ootpdevelopments.onfastspring.com Open in urlscan Pro
44.217.222.134 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ootpdevelopments.onfastspring.com/
Effective URL:
https://ootpdevelopments.onfastspring.com/
Submission: On December 05 via api (December 5th 2023, 1:17:36 am UTC) from US — Scanned from DE

Summary HTTP 59 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 16 domains to perform 59 HTTP transactions. The main IP is 44.217.222.134, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is ootpdevelopments.onfastspring.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on December 14th 2022. Valid for: a year.

This is the only time ootpdevelopments.onfastspring.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	44.217.222.134 44.217.222.134	14618 (AMAZON-AES) (AMAZON-AES)
6	18.154.71.153 18.154.71.153	16509 (AMAZON-02) (AMAZON-02)
6	108.138.2.26 108.138.2.26	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	18.173.226.10 18.173.226.10	16509 (AMAZON-02) (AMAZON-02)
13	18.66.242.195 18.66.242.195	16509 (AMAZON-02) (AMAZON-02)
2	63.33.186.64 63.33.186.64	16509 (AMAZON-02) (AMAZON-02)
2	35.190.35.221 35.190.35.221	15169 (GOOGLE) (GOOGLE)
1	34.36.213.229 34.36.213.229	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
11	35.184.35.160 35.184.35.160	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.66.242.115 18.66.242.115	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	44.214.164.195 44.214.164.195	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.24.1.210 52.24.1.210	16509 (AMAZON-02) (AMAZON-02)
59	22

2 44.217.222.134 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-217-222-134.compute-1.amazonaws.com

ootpdevelopments.onfastspring.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.154.71.153 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-71-153.dus51.r.cloudfront.net

d1f8f9xcsvx3ha.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 108.138.2.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-2-26.fra56.r.cloudfront.net

d37uz57cydkqly.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.226.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-226-10.dus51.r.cloudfront.net

dcnz2rrcot657.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 18.66.242.195 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-242-195.dus51.r.cloudfront.net

d8y8nchqlnmka.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.33.186.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-186-64.eu-west-1.compute.amazonaws.com

seal.digicert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.35.221 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 221.35.190.35.bc.googleusercontent.com

web-sdk.aptrinsic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.36.213.229 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 229.213.36.34.bc.googleusercontent.com

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 35.184.35.160 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 160.35.184.35.bc.googleusercontent.com

esp.aptrinsic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.242.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-242-115.dus51.r.cloudfront.net

d2kl989519khzp.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.214.164.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-214-164-195.compute-1.amazonaws.com

fastspringresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

d.impactradius-event.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.24.1.210 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-24-1-210.us-west-2.compute.amazonaws.com

logs-01.loggly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	cloudfront.net d1f8f9xcsvx3ha.cloudfront.net d37uz57cydkqly.cloudfront.net dcnz2rrcot657.cloudfront.net d8y8nchqlnmka.cloudfront.net d2kl989519khzp.cloudfront.net	1 MB
13	aptrinsic.com web-sdk.aptrinsic.com — Cisco Umbrella Rank: 5247 esp.aptrinsic.com — Cisco Umbrella Rank: 2777	220 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 ssl.google-analytics.com — Cisco Umbrella Rank: 587	58 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	89 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	6 KB
2	digicert.com seal.digicert.com — Cisco Umbrella Rank: 9636	7 KB
2	onfastspring.com 1 redirects ootpdevelopments.onfastspring.com	62 KB
1	loggly.com logs-01.loggly.com — Cisco Umbrella Rank: 11389
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
1	google.de www.google.de — Cisco Umbrella Rank: 6765	455 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	455 B
1	impactradius-event.com d.impactradius-event.com — Cisco Umbrella Rank: 3155	13 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	70 KB
1	fastspringresources.com fastspringresources.com — Cisco Umbrella Rank: 643082	27 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102	51 KB
1	pendo.io cdn.pendo.io — Cisco Umbrella Rank: 830	137 KB
59	16

	Domain	Requested by
13	d8y8nchqlnmka.cloudfront.net	ootpdevelopments.onfastspring.com
11	esp.aptrinsic.com	web-sdk.aptrinsic.com
6	d37uz57cydkqly.cloudfront.net	ootpdevelopments.onfastspring.com
6	d1f8f9xcsvx3ha.cloudfront.net	ootpdevelopments.onfastspring.com d1f8f9xcsvx3ha.cloudfront.net d2kl989519khzp.cloudfront.net
2	connect.facebook.net	ootpdevelopments.onfastspring.com connect.facebook.net
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googletagmanager.com
2	web-sdk.aptrinsic.com	d37uz57cydkqly.cloudfront.net web-sdk.aptrinsic.com
2	seal.digicert.com	d37uz57cydkqly.cloudfront.net
2	www.google-analytics.com	d1f8f9xcsvx3ha.cloudfront.net www.googletagmanager.com
2	ootpdevelopments.onfastspring.com	1 redirects
1	logs-01.loggly.com
1	www.facebook.com
1	www.google.de
1	www.google.com
1	d.impactradius-event.com	ootpdevelopments.onfastspring.com
1	ssl.google-analytics.com	ootpdevelopments.onfastspring.com
1	www.googletagmanager.com	d2kl989519khzp.cloudfront.net
1	fastspringresources.com	d2kl989519khzp.cloudfront.net
1	pagead2.googlesyndication.com	d2kl989519khzp.cloudfront.net
1	d2kl989519khzp.cloudfront.net	d1f8f9xcsvx3ha.cloudfront.net
1	cdn.pendo.io	d37uz57cydkqly.cloudfront.net
1	dcnz2rrcot657.cloudfront.net	ootpdevelopments.onfastspring.com
59	22

This site contains links to these domains. Also see Links.

Domain
fastspring.com
www.fastspring.com
www.ootpdevelopments.com

Subject Issuer	Validity	Valid
onfastspring.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-14` - `2024-01-10`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
seal.digicert.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-06-05`	a year	crt.sh
*.aptrinsic.com GeoTrust RSA CA 2018	`2023-03-01` - `2024-03-31`	a year	crt.sh
cdn.pendo.io GTS CA 1D4	`2023-10-09` - `2024-01-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.fastspringresources.com Amazon RSA 2048 M02	`2023-01-31` - `2024-02-29`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-13` - `2023-12-12`	3 months	crt.sh
*.impactradius-event.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-07` - `2024-01-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
logs-01.loggly.com Starfield Secure Certificate Authority - G2	`2023-03-25` - `2024-04-10`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://ootpdevelopments.onfastspring.com/
Frame ID: 1B260ACD12317A84207BD461CE2EC9F2
Requests: 43 HTTP requests in this frame

Frame: https://d2kl989519khzp.cloudfront.net/ootpdevelopments/?_ga=2.95296668.1672058190.1701739051-2126972456.1701739051&sid=new%2F63EqXXpSTS2qWes6Qn7xVA
Frame ID: AA553EACBC04356D0B08D801A563A9CA
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/zrt_lookup_fy2021.html
Frame ID: 07A9339A1FBCB3B9C357BD9944063084
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

OOTP Developments Web Store

Page URL History Show full URLs

http://ootpdevelopments.onfastspring.com/ HTTP 301
https://ootpdevelopments.onfastspring.com/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Impact (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

d\.impactradius-event\.com

Page Statistics

59
Requests

100 %
HTTPS

41 %
IPv6

16
Domains

22
Subdomains

22
IPs

3
Countries

2244 kB
Transfer

4179 kB
Size

5
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://fastspring.com/fastspring-terms-sale-germany/
Title: AGB

Search URL Search Domain Scan URL

URL: https://fastspring.com/fastspring-privacy-policy-germany/
Title: Datenschutzerklärung

Search URL Search Domain Scan URL

URL: http://www.fastspring.com/purchasing-through-fastspring.php?utm_source=Store&utm_medium=Purchasing_Through_FastSpring&utm_content=Foundation&utm_campaign=Store_Traffic
Title: FastSpring

Search URL Search Domain Scan URL

URL: https://www.ootpdevelopments.com/
Title: OOTP Developments Website

Search URL Search Domain Scan URL

URL: https://www.ootpdevelopments.com/data-protection/
Title: OOTP Developments Data Protection and Privacy Statement

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ootpdevelopments.onfastspring.com/ HTTP 301
https://ootpdevelopments.onfastspring.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

59 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ootpdevelopments.onfastspring.com/
Redirect Chain

http://ootpdevelopments.onfastspring.com/
https://ootpdevelopments.onfastspring.com/

256 KB
62 KB

1351ms
1147ms

Document
text/html

44.217.222.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ootpdevelopments.onfastspring.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.217.222.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-217-222-134.compute-1.amazonaws.com

