www.td.org Open in urlscan Pro
2606:4700:10::6816:4f93 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://astd.org/
Effective URL:
https://www.td.org/
Submission Tags: tranco_l324
Submission: On November 12 via api (November 12th 2021, 2:25:41 am UTC) from DE — Scanned from DE

Summary HTTP 133 Redirects Links 47 Behaviour Indicators

Summary

This website contacted 43 IPs in 4 countries across 30 domains to perform 133 HTTP transactions. The main IP is 2606:4700:10::6816:4f93, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.td.org.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on March 16th 2020. Valid for: 2 years.

This is the only time www.td.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	66.227.71.166 66.227.71.166	21886 (MINDSHIFT) (MINDSHIFT)
6	2606:4700:10:... 2606:4700:10::6816:4f93	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::282	54113 (FASTLY) (FASTLY)
5 8	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2600:9000:215... 2600:9000:2156:5e00:1c:69b2:9480:21	16509 (AMAZON-02) (AMAZON-02)
9	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	143.204.101.35 143.204.101.35	16509 (AMAZON-02) (AMAZON-02)
8	52.216.138.149 52.216.138.149	16509 (AMAZON-02) (AMAZON-02)
2	52.239.137.4 52.239.137.4	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
14	143.204.99.83 143.204.99.83	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:6600:6:4f98:bc40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.93 143.204.98.93	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.33 143.204.98.33	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c03::9a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:94f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba11	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
3	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2 2	2620:119:50e5... 2620:119:50e5:101::9002:c05	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
4	151.101.65.208 151.101.65.208	54113 (FASTLY) (FASTLY)
1 2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:4e93	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6	2a03:b0c0:3:d... 2a03:b0c0:3:d0::d23:4001	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
5	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	143.204.98.123 143.204.98.123	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.210.84.221 52.210.84.221	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.62 143.204.98.62	16509 (AMAZON-02) (AMAZON-02)
2	143.204.98.96 143.204.98.96	16509 (AMAZON-02) (AMAZON-02)
133	43

1 66.227.71.166 (United States) 1 redirects

ASN21886 (MINDSHIFT, US)

astd.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:10::6816:4f93 (United States)

ASN13335 (CLOUDFLARENET, US)

www.td.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
emailprofile.td.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6810:7aaf (United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2600:9000:2156:5e00:1c:69b2:9480:21 (United States)

ASN16509 (AMAZON-02, US)

d19d5sz0wkl0lu.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-35.fra50.r.cloudfront.net

d2suo6y6ick5ug.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.216.138.149 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.239.137.4 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

optanon.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 143.204.99.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-99-83.fra50.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:6600:6:4f98:bc40:93a1 (United States)

ASN16509 (AMAZON-02, US)

analytics.formstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-93.fra50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-33.fra50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

31791c57abdf2cfd3457cbea44eea327.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c03::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:94f (United States)

ASN13335 (CLOUDFLARENET, US)

js.appboycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba11 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e5:101::9002:c05 (San Francisco, United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.65.208 (United States)

ASN54113 (FASTLY, US)

sdk.iad-03.braze.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4e93 (United States)

ASN13335 (CLOUDFLARENET, US)

apisegment.td.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:b0c0:3:d0::d23:4001 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

atd-api.td.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-123.fra50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.84.221 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-84-221.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-62.fra50.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-96.fra50.r.cloudfront.net

d22bbllmj4tvv8.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	cloudfront.net d19d5sz0wkl0lu.cloudfront.net d2suo6y6ick5ug.cloudfront.net d22bbllmj4tvv8.cloudfront.net	718 KB
14	googlesyndication.com 31791c57abdf2cfd3457cbea44eea327.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	206 KB
14	segment.com cdn.segment.com	114 KB
13	td.org www.td.org apisegment.td.org atd-api.td.org emailprofile.td.org	119 KB
12	doubleclick.net 1 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	179 KB
8	amazonaws.com s3.amazonaws.com	5 MB
8	unpkg.com 5 redirects unpkg.com	17 KB
6	google.com 1 redirects adservice.google.com www.google.com	2 KB
5	google-analytics.com www.google-analytics.com	60 KB
4	braze.com sdk.iad-03.braze.com	2 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
4	google.de adservice.google.de www.google.de	2 KB
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	64 KB
3	bing.com bat.bing.com	11 KB
3	facebook.net connect.facebook.net	134 KB
2	facebook.com www.facebook.com	376 B
2	googleadservices.com www.googleadservices.com	16 KB
2	googletagmanager.com www.googletagmanager.com	56 KB
2	googletagservices.com www.googletagservices.com	73 KB
2	windows.net optanon.blob.core.windows.net	25 KB
1	hotjar.io vc.hotjar.io	258 B
1	twitter.com analytics.twitter.com	675 B
1	onetrust.com geolocation.onetrust.com	256 B
1	t.co t.co	470 B
1	ads-twitter.com static.ads-twitter.com	6 KB
1	licdn.com snap.licdn.com	2 KB
1	appboycdn.com js.appboycdn.com	48 KB
1	formstack.com analytics.formstack.com	13 KB
1	polyfill.io polyfill.io	559 B
1	astd.org 1 redirects astd.org	123 B
133	30

