
IPs

3
Countries

6029 kB
Transfer

20980 kB
Size

31
Cookies

106 HTTP transactions
0 data transactions