Software

nginx /

Resource Hash

6c4a1d42b69d37ea259601b42383c7179433ed86ada96064f0b15ea43a15256a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' logger.fastspring.com apis.fastspring.com .pendo.io .aptrinsic.com https://pendo-static-5711234847211520.storage.googleapis.com .sift.com https://hexagon-analytics.com .fastspring.com; script-src https://ajax.googleapis.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://d1f8f9xcsvx3ha.cloudfront.net .pendo.io .aptrinsic.com .sift.com https://hexagon-analytics.com .fastspring.com https://d37uz57cydkqly.cloudfront.net https://seal.websecurity.norton.com https://seal.digicert.com; img-src https://dcnz2rrcot657.cloudfront.net https://www.google-analytics.com https://d230f6bx2wm7w3.cloudfront.net .pendo.io https://storage.google.com .sift.com https://hexagon-analytics.com .fastspring.com https://d8y8nchqlnmka.cloudfront.net https://d37uz57cydkqly.cloudfront.net https://seal.websecurity.norton.com https://seal.digicert.com; font-src https://cdnjs.cloudflare.com https://d1f8f9xcsvx3ha.cloudfront.net https://d37uz57cydkqly.cloudfront.net; style-src https://cdnjs.cloudflare.com https://d1f8f9xcsvx3ha.cloudfront.net .pendo.io .aptrinsic.com 'unsafe-inline' .sift.com https://hexagon-analytics.com .fastspring.com https://d37uz57cydkqly.cloudfront.net; frame-src ; sandbox allow-downloads allow-scripts allow-forms allow-same-origin allow-top-navigation allow-popups allow-popups-to-escape-sandbox; child-src *; frame-ancestors 'self';
Strict-Transport-Security	max-age=631138519
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-transform
content-encoding: gzip
content-security-policy: default-src 'none'; connect-src 'self' logger.fastspring.com apis.fastspring.com *.pendo.io *.aptrinsic.com https://pendo-static-5711234847211520.storage.googleapis.com *.sift.com https://hexagon-analytics.com *.fastspring.com; script-src https://ajax.googleapis.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://d1f8f9xcsvx3ha.cloudfront.net *.pendo.io *.aptrinsic.com *.sift.com https://hexagon-analytics.com *.fastspring.com https://d37uz57cydkqly.cloudfront.net https://seal.websecurity.norton.com https://seal.digicert.com; img-src https://dcnz2rrcot657.cloudfront.net https://www.google-analytics.com https://d230f6bx2wm7w3.cloudfront.net *.pendo.io https://storage.google.com *.sift.com https://hexagon-analytics.com *.fastspring.com https://d8y8nchqlnmka.cloudfront.net https://d37uz57cydkqly.cloudfront.net https://seal.websecurity.norton.com https://seal.digicert.com; font-src https://cdnjs.cloudflare.com https://d1f8f9xcsvx3ha.cloudfront.net https://d37uz57cydkqly.cloudfront.net; style-src https://cdnjs.cloudflare.com https://d1f8f9xcsvx3ha.cloudfront.net *.pendo.io *.aptrinsic.com 'unsafe-inline' *.sift.com https://hexagon-analytics.com *.fastspring.com https://d37uz57cydkqly.cloudfront.net; frame-src *; sandbox allow-downloads allow-scripts allow-forms allow-same-origin allow-top-navigation allow-popups allow-popups-to-escape-sandbox; child-src *; frame-ancestors 'self';
content-type: text/html
date: Tue, 05 Dec 2023 01:17:30 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
last-modified: Tue, 05 Dec 2023 01:17:29 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=631138519
vary: Accept-Encoding Accept-Encoding
x-frame-options: SAMEORIGIN
x-fs-trace: FSALW2GGYKMNEGBBTJYSCC2YJY4U;Root=1-656e7a29-5f316b533fd3f7be33aa7289
x-robots-tag: noindex, nofollow, noarchive noindex, nofollow, noarchive
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 134
Content-Type: text/html
Date: Tue, 05 Dec 2023 01:17:29 GMT
Location: https://ootpdevelopments.onfastspring.com:443/
Server: awselb/2.0

GET
H2 200 common.min.css
d1f8f9xcsvx3ha.cloudfront.net/themes/css/0/css/ 128 KB
21 KB 47ms
10ms Stylesheet
text/css 18.154.71.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1f8f9xcsvx3ha.cloudfront.net/themes/css/0/css/common.min.css
Requested by: Host: ootpdevelopments.onfastspring.com
URL: https://ootpdevelopments.onfastspring.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.71.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-71-153.dus51.r.cloudfront.net
Software: GitHub.com /
Resource Hash: 254587ad0451738f71112e86cc09eec6f6e6615488a1b0bcad7a523f804029fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-fastly-request-id: 2c88070069906450b1df7c2bd3dba63e329e968a
date: Sun, 12 Nov 2023 15:38:30 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 de6f29922e4f6a0a826069fcec45fde6.cloudfront.net (CloudFront)
expires: Sun, 12 Nov 2023 11:49:42 GMT
x-amz-cf-pop: DUS51-P4
age: 1935586
x-cache: Hit from cloudfront
x-cache-hits: 0
content-length: 20404
x-served-by: cache-fra-etou8220040-FRA
last-modified: Thu, 28 Sep 2023 19:31:02 GMT
server: GitHub.com
x-github-request-id: B82E:11D51:235A625:246609F:651A02C4
x-timer: S1696203461.840109,VS0,VE88
etag: W/"6515d476-1ffda"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-amz-cf-id: 6NPmosZwdUf7mmPVVl_qJqjmf4nY88Kp4eA_PTnArDHsNNC_RzgtMQ==
x-proxy-cache: MISS

GET
H2 200 ng-csp.gz.css
d37uz57cydkqly.cloudfront.net/CompiledViews/natBnR4TTHE/ClqOljPzTWk/resources/ 223 B
596 B 458ms
410ms Stylesheet
text/css 108.138.2.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d37uz57cydkqly.cloudfront.net/CompiledViews/natBnR4TTHE/ClqOljPzTWk/resources/ng-csp.gz.css
Requested by: Host: ootpdevelopments.onfastspring.com
URL: https://ootpdevelopments.onfastspring.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.2.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-2-26.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bab66971b9ea7dbd85d83c3e3955b755cb659814e29ed2a0ad8dd3496f99c0f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 01:17:32 GMT
content-encoding: gzip
via: 1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 167
last-modified: Thu, 09 Nov 2023 04:06:36 GMT
server: AmazonS3
etag: "b0b5b6c889aef0d46d3356f4656034f8"
vary: Origin
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: ostKTUqxk0DRbNGQl9-ZRNPeqgjNSnpRcNaNNso-KquKXPkMnLz-Qw==

GET
H2 200 common.gz.css
d37uz57cydkqly.cloudfront.net/CompiledViews/natBnR4TTHE/ClqOljPzTWk/resources/ 38 KB
8 KB 60ms
12ms Stylesheet
text/css 108.138.2.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d37uz57cydkqly.cloudfront.net/CompiledViews/natBnR4TTHE/ClqOljPzTWk/resources/common.gz.css
Requested by: Host: ootpdevelopments.onfastspring.com
URL: https://ootpdevelopments.onfastspring.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.2.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-2-26.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f4a7528981ab7f92a49e73c83576ffbbf18eb84c6f64c0ec1975394601e0017

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:00:15 GMT
content-encoding: gzip
via: 1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 19036
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 8095
last-modified: Thu, 09 Nov 2023 04:06:36 GMT
server: AmazonS3
etag: "39c38c79b46ac7e1cca9dfb817b54b5d"
vary: Origin
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: 51zZQUlZCEPfvxraK1g_cp35X_aP38YeSGO-F1EaCrhlCUnOkFeaZw==

GET
H2 200 core.js Show response
d1f8f9xcsvx3ha.cloudfront.net/themes/core/8/ 1 KB
1 KB 10ms
10ms Script
application/javascript 18.154.71.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1f8f9xcsvx3ha.cloudfront.net/themes/core/8/core.js
Requested by: Host: ootpdevelopments.onfastspring.com
URL: https://ootpdevelopments.onfastspring.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.71.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-71-153.dus51.r.cloudfront.net
Software: GitHub.com /
Resource Hash: 9cf11fdcc6997f33d04e221a698fd0b223eadb5c18bc85d943937904c722f0b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-fastly-request-id: f5f9f456153761362035cc7accbd24432bd2e9fe
date: Sat, 11 Nov 2023 12:43:29 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 de6f29922e4f6a0a826069fcec45fde6.cloudfront.net (CloudFront)
x-proxy-cache: MISS
x-amz-cf-pop: DUS51-P4
age: 3371324
x-cache: Hit from cloudfront
x-cache-hits: 0
content-length: 492
x-served-by: cache-fra-eddf8230138-FRA
last-modified: Thu, 28 Sep 2023 19:31:02 GMT
server: GitHub.com
x-github-request-id: 46DA:5758:2C9A37D:2DE1DD4:65188866
x-timer: S1696106600.160110,VS0,VE101
etag: W/"6515d476-4ee"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-amz-cf-id: TUvaht5NchEtAB_sX49H0xZ-WnO8-zqdFwL5bwY168S8umEc8z0qbg==
expires: Thu, 26 Oct 2023 22:58:40 GMT

GET
H2 200 framework.js Show response
d1f8f9xcsvx3ha.cloudfront.net/themes/framework/2/ 203 KB
67 KB 11ms
10ms Script
application/javascript 18.154.71.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1f8f9xcsvx3ha.cloudfront.net/themes/framework/2/framework.js
Requested by: Host: ootpdevelopments.onfastspring.com
URL: https://ootpdevelopments.onfastspring.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.71.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-71-153.dus51.r.cloudfront.net
Software: GitHub.com /
Resource Hash: d1b239262c9f049195399a88e98b5c2b43772ea7dde3c3e8aadee1a812e730ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-fastly-request-id: 737df4407c28807b9d3ef4819ec0f9ddddf2e32a
date: Thu, 23 Nov 2023 15:53:28 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 de6f29922e4f6a0a826069fcec45fde6.cloudfront.net (CloudFront)
expires: Thu, 23 Nov 2023 16:03:28 GMT
x-amz-cf-pop: DUS51-P4
age: 984242
x-cache: Hit from cloudfront
x-proxy-cache: MISS
content-length: 67517
x-served-by: cache-fra-eddf8230047-FRA
last-modified: Tue, 21 Nov 2023 21:06:40 GMT
server: GitHub.com
x-github-request-id: 7970:F84C:2605F6B:2692265:655F7578
x-timer: S1700754809.821277,VS0,VE111
etag: W/"655d1be0-32a62"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-amz-cf-id: n5uZPZFcY6JKFxpWR0AalVwgREAV2caSV95ExAB1dDu2B5-Uh_a23w==
x-cache-hits: 0

GET
H2 200 foundation.checkout.gz.js Show response
d37uz57cydkqly.cloudfront.net/CompiledViews/natBnR4TTHE/ClqOljPzTWk/resources/js/ 177 KB
36 KB 11ms
11ms Script
application/javascript 108.138.2.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d37uz57cydkqly.cloudfront.net/CompiledViews/natBnR4TTHE/ClqOljPzTWk/resources/js/foundation.checkout.gz.js
Requested by: Host: ootpdevelopments.onfastspring.com
URL: https://ootpdevelopments.onfastspring.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.2.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-2-26.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1a7c62d1e7e740cdee8d0805ca7ecd1cc98e0b2bbc50b0ae2e8c5b990235723