	Domain	Requested by
19	d19d5sz0wkl0lu.cloudfront.net	www.td.org d19d5sz0wkl0lu.cloudfront.net
14	cdn.segment.com	www.td.org cdn.segment.com
9	securepubads.g.doubleclick.net	www.td.org securepubads.g.doubleclick.net www.googletagservices.com
8	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
8	s3.amazonaws.com	www.td.org
8	unpkg.com	5 redirects www.td.org
6	atd-api.td.org	s3.amazonaws.com
5	pagead2.googlesyndication.com	www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
5	www.google.com	1 redirects securepubads.g.doubleclick.net www.td.org tpc.googlesyndication.com
5	www.google-analytics.com	www.td.org www.google-analytics.com
4	sdk.iad-03.braze.com	js.appboycdn.com
4	www.td.org	www.td.org d19d5sz0wkl0lu.cloudfront.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.td.org
3	connect.facebook.net	cdn.segment.com connect.facebook.net
3	www.google.de	www.td.org
2	d22bbllmj4tvv8.cloudfront.net
2	emailprofile.td.org	d2suo6y6ick5ug.cloudfront.net
2	www.facebook.com	www.td.org
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	px.ads.linkedin.com	2 redirects
2	www.googleadservices.com	cdn.segment.com www.googleadservices.com
2	www.googletagmanager.com	www.td.org
2	www.googletagservices.com	securepubads.g.doubleclick.net
2	optanon.blob.core.windows.net	www.td.org optanon.blob.core.windows.net
1	vc.hotjar.io	script.hotjar.com
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	analytics.twitter.com	static.ads-twitter.com
1	geolocation.onetrust.com	d19d5sz0wkl0lu.cloudfront.net
1	t.co	www.td.org
1	apisegment.td.org	cdn.segment.com
1	px4.ads.linkedin.com	www.td.org
1	www.linkedin.com	1 redirects
1	static.ads-twitter.com	cdn.segment.com
1	snap.licdn.com	cdn.segment.com
1	js.appboycdn.com	cdn.segment.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	31791c57abdf2cfd3457cbea44eea327.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	www.td.org
1	analytics.formstack.com	www.td.org
1	d2suo6y6ick5ug.cloudfront.net	www.td.org
1	polyfill.io	www.td.org
1	astd.org	1 redirects
133	46

This site contains links to these domains. Also see Links.

Domain
cookiepedia.co.uk
onetrust.com
content.td.org
help.td.org
checkout.td.org
my.td.org
webcasts.td.org
jobs.td.org
www.facebook.com
twitter.com
www.linkedin.com
www.pinterest.ca
www.instagram.com

Subject Issuer	Validity	Valid
*.td.org Starfield Secure Certificate Authority - G2	`2020-03-16` - `2022-05-15`	2 years	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2020	`2021-06-04` - `2022-07-06`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 01	`2021-08-31` - `2022-08-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.segment.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-19` - `2022-08-09`	a year	crt.sh
*.formstack.com Amazon	`2021-05-19` - `2022-06-17`	a year	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-13` - `2022-07-12`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-21` - `2021-11-19`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.iad-03.braze.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-03` - `2022-06-04`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
atd-api.td.org R3	`2021-10-22` - `2022-01-20`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
*.hotjar.io Amazon	`2021-08-17` - `2022-09-15`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.td.org/
Frame ID: 48D74F2E11C1C8B68616EC879C5B6C74
Requests: 109 HTTP requests in this frame