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:00:15 GMT
content-encoding: gzip
via: 1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 19036
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 36411
last-modified: Thu, 09 Nov 2023 04:06:35 GMT
server: AmazonS3
etag: "6ef51bf62189b24fc557d93b95b6f66d"
vary: Origin
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: TQ_fkcs5ff8FEAZrB__9serca8SpuUli7nrObxcuwKx27vL9caEH7g==

GET
H2 200 common.gz.js Show response
d37uz57cydkqly.cloudfront.net/CompiledViews/natBnR4TTHE/ClqOljPzTWk/resources/js/ 26 KB
8 KB 11ms
11ms Script
application/javascript 108.138.2.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d37uz57cydkqly.cloudfront.net/CompiledViews/natBnR4TTHE/ClqOljPzTWk/resources/js/common.gz.js
Requested by: Host: ootpdevelopments.onfastspring.com
URL: https://ootpdevelopments.onfastspring.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.2.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-2-26.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 82cae0ecdbfe1a8f3c378fbc77e1626ed24df8849d4335b591b0f0296ab957ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:00:15 GMT
content-encoding: gzip
via: 1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 19036
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 7448
last-modified: Thu, 09 Nov 2023 04:06:35 GMT
server: AmazonS3
etag: "1c94bd7a10e90a635b6f9c271e99d19d"
vary: Origin
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: akoA51VfiqSN4cfHURCEYOXDwPM7ptBjY9d8W7frA6KV6RbaDEqV9A==

GET
H2 200 sandbox.js Show response
d1f8f9xcsvx3ha.cloudfront.net/themes/sandbox/8/ 10 KB
4 KB 9ms
9ms Script
application/javascript 18.154.71.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1f8f9xcsvx3ha.cloudfront.net/themes/sandbox/8/sandbox.js
Requested by: Host: ootpdevelopments.onfastspring.com
URL: https://ootpdevelopments.onfastspring.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.71.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-71-153.dus51.r.cloudfront.net
Software: GitHub.com /
Resource Hash: 687ceb1e0645a98b5ad3b042d2292c94f9f6c54ce77803ac30e9db57f7de6fa0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-fastly-request-id: 9e39a0ca1aba1a62376a30db26c137f35bbe341b
date: Sat, 11 Nov 2023 17:07:54 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 de6f29922e4f6a0a826069fcec45fde6.cloudfront.net (CloudFront)
expires: Sat, 11 Nov 2023 17:17:08 GMT
x-amz-cf-pop: DUS51-P4
age: 2016622
x-cache: Hit from cloudfront
x-cache-hits: 0
content-length: 3191
x-served-by: cache-fra-etou8220068-FRA
last-modified: Thu, 28 Sep 2023 19:31:02 GMT
server: GitHub.com
x-github-request-id: 1C08:11D51:1A0755F:1AC9BBE:6518C63A
x-timer: S1696122427.983086,VS0,VE100
etag: W/"6515d476-26cc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-amz-cf-id: dpvpGfzFr1MobsYpGHIhEcCvJDsEC9nhphRczTIRflVFChQvJQHiOQ==
x-proxy-cache: MISS

GET
H2 200 glyphicons-halflings-regular.woff
d1f8f9xcsvx3ha.cloudfront.net/themes/css/0/fonts/ 23 KB
23 KB 30ms
11ms Font
font/woff 18.154.71.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1f8f9xcsvx3ha.cloudfront.net/themes/css/0/fonts/glyphicons-halflings-regular.woff
Requested by: Host: d1f8f9xcsvx3ha.cloudfront.net
URL: https://d1f8f9xcsvx3ha.cloudfront.net/themes/css/0/css/common.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.71.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-71-153.dus51.r.cloudfront.net
Software: GitHub.com /
Resource Hash: fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

Request headers

Referer: https://d1f8f9xcsvx3ha.cloudfront.net/themes/css/0/css/common.min.css
Origin: https://ootpdevelopments.onfastspring.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-fastly-request-id: eb95925ef9164470c0b86710db7c556138372295
date: Thu, 16 Nov 2023 13:28:45 GMT
via: 1.1 varnish, 1.1 222ed61ce1f992de78327a3786f482e2.cloudfront.net (CloudFront)
expires: Tue, 14 Nov 2023 01:50:04 GMT
x-amz-cf-pop: DUS51-P4
age: 1597726
x-cache: Hit from cloudfront
x-proxy-cache: MISS
content-length: 23320
x-served-by: cache-fra-etou8220038-FRA
last-modified: Tue, 14 Nov 2023 01:22:07 GMT
server: GitHub.com
x-github-request-id: 29DC:38A2:108E1A4:10CCF4F:6552CFF3
x-timer: S1700141325.297408,VS0,VE35
etag: "6552cbbf-5b18"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-amz-cf-id: xCWLgonCaJMcOC_WCicMpjA4jdDOcu8MqbyDqXmTKjKxv9Jv0XUH8w==
x-cache-hits: 1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 164ms
54ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: d1f8f9xcsvx3ha.cloudfront.net
URL: https://d1f8f9xcsvx3ha.cloudfront.net/themes/sandbox/8/sandbox.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 23:22:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6898
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 05 Dec 2023 01:22:33 GMT

GET
H3 200 fastspring.checkout@2x.png
d37uz57cydkqly.cloudfront.net/CompiledViews/natBnR4TTHE/ClqOljPzTWk/resources/ 6 KB
6 KB 21ms
20ms Image
image/png 108.138.2.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d37uz57cydkqly.cloudfront.net/CompiledViews/natBnR4TTHE/ClqOljPzTWk/resources/fastspring.checkout@2x.png
Requested by: Host: ootpdevelopments.onfastspring.com
URL: https://ootpdevelopments.onfastspring.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.2.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-2-26.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ebe63fddb384143c635c3d05a02d1746cc21146db90beb53d510eb9bbe7715f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:00:16 GMT
via: 1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 19036
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 5944
last-modified: Thu, 09 Nov 2023 04:06:35 GMT
server: AmazonS3
etag: "67a49f740d16c55ea907dd4a2b3192ed"
vary: Origin
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: du_ye5TY4238zNXqdoE8ZAweDZwjenY9gzttiVwc5ti7Jy54CIMQow==

GET
H3 200 fastspring-logo-color.png
d37uz57cydkqly.cloudfront.net/CompiledViews/natBnR4TTHE/ClqOljPzTWk/resources/ 9 KB
9 KB 22ms
22ms Image
image/png 108.138.2.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d37uz57cydkqly.cloudfront.net/CompiledViews/natBnR4TTHE/ClqOljPzTWk/resources/fastspring-logo-color.png
Requested by: Host: ootpdevelopments.onfastspring.com
URL: https://ootpdevelopments.onfastspring.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.2.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-2-26.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 708985cc1002be6aa2aa74f22866fa044c7b47969192a066c2a19f4200231d1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:00:16 GMT
via: 1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 19036
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 9115
last-modified: Thu, 09 Nov 2023 04:06:35 GMT
server: AmazonS3
etag: "49d8443bddd3847c942e18a709726d25"
vary: Origin
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: sPzLa39Be0_om1QC2FyIAp0sPtzB3HffVRkIw4YNef2d7kWCUcK6LQ==

GET
H/1.1 200
OK DE.png
dcnz2rrcot657.cloudfront.net/country/shiny/24/ 509 B
971 B 56ms
10ms Image
image/png 18.173.226.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcnz2rrcot657.cloudfront.net/country/shiny/24/DE.png
Requested by: Host: ootpdevelopments.onfastspring.com
URL: https://ootpdevelopments.onfastspring.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.226.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-226-10.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 802a3cb7595f14f16c36837989c3891dec2b38166b5a75bfdb2fde7c4ab09a4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 06:59:23 GMT
Via: 1.1 3443ce37a27adb41a5fef8dd3320a218.cloudfront.net (CloudFront)
Last-Modified: Sat, 10 May 2014 20:59:19 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-P3
Age: 65966
ETag: "32aa0ed70771af8bc8da3ca5f1cf8bd1"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 509
X-Amz-Cf-Id: 6SUO_vaFw2r4TNPwcXa2DfUj8fMx4W1R_md5nJu9BXlv546eyWanWA==

GET
H/1.1 200
OK fastspring_256x256.png
d8y8nchqlnmka.cloudfront.net/natBnR4TTHE/HufpHJhLTuk/ 71 KB
72 KB 67ms
10ms Image
image/png 18.66.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d8y8nchqlnmka.cloudfront.net/natBnR4TTHE/HufpHJhLTuk/fastspring_256x256.png
Requested by: Host: ootpdevelopments.onfastspring.com
URL: https://ootpdevelopments.onfastspring.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-195.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 952a6d3c38e43e3cd4152518ee680bf0b5571f581623876931d663b06e3309bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 09:34:10 GMT
Via: 1.1 2b483ab832506bc86647b6ceba38dc9e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUS51-P1
Age: 3944601
x-amz-server-side-encryption: AES256
x-amz-meta-width: 256
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-height: 256
Content-Length: 72893
Last-Modified: Wed, 08 Feb 2023 10:47:47 GMT
Server: AmazonS3
ETag: "cc17bf88d806fa2c6c4e17ec91fafb9d"
Content-Type: image/png
Cache-Control: max-age=30000000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: ZkulnuJ2_MtNvj9r3YEUhbFzcnWhoQpurMqusofWIIRzxVaoBBDEXw==

GET
H/1.1 200
OK fastspring_256x256_steam.png
d8y8nchqlnmka.cloudfront.net/natBnR4TTHE/I-89sdC-RdQ/ 70 KB
71 KB 67ms
11ms Image
image/png 18.66.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d8y8nchqlnmka.cloudfront.net/natBnR4TTHE/I-89sdC-RdQ/fastspring_256x256_steam.png
Requested by: Host: ootpdevelopments.onfastspring.com
URL: https://ootpdevelopments.onfastspring.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-195.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e48f9a8e3d60e87a88ca3030aa3f84df87cc537ac2adcf88f43ed863237a7ee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 02 Oct 2023 06:13:01 GMT
Via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUS51-P1
Age: 5511870
x-amz-server-side-encryption: AES256
x-amz-meta-width: 256
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-height: 256
Content-Length: 71707
Last-Modified: Wed, 08 Feb 2023 11:07:48 GMT
Server: AmazonS3
ETag: "afc30b181f2d661cac5ab2886179a1c9"
Content-Type: image/png
Cache-Control: max-age=30000000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: C9hNLmkJgwBlV6tjgFqDZ1Om6ds-Dc1up1eZoC8_ZuYK_ruJizUjeQ==

GET
H/1.1 200
OK 110002_300x300.png
d8y8nchqlnmka.cloudfront.net/natBnR4TTHE/_f1G67q_RFg/ 86 KB
87 KB 537ms
481ms Image
image/png 18.66.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d8y8nchqlnmka.cloudfront.net/natBnR4TTHE/_f1G67q_RFg/110002_300x300.png
Requested by: Host: ootpdevelopments.onfastspring.com
URL: https://ootpdevelopments.onfastspring.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-195.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c35636ccf64a9dc24d2b725283c15e665205f16d722593848d3a4bfd1020bfa8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 01:17:32 GMT
Via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUS51-P1
x-amz-server-side-encryption: AES256
x-amz-meta-width: 300
X-Cache: Miss from cloudfront
Connection: keep-alive
x-amz-meta-height: 300
Content-Length: 88500
Last-Modified: Wed, 08 Feb 2023 14:53:59 GMT
Server: AmazonS3
ETag: "ad95f355f1ec1f83c56262389e1a30a4"
Content-Type: image/png
Cache-Control: max-age=30000000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: -0_ON-u-NYFKKdGORmAl8vEJsPh4dL6LLtfps8yx3kE8YrvktC3H7Q==

GET
H/1.1 200
OK 110003_300x300.png
d8y8nchqlnmka.cloudfront.net/natBnR4TTHE/eNpsY-hBSe8/ 101 KB
102 KB 637ms
581ms Image
image/png 18.66.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d8y8nchqlnmka.cloudfront.net/natBnR4TTHE/eNpsY-hBSe8/110003_300x300.png
Requested by: Host: ootpdevelopments.onfastspring.com
URL: https://ootpdevelopments.onfastspring.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-195.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 17f797e9e61bb2b77b05e1394a1ca68edc190ed7bd6d066d1b6ba71e11248bab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 01:17:32 GMT
Via: 1.1 5b9a6276a0cfe21df57da85d975de2dc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUS51-P1
x-amz-server-side-encryption: AES256
x-amz-meta-width: 300
X-Cache: Miss from cloudfront
Connection: keep-alive
x-amz-meta-height: 300
Content-Length: 103660
Last-Modified: Wed, 08 Feb 2023 15:22:24 GMT
Server: AmazonS3
ETag: "784292f28b498ed1a7e6f38582daafdc"
Content-Type: image/png
Cache-Control: max-age=30000000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: 4HNUyuMzmBzDZOqpYihPu6On07vQ8_alvWyMK__2xIf4-56WjsYiCQ==

GET
H/1.1 200
OK 110004_300x300.png
d8y8nchqlnmka.cloudfront.net/natBnR4TTHE/iIWtt8ntQIQ/ 112 KB
113 KB 556ms
500ms Image
image/png 18.66.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d8y8nchqlnmka.cloudfront.net/natBnR4TTHE/iIWtt8ntQIQ/110004_300x300.png
Requested by: Host: ootpdevelopments.onfastspring.com
URL: https://ootpdevelopments.onfastspring.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-195.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ecf4b4d048333f5c66646605bad2e3c5bf1ae254d23900982c45f446b66d6d2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 01:17:32 GMT
Via: 1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUS51-P1
x-amz-server-side-encryption: AES256
x-amz-meta-width: 300
X-Cache: Miss from cloudfront
Connection: keep-alive
x-amz-meta-height: 300
Content-Length: 115036
Last-Modified: Wed, 08 Feb 2023 15:24:41 GMT
Server: AmazonS3
ETag: "cc91fc64004fa39a97f53fd0ec502cf9"
Content-Type: image/png
Cache-Control: max-age=30000000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: _WlsHFQvbMMLTqHgHKGYNFJTLIXXALFQB6IOP9uDErPRZEx5FwlbVQ==

GET
H/1.1 200
OK 110005_300x300.png
d8y8nchqlnmka.cloudfront.net/natBnR4TTHE/zdzhONeSSBY/ 109 KB
109 KB 580ms
524ms Image
image/png 18.66.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d8y8nchqlnmka.cloudfront.net/natBnR4TTHE/zdzhONeSSBY/110005_300x300.png
Requested by: Host: ootpdevelopments.onfastspring.com
URL: https://ootpdevelopments.onfastspring.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-195.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: da47828a0685192697dae5e3ad68537e3e108aeabf6e1e85aac0467ad6130b22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 01:17:32 GMT
Via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUS51-P1
x-amz-server-side-encryption: AES256
x-amz-meta-width: 300
X-Cache: Miss from cloudfront
Connection: keep-alive
x-amz-meta-height: 300
Content-Length: 111344
Last-Modified: Wed, 08 Feb 2023 15:28:24 GMT
Server: AmazonS3
ETag: "0a78982658ae84a46bf74729fbd53cb6"
Content-Type: image/png
Cache-Control: max-age=30000000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: W56MqFEpXCy5sdL0JcZy0PMv-1GmQaBP5EeQD_aLJrvDeMAkoQM3FA==

GET
H/1.1 200
OK 110006_300x300.png
d8y8nchqlnmka.cloudfront.net/natBnR4TTHE/GoI9g940TgI/ 106 KB
107 KB 553ms
481ms Image
image/png 18.66.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d8y8nchqlnmka.cloudfront.net/natBnR4TTHE/GoI9g940TgI/110006_300x300.png
Requested by: Host: ootpdevelopments.onfastspring.com
URL: https://ootpdevelopments.onfastspring.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-195.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9f931bf4d967289e41de7b281290522366026ee82e23f779de6dd6d8d817404

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 01:17:32 GMT
Via: 1.1 2b483ab832506bc86647b6ceba38dc9e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUS51-P1
x-amz-server-side-encryption: AES256
x-amz-meta-width: 300
X-Cache: Miss from cloudfront
Connection: keep-alive
x-amz-meta-height: 300
Content-Length: 108921
Last-Modified: Wed, 08 Feb 2023 15:31:12 GMT
Server: AmazonS3
ETag: "74ca713335ff78cca24c364e3ba6d012"
Content-Type: image/png
Cache-Control: max-age=30000000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: tSi7pmuQH0asPpIPaOoLMhOCI4JRP-_DbU1C4KwcDQeFLqAx7CdekQ==

GET
H/1.1 200
OK pp_pack_1000000.png
d8y8nchqlnmka.cloudfront.net/natBnR4TTHE/lfBIAa_NTiM/ 147 KB
147 KB 549ms
548ms Image
image/png 18.66.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d8y8nchqlnmka.cloudfront.net/natBnR4TTHE/lfBIAa_NTiM/pp_pack_1000000.png
Requested by: Host: ootpdevelopments.onfastspring.com
URL: https://ootpdevelopments.onfastspring.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-195.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 714fd4f7b8fe5d447dd224a101a719ef1f17d4dc752d473fb46063f255af9904

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 01:17:32 GMT
Via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUS51-P1
x-amz-server-side-encryption: AES256
x-amz-meta-width: 300
X-Cache: Miss from cloudfront
Connection: keep-alive
x-amz-meta-height: 300
Content-Length: 150292
Last-Modified: Wed, 29 Mar 2023 11:05:27 GMT
Server: AmazonS3
ETag: "b70847fc81f2aeb1ec6f1a7d850d9e93"
Content-Type: image/png
Cache-Control: max-age=30000000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: tRW5_ywhrqc7NAYwxREbmS3M6mW1trEEnijoQzwtK-EzwPInTtHLpw==

GET
H/1.1 200
OK 110010_300x300.png
d8y8nchqlnmka.cloudfront.net/natBnR4TTHE/m52EA34jQYc/ 154 KB
154 KB 475ms
475ms Image
image/png 18.66.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d8y8nchqlnmka.cloudfront.net/natBnR4TTHE/m52EA34jQYc/110010_300x300.png
Requested by: Host: ootpdevelopments.onfastspring.com
URL: https://ootpdevelopments.onfastspring.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-195.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9e4fa691e4771f7fa9daa6821bee812b4a45847ccc5202647f1f03fc56de6314

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 01:17:33 GMT
Via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUS51-P1
x-amz-server-side-encryption: AES256
x-amz-meta-width: 300
X-Cache: Miss from cloudfront
Connection: keep-alive
x-amz-meta-height: 300
Content-Length: 157486
Last-Modified: Tue, 28 Feb 2023 11:39:19 GMT
Server: AmazonS3
ETag: "7fc1945b3c834ad4411bb2e4751a2c63"
Content-Type: image/png
Cache-Control: max-age=30000000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: bOPB_jT3i7xC1EU1wPRdQWrvmgunV2g2gewHiMwc8GyOe-5Sh6vnLw==

GET
H/1.1 200
OK fastspring_256x256.png
d8y8nchqlnmka.cloudfront.net/natBnR4TTHE/ylRVLUQnSFo/ 80 KB
81 KB 11ms
11ms Image
image/png 18.66.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d8y8nchqlnmka.cloudfront.net/natBnR4TTHE/ylRVLUQnSFo/fastspring_256x256.png
Requested by: Host: ootpdevelopments.onfastspring.com
URL: https://ootpdevelopments.onfastspring.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-195.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e493da426525c051f88539c28fd8a845b7ca7e225414e756edd4f698d818f244

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 17:04:00 GMT
Via: 1.1 2b483ab832506bc86647b6ceba38dc9e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUS51-P1
Age: 461612
x-amz-server-side-encryption: AES256
x-amz-meta-width: 256
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-height: 256
Content-Length: 82061
Last-Modified: Mon, 06 Nov 2023 13:45:55 GMT
Server: AmazonS3
ETag: "e3ca4e7be2b3aaa4a9fd80148aa7b8e1"
Content-Type: image/png
Cache-Control: max-age=30000000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: qxPD-XlNCDIiqVSipGBoiygMlxEkMicXrtvtnoViL8eI_Lz18b9ExQ==