Frame: https://31791c57abdf2cfd3457cbea44eea327.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8DF3465855D0BFC34237DA859576B51A
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZiAArTat7Rbp1ET_lnyQOSZAVoOWdUqS7x7b6JxZCLF6FTXlLE6gXqajQDaQjUI_OdWK5VtufUhMLepX-DiE9DL8UQnau2HSBOGuegwn3R3B1sNjqTb84XBcXcV5ODaU4293SwMKBSLhgTK7el3zGxU_maqRx1a4ue1LWgl80rdbWmfZfn49BYhpbkAkodZRSjMaPbFk4KqhRBJg4e4tQuMWefhopH3x3odgvViuuh2Oe7yzleCjf7YDtBGk1WzM0t4bvUdyB9QlwO6YJ5LZn4rEbdisIKoiMgd_eaoTUGcYE0GfWC9EnWqB9wYn0_ffANw&sai=AMfl-YQYg3K8iP76p5Wcv0wxOd0r6kZvi9k_jZxQ1mx6WIAoJyLOqGgKoKGbxbwBmReqJzqrIzr6dPm32YgimcJOw9oboddL45WrT7wnvpQY5VmRAA3FZmYg-HY98Qft44w&sig=Cg0ArKJSzLDb8CwuJa50EAE&uach_m=[UACH]&adurl=
Frame ID: 13AAF6246A65C6EC90862FB0AA5A448A
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssW9tVeSF80ogvbBFmvCgGtzzTwztIII0ijgarE3SL3HcsglX-2OVE0V4k5bp7RhEJeXIDfDwG_4pVy5WeJVdSuOGnLy7aDR4FeDfn6L8qrDA6Ayg6szFfgTCPT2c9r7nkKAJK2-Q7zxTd4i_EsoHp8tVXBue4S7du3vJFBDv02MDHRA52-RzQsMdvxcZtWToAg8ejbY5G3ZQBB2C7nQPg8R9k7HAlDg8vRfUxmUs0F-9tWHX-v0mPEkQpGlUinHQb2YwDckPanJgb8QYvy5JfMpq__0SuSHhdRHlJATrasBaGsbuWC9pMiq4BzlQ&sai=AMfl-YRP61uNKiBSjxBhjgQl9hSnxzANxwBZjvdS_vFA-GFS_0xfebcVusgRFRMZbFvHQAStgy-Ea2MUrxDuHDFIoFynkm3_N3SbZenSI2YATnqD3z-wRD9Q2rtc43RNEW4&sig=Cg0ArKJSzA6SQeHv0WUDEAE&uach_m=[UACH]&adurl=
Frame ID: 817B8A32926181661283D76BA4BB2146
Requests: 9 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: EED9C32275B3AE88A322DF95FAEFFD4A
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-028f986f575e1b13474634857daa6bfc.html
Frame ID: E4062AE76C2C246EF538171ABEC14ABE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 582EEBA5C1D53A7924E35B37CF1F5F70
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 21E8FE4A4E9F40BBB1D165D6EB3C0ED1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ATD | The World's Largest Talent Development Association

Page URL History Show full URLs

http://astd.org/ HTTP 301
https://www.td.org/ Page URL

Page Statistics

133
Requests

96 %
HTTPS

60 %
IPv6

30
Domains

46
Subdomains

43
IPs

4
Countries

6956 kB
Transfer

10177 kB
Size

31
Cookies

47 Outgoing links

These are links going to different origins than the main page.

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More Information

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

URL: https://content.td.org/r/104409

Search URL Search Domain Scan URL

URL: https://help.td.org/hc/en-us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://checkout.td.org/
Title: Cart

Search URL Search Domain Scan URL

URL: https://checkout.td.org/membership
Title: Become A Member

Search URL Search Domain Scan URL

URL: https://my.td.org/search/courses?hierarchicalMenu%5BcontentTypes.lvl0%5D=Course+%3E+Master+Program
Title: Master Programs

Search URL Search Domain Scan URL

URL: https://my.td.org/search/courses?hierarchicalMenu%5BcontentTypes.lvl0%5D=Course+%3E+Certificate+Program
Title: Certificate Programs

Search URL Search Domain Scan URL

URL: https://my.td.org/search/courses?hierarchicalMenu%5BcontentTypes.lvl0%5D=Course+%3E+Individual+Course&query=essentials&page=1
Title: Essentials Courses

Search URL Search Domain Scan URL

URL: https://my.td.org/search/courses?hierarchicalMenu%5BcontentTypes.lvl0%5D=Course+%3E+Individual+Course&page=1&refinementList%5BpurchasableItems.deliveryMethods%5D%5B0%5D=On+Demand
Title: On Demand Courses

Search URL Search Domain Scan URL

URL: https://my.td.org/search/courses?hierarchicalMenu%5BcontentTypes.lvl0%5D=Course+%3E+Micro+Course
Title: Micro Courses

Search URL Search Domain Scan URL

URL: https://my.td.org/search/courses
Title: See All

Search URL Search Domain Scan URL

URL: https://my.td.org/search/courses?hierarchicalMenu%5BcontentTypes.lvl0%5D=Course&refinementList%5BpurchasableItems.deliveryMethods%5D%5B0%5D=Face-to-Face&page=1
Title: Face-to-Face

Search URL Search Domain Scan URL

URL: https://my.td.org/search/courses?hierarchicalMenu%5BcontentTypes.lvl0%5D=Course&refinementList%5BpurchasableItems.deliveryMethods%5D%5B0%5D=Live+Online&page=1
Title: Live Online

Search URL Search Domain Scan URL

URL: https://my.td.org/search/courses?hierarchicalMenu%5BcontentTypes.lvl0%5D=Course&refinementList%5BpurchasableItems.deliveryMethods%5D%5B0%5D=On+Demand&page=1
Title: On Demand