GET
H/1.1 200
OK fastspring_256x256_bundle.png
d8y8nchqlnmka.cloudfront.net/natBnR4TTHE/oYD-p1tKRYw/ 87 KB
87 KB 11ms
11ms Image
image/png 18.66.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d8y8nchqlnmka.cloudfront.net/natBnR4TTHE/oYD-p1tKRYw/fastspring_256x256_bundle.png
Requested by: Host: ootpdevelopments.onfastspring.com
URL: https://ootpdevelopments.onfastspring.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-195.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 20b480e0c0c4b3cec120c090895f81fad13451cd4b872feeb965b4669b3191ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 13:41:42 GMT
Via: 1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUS51-P1
Age: 732951
x-amz-server-side-encryption: AES256
x-amz-meta-width: 256
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-height: 256
Content-Length: 88854
Last-Modified: Mon, 06 Nov 2023 14:21:37 GMT
Server: AmazonS3
ETag: "b75d1f738fab8a079d952e22574e3335"
Content-Type: image/png
Cache-Control: max-age=30000000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: nY3MuMJiZllExOGUQpp54yFKshDMqUAXFpHmo89GW_5k0h0RpKIjQQ==

GET
H/1.1 200
OK fastspring_256x256_steam.png
d8y8nchqlnmka.cloudfront.net/natBnR4TTHE/S0iR65LcQDU/ 76 KB
76 KB 10ms
10ms Image
image/png 18.66.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d8y8nchqlnmka.cloudfront.net/natBnR4TTHE/S0iR65LcQDU/fastspring_256x256_steam.png
Requested by: Host: ootpdevelopments.onfastspring.com
URL: https://ootpdevelopments.onfastspring.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-195.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b48b8644b5af35815952a6495d12e5ff9aedc93848bd63fe602fb9e82e1c1c58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 18:06:54 GMT
Via: 1.1 2b483ab832506bc86647b6ceba38dc9e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUS51-P1
Age: 371439
x-amz-server-side-encryption: AES256
x-amz-meta-width: 256
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-height: 256
Content-Length: 77334
Last-Modified: Mon, 06 Nov 2023 14:08:56 GMT
Server: AmazonS3
ETag: "fe937fa14d4ec4ac2e63dcedd0ab38a8"
Content-Type: image/png
Cache-Control: max-age=30000000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: WCKj_EpCqnTpag_5X_bcZMDmjEP6xdUNApL3aPwQspS2tIZfTabhWw==

GET
H/1.1 200
OK fastspring_256x256_bundle_steam.png
d8y8nchqlnmka.cloudfront.net/natBnR4TTHE/6MS598vgQaY/ 82 KB
83 KB 10ms
10ms Image
image/png 18.66.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d8y8nchqlnmka.cloudfront.net/natBnR4TTHE/6MS598vgQaY/fastspring_256x256_bundle_steam.png
Requested by: Host: ootpdevelopments.onfastspring.com
URL: https://ootpdevelopments.onfastspring.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-195.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4e0388a34f0770060785d66141510cf29402ab890b98e33060776751843606a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 14:26:10 GMT
Via: 1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUS51-P1
Age: 2458283
x-amz-server-side-encryption: AES256
x-amz-meta-width: 256
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-height: 256
Content-Length: 83935
Last-Modified: Mon, 06 Nov 2023 14:25:23 GMT
Server: AmazonS3
ETag: "03c91d2096fc4245e5e3b5a2bc44ba5b"
Content-Type: image/png
Cache-Control: max-age=30000000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: HezJFvrRRgFAZo21cCcMfHpgo_FiMw9UP0ffHAmzcJ4p1YtPQUSetg==

GET
H/1.1 200
OK seal.min.js Show response
seal.digicert.com/seals/cascade/ 8 KB
4 KB 614ms
542ms Script
text/javascript 63.33.186.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://seal.digicert.com/seals/cascade/seal.min.js

Requested by

Host: d37uz57cydkqly.cloudfront.net
URL: https://d37uz57cydkqly.cloudfront.net/CompiledViews/natBnR4TTHE/ClqOljPzTWk/resources/js/common.gz.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

63.33.186.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-33-186-64.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

81f277888d1ee510668666fb819bcf637e488b613dac15cf78cbe9d1ac41658c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 01:17:32 GMT
content-encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Strict-Transport-Security: max-age=31536000
last-modified: Tue, 28 Nov 2023 18:56:25 GMT
Server: nginx
etag: W/"1e3d-60b3af9aae840"
Transfer-Encoding: chunked
vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block, 1; mode=block

GET
H2 200 aptrinsic.js Show response
web-sdk.aptrinsic.com/api/ 603 KB
201 KB 175ms
118ms Script
application/javascript 35.190.35.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://web-sdk.aptrinsic.com/api/aptrinsic.js?a=AP-G80B2PFE4NVZ-2

Requested by

Host: d37uz57cydkqly.cloudfront.net
URL: https://d37uz57cydkqly.cloudfront.net/CompiledViews/natBnR4TTHE/ClqOljPzTWk/resources/js/foundation.checkout.gz.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.35.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.35.190.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

1bcdd24ea374f3f324b98da8d764bc4e62f354446cbcad6386abeaa7e5eb579c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:57:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
age: 1195
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205858
pragma: public
last-modified: Sat, 25 Nov 2023 08:13:03 GMT
server: nginx
etag: W/"6561ac8f-96be4"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=1200,public
expires: Tue, 05 Dec 2023 01:17:38 GMT

GET
H2 200 pendo.js Show response
cdn.pendo.io/agent/static/c5418cc8-d6c3-42dc-4618-009ab35637eb/ 415 KB
137 KB 71ms
14ms Script
application/javascript 34.36.213.229
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.pendo.io/agent/static/c5418cc8-d6c3-42dc-4618-009ab35637eb/pendo.js

Requested by

Host: d37uz57cydkqly.cloudfront.net
URL: https://d37uz57cydkqly.cloudfront.net/CompiledViews/natBnR4TTHE/ClqOljPzTWk/resources/js/foundation.checkout.gz.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.36.213.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

229.213.36.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

ebb0d7493543b1b2244f726560a09344d3ae213555b5042c71076f9f2e244337

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:27:37 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
age: 2995
x-guploader-uploadid: ABPtcPomwbJXdNwaYngPyJHShlYBFqMUngDAyBpsrC_vpoGcwjmDv8WSpa-31oVCekLQoeVhIGOF_X07eg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139321
last-modified: Mon, 27 Mar 2023 18:09:41 GMT
server: UploadServer
etag: "e7c76b5dea33d6ce10d66f18c45871cb"
vary: Accept-Encoding
x-goog-generation: 1679940580955145
x-goog-hash: crc32c=GhK61A==, md5=58drXeoz1s4Q1m8YxFhxyw==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public,max-age=450
x-goog-stored-content-length: 139321
accept-ranges: bytes
content-type: application/javascript

GET
H/1.1 200
OK /
seal.digicert.com/seals/cascade/ 3 KB
3 KB 566ms
566ms Image
image/png 63.33.186.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seal.digicert.com/seals/cascade/?tag=XIgVyRb9&referer=ootpdevelopments.onfastspring.com&format=png&seal_number=15&seal_size=m&an=min

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

63.33.186.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-33-186-64.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

d3ee501294d1225894748b9c70455957ac2abe06f3f8c55d7d678bbb8ea563aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 01:17:33 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff, nosniff
last-modified: Tue, 05 Dec 2023 00:00:00 +0000
Server: nginx
Content-Type: image/png
cache-control: max-age=86400
Connection: keep-alive
Content-Length: 2666
X-XSS-Protection: 1; mode=block, 1; mode=block
expires: Wed, 06 Dec 2023 01:17:33 +0000

GET
H/1.1 200
OK AP-G80B2PFE4NVZ-2 Show response
esp.aptrinsic.com/rte/v1/configuration/ 2 KB
2 KB 352ms
113ms XHR
application/json 35.184.35.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://esp.aptrinsic.com/rte/v1/configuration/AP-G80B2PFE4NVZ-2

Requested by

Host: web-sdk.aptrinsic.com
URL: https://web-sdk.aptrinsic.com/api/aptrinsic.js?a=AP-G80B2PFE4NVZ-2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.184.35.160 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

160.35.184.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

f272e075723b78113a9ec762ea806d9b9d00f2d4aac044f8b372fa9d987c7f6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 01:17:33 GMT
Strict-Transport-Security: max-age=3600;
Server: nginx
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Application-Context: application:prod

GET
H/1.1 200
OK / Show response
d2kl989519khzp.cloudfront.net/ootpdevelopments/ Frame AA55 28 KB
29 KB 734ms
695ms Document
text/html 18.66.242.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2kl989519khzp.cloudfront.net/ootpdevelopments/?_ga=2.95296668.1672058190.1701739051-2126972456.1701739051&sid=new%2F63EqXXpSTS2qWes6Qn7xVA

Requested by

Host: d1f8f9xcsvx3ha.cloudfront.net
URL: https://d1f8f9xcsvx3ha.cloudfront.net/themes/sandbox/8/sandbox.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-115.dus51.r.cloudfront.net

Software

nginx /

Resource Hash

d95ead0173ed4e3354f3c3f32cc5453bcc60da440fe5cd8e2ce07ab3f9b0c185

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; img-src https:; style-src https: 'unsafe-inline'; frame-src https:; sandbox allow-scripts allow-forms allow-same-origin allow-popups; child-src https:; frame-ancestors https://ootpdevelopments.onfastspring.com https://ootpdevelopments.test.onfastspring.com; form-action https:;
Strict-Transport-Security	max-age=631138519
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ootpdevelopments.onfastspring.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=600
Connection: keep-alive
Content-Length: 28549
Content-Security-Policy: default-src 'none'; connect-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; img-src https:; style-src https: 'unsafe-inline'; frame-src https:; sandbox allow-scripts allow-forms allow-same-origin allow-popups; child-src https:; frame-ancestors https://ootpdevelopments.onfastspring.com https://ootpdevelopments.test.onfastspring.com; form-action https:;
Content-Type: text/html;charset=UTF-8
Date: Tue, 05 Dec 2023 01:17:33 GMT
Last-Modified: Tue, 05 Dec 2023 01:17:33 GMT
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=631138519
Vary: Accept-Encoding
Via: 1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
X-Amz-Cf-Id: fjrUuVWIQORGiUNO7GnZN97bin7qLVcC2jdZBhDGAQ21FRjFO4lOow==
X-Amz-Cf-Pop: DUS51-P1
X-Cache: Miss from cloudfront
X-Robots-Tag: noindex, nofollow, noarchive
X-XSS-Protection: 1; mode=block
x-fs-trace: FSFASN6XTSPJDOXOS6CUP6R4WTAQ;Root=1-656e7a2d-221ef4d177ca22c76de4459a