Search URL Search Domain Scan URL

URL: https://my.td.org/search/courses?hierarchicalMenu%5BcontentTypes.lvl0%5D=Course&refinementList%5Btopics%5D%5B0%5D=Training+Delivery+and+Facilitation&page=1
Title: Training Delivery and Facilitation

Search URL Search Domain Scan URL

URL: https://my.td.org/search/courses?hierarchicalMenu%5BcontentTypes.lvl0%5D=Course&refinementList%5Btopics%5D%5B0%5D=Instructional+Design&page=1
Title: Instructional Design

Search URL Search Domain Scan URL

URL: https://my.td.org/search/courses?hierarchicalMenu%5BcontentTypes.lvl0%5D=Course&refinementList%5Btopics%5D%5B0%5D=Technology+Application&page=1
Title: Technology Application

Search URL Search Domain Scan URL

URL: https://help.td.org/hc/en-us/categories/203765247-Education
Title: Education Course FAQs

Search URL Search Domain Scan URL

URL: https://webcasts.td.org/webinar/4539

Search URL Search Domain Scan URL

URL: https://content.td.org/r/104416

Search URL Search Domain Scan URL

URL: https://content.td.org/r/30519
Title: Join Today

Search URL Search Domain Scan URL

URL: https://jobs.td.org/job/learning-development-specialist/59625601/
Title: Learning & Development Specialist

Search URL Search Domain Scan URL

URL: https://jobs.td.org/job/talent-development-specialist/59578638/
Title: Talent Development Specialist

Search URL Search Domain Scan URL

URL: https://jobs.td.org/job/senior-instructional-designer/59557275/
Title: Senior Instructional Designer

Search URL Search Domain Scan URL

URL: https://jobs.td.org/job/senior-instructional-designer/59511419/
Title: Senior Instructional Designer

Search URL Search Domain Scan URL

URL: https://jobs.td.org/job/instructional-designer-remote/58391633/
Title: Instructional Designer - Remote

Search URL Search Domain Scan URL

URL: https://jobs.td.org/job/senior-talent-development-specialist/59675648/
Title: Senior Talent Development Specialist

Search URL Search Domain Scan URL

URL: https://jobs.td.org/job/director-of-training/59611007/
Title: Director of Training

Search URL Search Domain Scan URL

URL: https://jobs.td.org/job/instructional-design-contractor/59610376/
Title: Instructional Design Contractor

Search URL Search Domain Scan URL

URL: https://jobs.td.org/job/organizational-development-workforce-training-development-specialist/59537262/
Title: ORGANIZATIONAL DEVELOPMENT / WORKFORCE TRAINING & DEVELOPMENT SPECIALIST

Search URL Search Domain Scan URL

URL: https://jobs.td.org/job/director-construction-learning-development/59428748/
Title: Director, Construction Learning & Development

Search URL Search Domain Scan URL

URL: https://jobs.td.org/job/search/
Title: Find a Job

Search URL Search Domain Scan URL

URL: https://jobs.td.org/employer/post/
Title: Post a Job

Search URL Search Domain Scan URL

URL: https://webcasts.td.org/webinar/4319
Title: Coaching Managers to Effectively Manage Change and Improve Productivity

Search URL Search Domain Scan URL

URL: https://webcasts.td.org/webinar/4510
Title: Why You Need to Add Networking Skills to Your Training Program Now (and How to Do It!)

Search URL Search Domain Scan URL

URL: https://webcasts.td.org/webinar/4511
Title: Curiosity Unleashes the Power of People

Search URL Search Domain Scan URL

URL: https://webcasts.td.org/webinar/4490
Title: Leverage Polarities for Career and Leadership Success

Search URL Search Domain Scan URL

URL: https://webcasts.td.org/
Title: View All

Search URL Search Domain Scan URL

URL: https://content.td.org/r/101818

Search URL Search Domain Scan URL

URL: https://content.td.org/r/80345

Search URL Search Domain Scan URL

URL: https://jobs.td.org/
Title: ATD Job Bank

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ATD

Search URL Search Domain Scan URL

URL: https://twitter.com/ATD

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/association-for-talent-development/

Search URL Search Domain Scan URL

URL: https://www.pinterest.ca/ATDofficial/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/atdnational/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://astd.org/ HTTP 301
https://www.td.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://unpkg.com/@popperjs/core@2 HTTP 302
https://unpkg.com/@popperjs/core@2.10.2 HTTP 302
https://unpkg.com/@popperjs/core@2.10.2/dist/umd/popper.min.js

Request Chain 2

https://unpkg.com/tippy.js@6 HTTP 302
https://unpkg.com/tippy.js@6.3.7 HTTP 302
https://unpkg.com/tippy.js@6.3.7/dist/tippy-bundle.umd.min.js

Request Chain 3

https://unpkg.com/tippy.js@6/animations/scale.css HTTP 302
https://unpkg.com/tippy.js@6.3.7/animations/scale.css

Request Chain 82

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=15552&time=1636683933109&url=https%3A%2F%2Fwww.td.org%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D15552%26time%3D1636683933109%26url%3Dhttps%253A%252F%252Fwww.td.org%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=15552&time=1636683933109&url=https%3A%2F%2Fwww.td.org%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=15552&time=1636683933109&url=https%3A%2F%2Fwww.td.org%2F&liSync=true&e_ipv6=AQJmyKDJbbgfIAAAAX0R9ufPXiePMDnfXroMUf7qK_207xumhf4s2igy4v18V_Og1PQOk_Mv

Request Chain 90

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/975763705/?random=1800079026&cv=9&fst=1636683933176&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.td.org%2F&tiba=ATD%20%7C%20The%20World%27s%20Largest%20Talent%20Development%20Association&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=ndCNYdbBDNjXgQfP8qqIBw&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/975763705/?random=1800079026&cv=9&fst=1636683933176&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.td.org%2F&tiba=ATD%20%7C%20The%20World%27s%20Largest%20Talent%20Development%20Association&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=ndCNYdbBDNjXgQfP8qqIBw&cid=CAQSKQCNIrLMtPBml9_HFGmIhWeslgOKVj54vDL0Jm2pJlF-IZrCCsNcgxwl&random=24161062&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/975763705/?random=1800079026&cv=9&fst=1636683933176&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.td.org%2F&tiba=ATD%20%7C%20The%20World%27s%20Largest%20Talent%20Development%20Association&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=ndCNYdbBDNjXgQfP8qqIBw&cid=CAQSKQCNIrLMtPBml9_HFGmIhWeslgOKVj54vDL0Jm2pJlF-IZrCCsNcgxwl&random=24161062&resp=GooglemKTybQhCsO&ipr=y&prhg=0

133 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.td.org/
Redirect Chain

http://astd.org/
https://www.td.org/

217 KB
58 KB

85ms
25ms

Document
text/html

2606:4700:10::6816:4f93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.td.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4f93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Brightspot
Resource Hash: ea13469d1830c2857900e907446c214d67166e3377285f52439665d47aa9a12e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 12 Nov 2021 02:25:32 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
x-powered-by: Brightspot
cache-control: max-age=14400
cf-cache-status: HIT
age: 542
last-modified: Fri, 12 Nov 2021 02:16:30 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6acc4f71dbf1374e-MXP
content-encoding: gzip

Redirect headers

Location: https://www.td.org/
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
559 B 67ms
20ms Script
text/javascript 2a04:4e42:600::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=Array.prototype.find,Promise,Object.assign

Requested by

Host: www.td.org
URL: https://www.td.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 2651539
detected-user-agent: Chrome/95.0.4638
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length: 101
referrer-policy: origin-when-cross-origin
last-modified: Mon, 11 Oct 2021 22:58:33 GMT
date: Fri, 12 Nov 2021 02:25:32 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/95.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2

200

popper.min.js Show response
unpkg.com/@popperjs/core@2.10.2/dist/umd/
Redirect Chain

https://unpkg.com/@popperjs/core@2
https://unpkg.com/@popperjs/core@2.10.2
https://unpkg.com/@popperjs/core@2.10.2/dist/umd/popper.min.js

18 KB
7 KB

19ms
19ms

Script
application/javascript

2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@popperjs/core@2.10.2/dist/umd/popper.min.js

Requested by

Host: www.td.org
URL: https://www.td.org/

Protocol

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f395875eb5d58c5128c434812cd0a53d438b11536f7fd1577077d8a5c612e1fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:25:32 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3682920
fly-request-id: 01FGV73ZHM4SQTHNZT16CAYV42
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"496b-DsfKR3i6PMtNGxaICUcgg0++ntM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6acc4f728dc6c277-FRA

Redirect headers

date: Fri, 12 Nov 2021 02:25:32 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FGV73ZES16CJP63J8K6M2KKY
server: cloudflare
age: 3682920
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /@popperjs/core@2.10.2/dist/umd/popper.min.js
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6acc4f726dacc277-FRA
access-control-allow-origin: *

GET
H2

200

tippy-bundle.umd.min.js Show response
unpkg.com/tippy.js@6.3.7/dist/
Redirect Chain

https://unpkg.com/tippy.js@6
https://unpkg.com/tippy.js@6.3.7
https://unpkg.com/tippy.js@6.3.7/dist/tippy-bundle.umd.min.js

25 KB
9 KB

18ms
18ms

Script
application/javascript

2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/tippy.js@6.3.7/dist/tippy-bundle.umd.min.js