GET
H2 200 style.css
web-sdk.aptrinsic.com/ 67 KB
13 KB 117ms
117ms Stylesheet
text/css 35.190.35.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://web-sdk.aptrinsic.com/style.css?a=AP-G80B2PFE4NVZ-2

Requested by

Host: web-sdk.aptrinsic.com
URL: https://web-sdk.aptrinsic.com/api/aptrinsic.js?a=AP-G80B2PFE4NVZ-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.35.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.35.190.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

d1f9afcb9238e7baf51edd32eac9d9b44f870ab5d59382b30b8b115040435363

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 01:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12833
pragma: public
last-modified: Thu, 06 Jul 2023 09:18:40 GMT
server: nginx
etag: W/"64a686f0-10b77"
vary: Accept-Encoding,Accept-Encoding
content-type: text/css
cache-control: max-age=1200,public
expires: Tue, 05 Dec 2023 01:37:33 GMT

GET
H/1.1 200
OK command Show response
esp.aptrinsic.com/rte/v1/ 73 B
407 B 113ms
113ms XHR
application/json 35.184.35.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: web-sdk.aptrinsic.com
URL: https://web-sdk.aptrinsic.com/api/aptrinsic.js?a=AP-G80B2PFE4NVZ-2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.184.35.160 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

160.35.184.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

ca145f73d6bb6361617420c9da2ef37f0d66ee56885c10ef350462891931ba39

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 01:17:33 GMT
Strict-Transport-Security: max-age=3600;
Server: nginx
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
X-Application-Context: application:prod

GET
H/1.1 200
OK command Show response
esp.aptrinsic.com/rte/v1/ 69 B
403 B 227ms
114ms XHR
application/json 35.184.35.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://esp.aptrinsic.com/rte/v1/command?p=AP-G80B2PFE4NVZ-2&sv=0.51.0&v=AP-G80B2PFE4NVZ-2-1701739053448-13217234&ai=AP-G80B2PFE4NVZ-2-1701739053448-13217234&vt=0&s=AP-G80B2PFE4NVZ-2-1701739053449-56562842&et=identify&rf&sc=https%3A%2F%2F&ho=ootpdevelopments.onfastspring.com&pa=%2F&q&ha&sch=1200&scw=1600&pt=OOTP%20Developments%20Web%20Store&ep=%7B%22usf%22%3A%7B%22ide%22%3A%22foundationCheckout%3Aootpdevelopments%3Aundefined%22%2C%22customAttributes%22%3A%7B%22store%22%3A%22%22%2C%22live%22%3Atrue%2C%22referrer%22%3A%22%22%7D%2C%22accountId%22%3A%22ootpdevelopments%22%7D%2C%22acf%22%3A%7B%22id%22%3A%22ootpdevelopments%22%2C%22name%22%3A%22ootpdevelopments%22%2C%22customAttributes%22%3A%7B%7D%7D%7D&cb=1701739053451-5112

Requested by

Host: web-sdk.aptrinsic.com
URL: https://web-sdk.aptrinsic.com/api/aptrinsic.js?a=AP-G80B2PFE4NVZ-2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.184.35.160 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

160.35.184.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e8d5f24be51acecb3488271cd1a16e15063dc8f8b22e62847e406bb5b8d0c2b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 01:17:33 GMT
Strict-Transport-Security: max-age=3600;
Server: nginx
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
X-Application-Context: application:prod

GET
H/1.1 200
OK client Show response
esp.aptrinsic.com/rte/api/v1/feature/ 2 B
310 B 336ms
113ms XHR
application/json 35.184.35.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://esp.aptrinsic.com/rte/api/v1/feature/client?p=AP-G80B2PFE4NVZ-2&sv=0.51.0&v=AP-G80B2PFE4NVZ-2-1701739053448-13217234&ai=AP-G80B2PFE4NVZ-2-1701739053448-13217234&vt=0&s=AP-G80B2PFE4NVZ-2-1701739053449-56562842&wsv=0.51.0&cb=1701739053452-6984

Requested by

Host: web-sdk.aptrinsic.com
URL: https://web-sdk.aptrinsic.com/api/aptrinsic.js?a=AP-G80B2PFE4NVZ-2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.184.35.160 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

160.35.184.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 01:17:33 GMT
Strict-Transport-Security: max-age=3600;
Server: nginx
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Application-Context: application:prod

GET
H/1.1 200
OK command Show response
esp.aptrinsic.com/rte/v1/ 73 B
407 B 336ms
113ms XHR
application/json 35.184.35.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: web-sdk.aptrinsic.com
URL: https://web-sdk.aptrinsic.com/api/aptrinsic.js?a=AP-G80B2PFE4NVZ-2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.184.35.160 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

160.35.184.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

ca145f73d6bb6361617420c9da2ef37f0d66ee56885c10ef350462891931ba39

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 01:17:33 GMT
Strict-Transport-Security: max-age=3600;
Server: nginx
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
X-Application-Context: application:prod

GET
H/1.1 200
OK command Show response
esp.aptrinsic.com/rte/v1/ 69 B
403 B 113ms
113ms XHR
application/json 35.184.35.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://esp.aptrinsic.com/rte/v1/command?p=AP-G80B2PFE4NVZ-2&sv=0.51.0&v=AP-G80B2PFE4NVZ-2-1701739053681-86392799&ai=35416919-5bc1-4d45-9eba-1bc547e2b8e1&vt=2&s=AP-G80B2PFE4NVZ-2-1701739053680-99332716&et=sessionInitialized&rf&sc=https%3A%2F%2F&ho=ootpdevelopments.onfastspring.com&pa=%2F&q&ha&sch=1200&scw=1600&pt=OOTP%20Developments%20Web%20Store&ep=%7B%7D&cb=1701739053681-2729

Requested by

Host: web-sdk.aptrinsic.com
URL: https://web-sdk.aptrinsic.com/api/aptrinsic.js?a=AP-G80B2PFE4NVZ-2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.184.35.160 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

160.35.184.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e8d5f24be51acecb3488271cd1a16e15063dc8f8b22e62847e406bb5b8d0c2b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 01:17:33 GMT
Strict-Transport-Security: max-age=3600;
Server: nginx
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
X-Application-Context: application:prod

GET
H2 200 core.js Show response
d1f8f9xcsvx3ha.cloudfront.net/themes/core/8/ Frame AA55 1 KB
1 KB 10ms
9ms Script
application/javascript 18.154.71.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1f8f9xcsvx3ha.cloudfront.net/themes/core/8/core.js
Requested by: Host: d2kl989519khzp.cloudfront.net
URL: https://d2kl989519khzp.cloudfront.net/ootpdevelopments/?_ga=2.95296668.1672058190.1701739051-2126972456.1701739051&sid=new%2F63EqXXpSTS2qWes6Qn7xVA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.71.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-71-153.dus51.r.cloudfront.net
Software: GitHub.com /
Resource Hash: 9cf11fdcc6997f33d04e221a698fd0b223eadb5c18bc85d943937904c722f0b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d2kl989519khzp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-fastly-request-id: f5f9f456153761362035cc7accbd24432bd2e9fe
date: Sat, 11 Nov 2023 12:43:29 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 de6f29922e4f6a0a826069fcec45fde6.cloudfront.net (CloudFront)
x-proxy-cache: MISS
x-amz-cf-pop: DUS51-P4
age: 3371328
x-cache: Hit from cloudfront
x-cache-hits: 0
content-length: 492
x-served-by: cache-fra-eddf8230138-FRA
last-modified: Thu, 28 Sep 2023 19:31:02 GMT
server: GitHub.com
x-github-request-id: 46DA:5758:2C9A37D:2DE1DD4:65188866
x-timer: S1696106600.160110,VS0,VE101
etag: W/"6515d476-4ee"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-amz-cf-id: dsbmBwoZScmLfq_F6U3_e37JS8SAhWCydC_OXof58svYaLK1K4nmZg==
expires: Thu, 26 Oct 2023 22:58:40 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame AA55 146 KB
51 KB 196ms
88ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: d2kl989519khzp.cloudfront.net
URL: https://d2kl989519khzp.cloudfront.net/ootpdevelopments/?_ga=2.95296668.1672058190.1701739051-2126972456.1701739051&sid=new%2F63EqXXpSTS2qWes6Qn7xVA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f007fbda69dccd7dcb4c080ff6c707ca592fba1bf0b5be5955f5ed1572eea0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d2kl989519khzp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 01:17:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51655
x-xss-protection: 0
server: cafe
etag: 14331445450319878298
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 01:17:34 GMT

GET
H2 200 fst.js Show response
fastspringresources.com/ Frame AA55 27 KB
27 KB 437ms
196ms Script
application/javascript 44.214.164.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fastspringresources.com/fst.js
Requested by: Host: d2kl989519khzp.cloudfront.net
URL: https://d2kl989519khzp.cloudfront.net/ootpdevelopments/?_ga=2.95296668.1672058190.1701739051-2126972456.1701739051&sid=new%2F63EqXXpSTS2qWes6Qn7xVA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.214.164.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-214-164-195.compute-1.amazonaws.com
Software: Apache/2.4.53 (Rocky Linux) /
Resource Hash: bd880f8ea443323a1710f31d96fe4d1f6164b92940ad6fe9d0ad07133f53ba1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d2kl989519khzp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 01:17:34 GMT
last-modified: Wed, 05 Oct 2016 19:26:26 GMT
server: Apache/2.4.53 (Rocky Linux)
accept-ranges: bytes
etag: "6c8f-53e2327333c80"
content-length: 27791
content-type: application/javascript