Requested by

Host: www.td.org
URL: https://www.td.org/

Protocol

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f0fe70eb26ccf28f6887a192e29d38dd7ef7c2f079a73304ad42ddc7bed37de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:25:32 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 154093
fly-request-id: 01FM4CF7H6898CWJAR3A35957R
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"6475-GJFZFDM34LwIzjC4uKWaXpNTNf4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6acc4f728dc2c277-FRA

Redirect headers

date: Fri, 12 Nov 2021 02:25:32 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FM4CF77PREAG2X0AA852G8ED
server: cloudflare
age: 154093
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /tippy.js@6.3.7/dist/tippy-bundle.umd.min.js
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6acc4f726da8c277-FRA
access-control-allow-origin: *

GET
H2

200

scale.css
unpkg.com/tippy.js@6.3.7/animations/
Redirect Chain

https://unpkg.com/tippy.js@6/animations/scale.css
https://unpkg.com/tippy.js@6.3.7/animations/scale.css

394 B
313 B

19ms
18ms

Stylesheet
text/css

2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/tippy.js@6.3.7/animations/scale.css

Requested by

Host: www.td.org
URL: https://www.td.org/

Protocol

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b41e379eb63cf215a52ae159f210dbe58ab9e6d9b3e84f6c908d3e80da7a3c14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:25:32 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 153407
fly-request-id: 01FM4D44SK4EGJ6G6S5KZ6R7N4
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"18a-uOya/8egEg2FQ/RlJGizYQt9zWA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6acc4f726db4c277-FRA

Redirect headers

date: Fri, 12 Nov 2021 02:25:32 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FM8ZD4XBHNE2VC760SEHYG1J
server: cloudflare
age: 20
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /tippy.js@6.3.7/animations/scale.css
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6acc4f724d95c277-FRA
access-control-allow-origin: *

GET
H2 200 All.min.dac687947a9f84295bac32653b813337.gz.js Show response
d19d5sz0wkl0lu.cloudfront.net/resource/styleguide/ 539 KB
151 KB 11ms
11ms Script
text/javascript 2600:9000:2156:5e00:1c:69b2:9480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d19d5sz0wkl0lu.cloudfront.net/resource/styleguide/All.min.dac687947a9f84295bac32653b813337.gz.js
Requested by: Host: www.td.org
URL: https://www.td.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5e00:1c:69b2:9480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a62a195b293cb64d2210b9ff1b3eb5bf4c0a3b93df529a53fa44f0c90561d082

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 19:23:26 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 18:33:56 GMT
server: AmazonS3
age: 4345327
etag: "0cf920818bbd06dc999622e34fea9f9b"
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 153706
x-amz-cf-id: FhGgbi8XTGN-jRgX_XDnBevXihnELWGqFA5GNUV3kRkpnwKch99a3Q==

GET
H2 200 All.min.69291f2dd274c487402551172ea31741.gz.css
d19d5sz0wkl0lu.cloudfront.net/resource/ 911 KB
133 KB 62ms
12ms Stylesheet
text/css 2600:9000:2156:5e00:1c:69b2:9480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d19d5sz0wkl0lu.cloudfront.net/resource/All.min.69291f2dd274c487402551172ea31741.gz.css
Requested by: Host: www.td.org
URL: https://www.td.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5e00:1c:69b2:9480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d6d0cbbd4b98e42144157dfca58e735ed256ea70f70483c26b2b5c365717a3b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 04:26:38 GMT
content-encoding: gzip
last-modified: Wed, 11 Aug 2021 18:04:14 GMT
server: AmazonS3
age: 6559135
etag: "2d7817861a8ba3fe850958d03a7da480"
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 135263
x-amz-cf-id: 6s6jP-lMMUDq2-URF2A31uLXYOcbpo4xsR3AS9pRSAPKoYjOg0pv6w==

GET
H2 200 Fonts.min.6264572058d535782fe7007b43c0076e.gz.css
d19d5sz0wkl0lu.cloudfront.net/resource/ 8 KB
2 KB 57ms
8ms Stylesheet
text/css 2600:9000:2156:5e00:1c:69b2:9480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d19d5sz0wkl0lu.cloudfront.net/resource/Fonts.min.6264572058d535782fe7007b43c0076e.gz.css
Requested by: Host: www.td.org
URL: https://www.td.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5e00:1c:69b2:9480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9bfb5242b9e81314450cf0e737906cc5fd97c54dbc8f024daabe64bc310b8b2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 05:46:27 GMT
content-encoding: gzip
last-modified: Thu, 25 Apr 2019 15:49:06 GMT
server: AmazonS3
age: 9664746
etag: "dc862fc682d104b438dc0ba86c1137e4"
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 1632
x-amz-cf-id: CrWcsXxQx7WrZZAez75QXAX9-gOR5fmoVmrsiIgvCKy8DUxbKcxavQ==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 54ms
15ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.td.org
URL: https://www.td.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

5f045a02ac49edc45abbfaf1b3c260c7ac7e0193456be4f1dc81b345c0d7a507

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1041 / 670 of 1000 / last-modified: 1636672001"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26943
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 12 Nov 2021 02:25:32 GMT

GET
H2 200 tdx.js Show response
d2suo6y6ick5ug.cloudfront.net/tdx/ 2 KB
2 KB 40ms
9ms Script
application/x-javascript 143.204.101.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2suo6y6ick5ug.cloudfront.net/tdx/tdx.js?v=1
Requested by: Host: www.td.org
URL: https://www.td.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-35.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e8258025a52d6a39d0e785515c413aaff00fccf50630654e0545907c28992530

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime: Thu, 26 Jan 2017 00:16:43 GMT
date: Thu, 11 Nov 2021 04:21:14 GMT
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
last-modified: Mon, 10 Apr 2017 20:37:09 GMT
server: AmazonS3
age: 79458
etag: "45eb137d6a5ffba1d53dbacf5a448a06"
x-cache: Hit from cloudfront
content-type: application/x-javascript
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 1875
x-amz-cf-id: 7TjqR0P4kMv9kYz0P8UBl7Mhk8S8MkP0ocia2DZfFNAfCaeCcNPawg==

GET
H/1.1 200
OK 2.190dfa08.chunk.css
s3.amazonaws.com/files.astd.org/public/static/css/ 9 KB
9 KB 427ms
125ms Stylesheet
text/css 52.216.138.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/files.astd.org/public/static/css/2.190dfa08.chunk.css
Requested by: Host: www.td.org
URL: https://www.td.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.138.149 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6808606f67ead23715cb9cb39b526193616113b8e5728b7ee36eb659bfc4f81a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 12 Nov 2021 02:25:33 GMT
Last-Modified: Fri, 12 Mar 2021 03:01:57 GMT
Server: AmazonS3
x-amz-request-id: KPZQDYMFDYQ5JDHG
ETag: "d5d6e84c9bb2f92342b116507f07c519"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 9354
x-amz-id-2: qWPJEVFKlB7cBeeMiJQ2Gq+dp5762c6nLFQcip6Hga+Q9U0FYDntGJJtR4V0y3HhflmkQKkg58M=

GET
H/1.1 200
OK 2.336f8669.chunk.js Show response
s3.amazonaws.com/files.astd.org/public/static/js/ 4 MB
4 MB 426ms
119ms Script
application/javascript 52.216.138.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/files.astd.org/public/static/js/2.336f8669.chunk.js
Requested by: Host: www.td.org
URL: https://www.td.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.138.149 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8c7787c3a784efd64314202ef49eb5a274825d80cfa8b0fcfe2039ca8f311e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 12 Nov 2021 02:25:33 GMT
Last-Modified: Thu, 07 Oct 2021 00:01:50 GMT
Server: AmazonS3
x-amz-request-id: KPZKGK1XHHJ1DATV
ETag: "063366b87bcc635ab04c9945ef8db8c0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 4209463
x-amz-id-2: CVlfdrDtrorSm1Vd7Cao0dxY4ctndMsO7VOjnanskdYd3jKgftuWfM8r9NKlQX76E/AsIRGlFLU=

GET
H/1.1 200
OK main.f034c2aa.chunk.js Show response
s3.amazonaws.com/files.astd.org/public/static/js/ 900 KB
900 KB 437ms
127ms Script
application/javascript 52.216.138.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/files.astd.org/public/static/js/main.f034c2aa.chunk.js
Requested by: Host: www.td.org
URL: https://www.td.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.138.149 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d14d183511e8d8ac1bf94246195e7ccd3ca0c4ae4e9bff44e8c22c2474ed0077

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 12 Nov 2021 02:25:33 GMT
Last-Modified: Thu, 07 Oct 2021 00:02:04 GMT
Server: AmazonS3
x-amz-request-id: KPZSVEW1M5G5VJC9
ETag: "bf6248923cbaf61eb75c916df6e1ef47"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 921196
x-amz-id-2: MuJeQ0UcS+O48ucRtw/FTGUUT/ebPqQCD2KyQTWcG4eeeFKU1Nf/KRJUqvF7G5IJofG43DGd14g=

GET
H/1.1 200
OK 28b2b89e-035b-4e87-b252-b4a0507f42e0.js Show response
optanon.blob.core.windows.net/consent/ 119 KB
19 KB 141ms
36ms Script
application/x-javascript 52.239.137.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://optanon.blob.core.windows.net/consent/28b2b89e-035b-4e87-b252-b4a0507f42e0.js
Requested by: Host: www.td.org
URL: https://www.td.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.137.4 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 74c26e537842a63c8b131702b446c6c5f0f4bc022703a4df1494113812b73335