GET
H/1.1 204
No Content kc Show response
esp.aptrinsic.com/rte/v2/ 0
312 B 114ms
113ms XHR
text/plain 35.184.35.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://esp.aptrinsic.com/rte/v2/kc?s=AP-G80B2PFE4NVZ-2-1701739053680-99332716&p=AP-G80B2PFE4NVZ-2

Requested by

Host: web-sdk.aptrinsic.com
URL: https://web-sdk.aptrinsic.com/api/aptrinsic.js?a=AP-G80B2PFE4NVZ-2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.184.35.160 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

160.35.184.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 01:17:34 GMT
Strict-Transport-Security: max-age=3600;
Server: nginx
Vary: Origin
Access-Control-Allow-Origin: https://ootpdevelopments.onfastspring.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Application-Context: application:prod

GET
H/1.1 204
No Content inapp Show response
esp.aptrinsic.com/rte/v1/ 0
257 B 114ms
113ms XHR
text/plain 35.184.35.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://esp.aptrinsic.com/rte/v1/inapp?p=AP-G80B2PFE4NVZ-2&sv=0.51.0&v=AP-G80B2PFE4NVZ-2-1701739053681-86392799&ai=35416919-5bc1-4d45-9eba-1bc547e2b8e1&vt=2&s=AP-G80B2PFE4NVZ-2-1701739053449-56562842&sc=https%3A%2F%2F&ho=ootpdevelopments.onfastspring.com&pa=%2F&q&ha&u=ootpdevelopments.onfastspring.com%2F&gcx=%7B%7D&cb=1701739054202-1362

Requested by

Host: web-sdk.aptrinsic.com
URL: https://web-sdk.aptrinsic.com/api/aptrinsic.js?a=AP-G80B2PFE4NVZ-2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.184.35.160 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

160.35.184.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 01:17:34 GMT
Strict-Transport-Security: max-age=3600;
Server: nginx
Vary: Origin
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
X-Application-Context: application:prod

GET
H/1.1 204
No Content kc Show response
esp.aptrinsic.com/rte/v2/ 0
312 B 114ms
113ms XHR
text/plain 35.184.35.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://esp.aptrinsic.com/rte/v2/kc?s=AP-G80B2PFE4NVZ-2-1701739053680-99332716&p=AP-G80B2PFE4NVZ-2

Requested by

Host: web-sdk.aptrinsic.com
URL: https://web-sdk.aptrinsic.com/api/aptrinsic.js?a=AP-G80B2PFE4NVZ-2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.184.35.160 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

160.35.184.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 01:17:34 GMT
Strict-Transport-Security: max-age=3600;
Server: nginx
Vary: Origin
Access-Control-Allow-Origin: https://ootpdevelopments.onfastspring.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Application-Context: application:prod

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/ Frame 07A9 9 KB
4 KB 160ms
51ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d2kl989519khzp.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83480
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 02:06:14 GMT
etag: 12051592065903069241
expires: Mon, 18 Dec 2023 02:06:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 204
No Content kc Show response
esp.aptrinsic.com/rte/v2/ 0
312 B 114ms
114ms XHR
text/plain 35.184.35.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://esp.aptrinsic.com/rte/v2/kc?s=AP-G80B2PFE4NVZ-2-1701739053680-99332716&p=AP-G80B2PFE4NVZ-2

Requested by

Host: web-sdk.aptrinsic.com
URL: https://web-sdk.aptrinsic.com/api/aptrinsic.js?a=AP-G80B2PFE4NVZ-2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.184.35.160 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

160.35.184.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 01:17:34 GMT
Strict-Transport-Security: max-age=3600;
Server: nginx
Vary: Origin
Access-Control-Allow-Origin: https://ootpdevelopments.onfastspring.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Application-Context: application:prod

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame AA55 187 KB
70 KB 175ms
66ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TDSV9B

Requested by

Host: d2kl989519khzp.cloudfront.net
URL: https://d2kl989519khzp.cloudfront.net/ootpdevelopments/?_ga=2.95296668.1672058190.1701739051-2126972456.1701739051&sid=new%2F63EqXXpSTS2qWes6Qn7xVA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

491f5f737c862539cb1e873930d3d86d9249d898f5475e6797cc0cecaffeed2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d2kl989519khzp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 01:17:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71157
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Dec 2023 01:17:34 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame AA55 52 KB
21 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDSV9B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d2kl989519khzp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 23:22:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6901
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 05 Dec 2023 01:22:33 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1071788435/ Frame AA55 3 KB
2 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071788435/?random=1701739054858&cv=11&fst=1701739054858&bg=ffffff&guid=ON&async=1&gtm=45He3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fd2kl989519khzp.cloudfront.net%2Footpdevelopments%2F%3F_ga%3D2.95296668.1672058190.1701739051-2126972456.1701739051%26sid%3Dnew%252F63EqXXpSTS2qWes6Qn7xVA&ref=https%3A%2F%2Footpdevelopments.onfastspring.com%2F&top=https%3A%2F%2Footpdevelopments.onfastspring.com%2F&hn=www.googleadservices.com&frm=2&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDSV9B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25477edd15026e587c0b64603cf5811424b82eca642860831e8689ed98a95609

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d2kl989519khzp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 01:17:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1324
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ Frame AA55 45 KB
17 KB 186ms
53ms Script
text/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: ootpdevelopments.onfastspring.com
URL: https://ootpdevelopments.onfastspring.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d2kl989519khzp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 23:54:56 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4959
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Tue, 05 Dec 2023 01:54:56 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame AA55 202 KB
55 KB 23ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ootpdevelopments.onfastspring.com
URL: https://ootpdevelopments.onfastspring.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d2kl989519khzp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 05 Dec 2023 01:17:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/?minimize=0"
pragma: public
x-fb-debug: 1PZshfyBYzmrCryQzND16ZQgUBeRjX5qTvQRhaoWbpw+yrdX315PAA9iM7s/j0pBfg9zpjM1fnwbbqV9sst60Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 A1778643-81fb-42a5-9956-dac48c3442201.js Show response
d.impactradius-event.com/ Frame AA55 41 KB
13 KB 187ms
123ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.impactradius-event.com/A1778643-81fb-42a5-9956-dac48c3442201.js
Requested by: Host: ootpdevelopments.onfastspring.com
URL: https://ootpdevelopments.onfastspring.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ba1c2e33dcfdf75ba0b9f4f91aff590331d76ff023f30c9e07e5c8fda7f495af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d2kl989519khzp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 01:17:34 GMT
content-encoding: gzip
age: 1
x-guploader-uploadid: ABPtcPoSYD3DYgBh5TeYh_XVAolrEQ1aVIIdRgG5WVw5KlY_t5SLfiLU1hpZ5QbEkWSu5Ij553HxM32lDYDC5EWodTwaDg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12931
last-modified: Fri, 13 Nov 2020 02:31:25 GMT
server: UploadServer
etag: "02d8acaf9b9819439a9b5de2bedf82a5"
vary: Accept-Encoding
x-goog-generation: 1605234685062421
x-goog-hash: crc32c=vuDT5A==, md5=Atisr5uYGUOam13ivt+CpQ==
access-control-allow-origin: *
content-type: text/javascript; charset=utf-8
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 12931
accept-ranges: bytes
expires: Tue, 05 Dec 2023 01:22:34 GMT

GET
H2 200 271608383332452 Show response
connect.facebook.net/signals/config/ Frame AA55 133 KB
35 KB 100ms
99ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/271608383332452?v=2.9.138&r=stable&domain=ootpdevelopments.onfastspring.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4a56c39c76e8c38902eb1ad116b93573f14594a9db760271ada8a54b6106afd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d2kl989519khzp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 05 Dec 2023 01:17:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/?minimize=0"
pragma: public
x-fb-debug: J/aM+DOGdnS7FBeUHj1QYZI4yvRLyWxpcZLyQZ8iRQWSOqYa0MQajZ9L3PgyeO2IyoFzL4fHih0PMAGMG6gS5A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1071788435/ Frame AA55 42 B
455 B 181ms
65ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1071788435/?random=1701739054858&cv=11&fst=1701738000000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd2kl989519khzp.cloudfront.net%2Footpdevelopments%2F%3F_ga%3D2.95296668.1672058190.1701739051-2126972456.1701739051%26sid%3Dnew%252F63EqXXpSTS2qWes6Qn7xVA&ref=https%3A%2F%2Footpdevelopments.onfastspring.com%2F&frm=2&fmt=3&is_vtc=1&cid=CAQSGwDICaaNhfBh_ipCwVzSr30CnoI8mSFcvN6Mcg&random=1423787002&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d2kl989519khzp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 01:17:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1071788435/ Frame AA55 42 B
455 B 191ms
71ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1071788435/?random=1701739054858&cv=11&fst=1701738000000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fd2kl989519khzp.cloudfront.net%2Footpdevelopments%2F%3F_ga%3D2.95296668.1672058190.1701739051-2126972456.1701739051%26sid%3Dnew%252F63EqXXpSTS2qWes6Qn7xVA&ref=https%3A%2F%2Footpdevelopments.onfastspring.com%2F&frm=2&fmt=3&is_vtc=1&cid=CAQSGwDICaaNhfBh_ipCwVzSr30CnoI8mSFcvN6Mcg&random=1423787002&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d2kl989519khzp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 01:17:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame AA55 0
185 B 35ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=271608383332452&ev=PageView&dl=https%3A%2F%2Fd2kl989519khzp.cloudfront.net%2Footpdevelopments%2F%3F_ga%3D2.95296668.1672058190.1701739051-2126972456.1701739051%26sid%3Dnew%252F63EqXXpSTS2qWes6Qn7xVA&rl=https%3A%2F%2Footpdevelopments.onfastspring.com%2F&if=true&ts=1701739055030&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmgoogletagmanager&ec=0&o=4126&ler=other&it=1701739054916&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d2kl989519khzp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 05 Dec 2023 01:17:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK 1*1.gif
logs-01.loggly.com/inputs/9b965af4-52fb-46fa-be1b-8dc5fb0aad05/tag/jsinsight/ Frame AA55 0
0 701ms
170ms Image
text/html 52.24.1.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logs-01.loggly.com/inputs/9b965af4-52fb-46fa-be1b-8dc5fb0aad05/tag/jsinsight/1*1.gif?ver=U8&acid=A1778643-81fb-42a5-9956-dac48c3442201&type=UTT&msg=No%20campaign%20for%20landing%20page%3A%20https%3A%2F%2Fd2kl989519khzp.cloudfront.net%2Footpdevelopments%2F%3F_ga%3D2.95296668.1672058190.1701739051-2126972456.1701739051%26sid%3Dnew%252F63EqXXpSTS2qWes6Qn7xVA&event=identify()%20exit&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.199%20Safari%2F537.36
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.24.1.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-24-1-210.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d2kl989519khzp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H/1.1 204
No Content kc Show response
esp.aptrinsic.com/rte/v2/ 0
312 B 114ms
114ms XHR
text/plain 35.184.35.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://esp.aptrinsic.com/rte/v2/kc?s=AP-G80B2PFE4NVZ-2-1701739053680-99332716&p=AP-G80B2PFE4NVZ-2

Requested by

Host: web-sdk.aptrinsic.com
URL: https://web-sdk.aptrinsic.com/api/aptrinsic.js?a=AP-G80B2PFE4NVZ-2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.184.35.160 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

160.35.184.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ootpdevelopments.onfastspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 01:17:36 GMT
Strict-Transport-Security: max-age=3600;
Server: nginx
Vary: Origin
Access-Control-Allow-Origin: https://ootpdevelopments.onfastspring.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Application-Context: application:prod

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.onfastspring.com/	1970-01-21 02:18:19	Name: _ga Value: GA1.2.2126972456.1701739051
.onfastspring.com/	1970-01-20 16:43:45	Name: _gid Value: GA1.2.1672058190.1701739051
.onfastspring.com/	1970-01-20 16:42:20	Name: apt.sid Value: AP-G80B2PFE4NVZ-2-1701739053680-99332716
.onfastspring.com/	1970-01-21 01:27:55	Name: apt.uid Value: AP-G80B2PFE4NVZ-2-1701739053681-86392799.0.2.35416919-5bc1-4d45-9eba-1bc547e2b8e1
.doubleclick.net/	1970-01-20 16:42:19	Name: test_cookie Value: CheckForPermission

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://ootpdevelopments.onfastspring.com/ Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	error	URL: https://ootpdevelopments.onfastspring.com/(Line 8) Message: Refused to load the image 'https://d1f8f9xcsvx3ha.cloudfront.net/themes/images/fastspring-310x310.png' because it violates the following Content Security Policy directive: "img-src https://dcnz2rrcot657.cloudfront.net https://www.google-analytics.com https://d230f6bx2wm7w3.cloudfront.net .pendo.io https://storage.google.com .sift.com https://hexagon-analytics.com *.fastspring.com https://d8y8nchqlnmka.cloudfront.net https://d37uz57cydkqly.cloudfront.net https://seal.websecurity.norton.com https://seal.digicert.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' logger.fastspring.com apis.fastspring.com .pendo.io .aptrinsic.com https://pendo-static-5711234847211520.storage.googleapis.com .sift.com https://hexagon-analytics.com .fastspring.com; script-src https://ajax.googleapis.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://d1f8f9xcsvx3ha.cloudfront.net .pendo.io .aptrinsic.com .sift.com https://hexagon-analytics.com .fastspring.com https://d37uz57cydkqly.cloudfront.net https://seal.websecurity.norton.com https://seal.digicert.com; img-src https://dcnz2rrcot657.cloudfront.net https://www.google-analytics.com https://d230f6bx2wm7w3.cloudfront.net .pendo.io https://storage.google.com .sift.com https://hexagon-analytics.com .fastspring.com https://d8y8nchqlnmka.cloudfront.net https://d37uz57cydkqly.cloudfront.net https://seal.websecurity.norton.com https://seal.digicert.com; font-src https://cdnjs.cloudflare.com https://d1f8f9xcsvx3ha.cloudfront.net https://d37uz57cydkqly.cloudfront.net; style-src https://cdnjs.cloudflare.com https://d1f8f9xcsvx3ha.cloudfront.net .pendo.io .aptrinsic.com 'unsafe-inline' .sift.com https://hexagon-analytics.com .fastspring.com https://d37uz57cydkqly.cloudfront.net; frame-src ; sandbox allow-downloads allow-scripts allow-forms allow-same-origin allow-top-navigation allow-popups allow-popups-to-escape-sandbox; child-src *; frame-ancestors 'self';
Strict-Transport-Security	max-age=631138519
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.pendo.io
connect.facebook.net
d.impactradius-event.com
d1f8f9xcsvx3ha.cloudfront.net
d2kl989519khzp.cloudfront.net
d37uz57cydkqly.cloudfront.net
d8y8nchqlnmka.cloudfront.net
dcnz2rrcot657.cloudfront.net
esp.aptrinsic.com
fastspringresources.com
googleads.g.doubleclick.net
logs-01.loggly.com
ootpdevelopments.onfastspring.com
pagead2.googlesyndication.com
seal.digicert.com
ssl.google-analytics.com
web-sdk.aptrinsic.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
108.138.2.26
18.154.71.153
18.173.226.10
18.66.242.115
18.66.242.195
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2008
2a00:1450:4001:813::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82f::200e
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
34.36.213.229
35.184.35.160
35.186.249.72
35.190.35.221
44.214.164.195
44.217.222.134
52.24.1.210
63.33.186.64
0f007fbda69dccd7dcb4c080ff6c707ca592fba1bf0b5be5955f5ed1572eea0b
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
17f797e9e61bb2b77b05e1394a1ca68edc190ed7bd6d066d1b6ba71e11248bab
1bcdd24ea374f3f324b98da8d764bc4e62f354446cbcad6386abeaa7e5eb579c
20b480e0c0c4b3cec120c090895f81fad13451cd4b872feeb965b4669b3191ab
254587ad0451738f71112e86cc09eec6f6e6615488a1b0bcad7a523f804029fd
25477edd15026e587c0b64603cf5811424b82eca642860831e8689ed98a95609
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3f4a7528981ab7f92a49e73c83576ffbbf18eb84c6f64c0ec1975394601e0017
491f5f737c862539cb1e873930d3d86d9249d898f5475e6797cc0cecaffeed2e
4e0388a34f0770060785d66141510cf29402ab890b98e33060776751843606a4
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
687ceb1e0645a98b5ad3b042d2292c94f9f6c54ce77803ac30e9db57f7de6fa0
6c4a1d42b69d37ea259601b42383c7179433ed86ada96064f0b15ea43a15256a
708985cc1002be6aa2aa74f22866fa044c7b47969192a066c2a19f4200231d1f
714fd4f7b8fe5d447dd224a101a719ef1f17d4dc752d473fb46063f255af9904
802a3cb7595f14f16c36837989c3891dec2b38166b5a75bfdb2fde7c4ab09a4d
81f277888d1ee510668666fb819bcf637e488b613dac15cf78cbe9d1ac41658c
82cae0ecdbfe1a8f3c378fbc77e1626ed24df8849d4335b591b0f0296ab957ba
952a6d3c38e43e3cd4152518ee680bf0b5571f581623876931d663b06e3309bc
9cf11fdcc6997f33d04e221a698fd0b223eadb5c18bc85d943937904c722f0b9
9e4fa691e4771f7fa9daa6821bee812b4a45847ccc5202647f1f03fc56de6314
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
b1a7c62d1e7e740cdee8d0805ca7ecd1cc98e0b2bbc50b0ae2e8c5b990235723
b48b8644b5af35815952a6495d12e5ff9aedc93848bd63fe602fb9e82e1c1c58
ba1c2e33dcfdf75ba0b9f4f91aff590331d76ff023f30c9e07e5c8fda7f495af
bab66971b9ea7dbd85d83c3e3955b755cb659814e29ed2a0ad8dd3496f99c0f1
bd880f8ea443323a1710f31d96fe4d1f6164b92940ad6fe9d0ad07133f53ba1a
c35636ccf64a9dc24d2b725283c15e665205f16d722593848d3a4bfd1020bfa8
c4a56c39c76e8c38902eb1ad116b93573f14594a9db760271ada8a54b6106afd
ca145f73d6bb6361617420c9da2ef37f0d66ee56885c10ef350462891931ba39
d1b239262c9f049195399a88e98b5c2b43772ea7dde3c3e8aadee1a812e730ed
d1f9afcb9238e7baf51edd32eac9d9b44f870ab5d59382b30b8b115040435363
d3ee501294d1225894748b9c70455957ac2abe06f3f8c55d7d678bbb8ea563aa
d95ead0173ed4e3354f3c3f32cc5453bcc60da440fe5cd8e2ce07ab3f9b0c185
d9f931bf4d967289e41de7b281290522366026ee82e23f779de6dd6d8d817404
da47828a0685192697dae5e3ad68537e3e108aeabf6e1e85aac0467ad6130b22
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48f9a8e3d60e87a88ca3030aa3f84df87cc537ac2adcf88f43ed863237a7ee3
e493da426525c051f88539c28fd8a845b7ca7e225414e756edd4f698d818f244
e8d5f24be51acecb3488271cd1a16e15063dc8f8b22e62847e406bb5b8d0c2b0
ebb0d7493543b1b2244f726560a09344d3ae213555b5042c71076f9f2e244337
ebe63fddb384143c635c3d05a02d1746cc21146db90beb53d510eb9bbe7715f7
ecf4b4d048333f5c66646605bad2e3c5bf1ae254d23900982c45f446b66d6d2e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f272e075723b78113a9ec762ea806d9b9d00f2d4aac044f8b372fa9d987c7f6f
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

ootpdevelopments.onfastspring.com Open in urlscan Pro 44.217.222.134 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

59 Requests

100 %HTTPS

41 %IPv6

16 Domains

22 Subdomains

22 IPs

3 Countries

2244 kBTransfer

4179 kBSize

5 Cookies

5 Outgoing links

Page URL History

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ootpdevelopments.onfastspring.com Open in urlscan Pro
44.217.222.134 Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

100 %
HTTPS

41 %
IPv6

16
Domains

22
Subdomains

22
IPs

3
Countries

2244 kB
Transfer

4179 kB
Size

5
Cookies

59 HTTP transactions
0 data transactions