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 12 Nov 2021 02:25:32 GMT
Content-Encoding: GZIP
Last-Modified: Thu, 18 Jul 2019 17:54:56 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: Gk8rAQCspWLdzkiJoHUCtg==
ETag: 0x8D70BA90B76DC06
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
x-ms-request-id: 0aef931b-501e-010e-706c-d772b8000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control: public, max-age=14400
x-ms-version: 2009-09-19
Content-Length: 18339

GET
H2 200 analytics.js Show response
www.td.org/styleguide/ 2 KB
846 B 422ms
421ms Script
application/javascript 2606:4700:10::6816:4f93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.td.org/styleguide/analytics.js
Requested by: Host: www.td.org
URL: https://www.td.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4f93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Brightspot
Resource Hash: ef7980c585421d1ea00766e57b4ee23676823bebf4c5619e8779d8e5ad481987

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:25:32 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Wed, 22 Sep 2021 02:06:04 GMT
server: cloudflare
x-powered-by: Brightspot
etag: W/"2058-1632276364000-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6acc4f723c29374e-MXP
content-length: 697

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 34ms
7ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.td.org
URL: https://www.td.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1466
date: Fri, 12 Nov 2021 02:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 12 Nov 2021 04:01:06 GMT

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/HhXyk4KyVPvMC91PoiL7lYfhT5W0lRwK/ 89 KB
25 KB 232ms
177ms Script
text/javascript 143.204.99.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/HhXyk4KyVPvMC91PoiL7lYfhT5W0lRwK/analytics.min.js
Requested by: Host: www.td.org
URL: https://www.td.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.99.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-99-83.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 810e25ccf5444427aeaf905afc9fc0ad24eeccbb4bc22de7c3572a978a772a77

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: hFzwziRSIxcdMG4BU3B4ONdGA8lEqbOA
content-encoding: gzip
etag: W/"4ea2478c1478d2ac1b56c876bd915cab"
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Wed, 10 Nov 2021 06:54:30 GMT
server: AmazonS3
date: Fri, 12 Nov 2021 02:25:33 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-id: 2dxhQPv4s3Zs3STtmEqDp7uk6Fx6XmRXxpH62jPjHQbtuzLrHNp5sw==

GET
H2 200 fsa.js Show response
analytics.formstack.com/js/ 53 KB
13 KB 61ms
9ms Script
application/javascript 2600:9000:2156:6600:6:4f98:bc40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.formstack.com/js/fsa.js
Requested by: Host: www.td.org
URL: https://www.td.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6600:6:4f98:bc40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3932e62b4ca1e14d91eaeff13bc9b5c8519b08083bd2f6748fd44877693f526

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 01:46:23 GMT
content-encoding: gzip
last-modified: Tue, 17 Apr 2018 16:12:22 GMT
server: AmazonS3
age: 3032
etag: W/"b33155f4d362b9a36ea18bee95c0797a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: dz89r9QvVehsqdbiz8-hB_T6RtGD1LKcreE7UxKw0V5lQ7eAfM5yxg==

GET
H2 200 whitneyhtf-semibold-webfont.2f36b63fdb78ec8fd5fa136211653889.woff
d19d5sz0wkl0lu.cloudfront.net/resource/styleguide/fonts/ 24 KB
25 KB 34ms
14ms Font
application/x-font-woff 2600:9000:2156:5e00:1c:69b2:9480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d19d5sz0wkl0lu.cloudfront.net/resource/styleguide/fonts/whitneyhtf-semibold-webfont.2f36b63fdb78ec8fd5fa136211653889.woff
Requested by: Host: d19d5sz0wkl0lu.cloudfront.net
URL: https://d19d5sz0wkl0lu.cloudfront.net/resource/All.min.69291f2dd274c487402551172ea31741.gz.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5e00:1c:69b2:9480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 528d1ff7a7d47780f4bf0ab28b55aa1f0dca82343a2b45fe4aead20af63f7499

Request headers

Referer: https://d19d5sz0wkl0lu.cloudfront.net/resource/All.min.69291f2dd274c487402551172ea31741.gz.css
Origin: https://www.td.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 19:06:46 GMT
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
vary: Origin
age: 13504727
x-cache: Hit from cloudfront
content-length: 25072
last-modified: Thu, 25 Apr 2019 15:49:05 GMT
server: AmazonS3
etag: "42a32408fa31bca091133959c2be3fdd"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 6Dnef-ZH6gq3L_SL0n5Oci3H-W2b_RnGybSA7h5sXF2A7OxV1b5xCw==

GET
H2 200 whitneyhtf-medium-webfont.dc3291ff0cd974e144bf1ec6f26ff046.woff
d19d5sz0wkl0lu.cloudfront.net/resource/styleguide/fonts/ 24 KB
25 KB 37ms
18ms Font
application/x-font-woff 2600:9000:2156:5e00:1c:69b2:9480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d19d5sz0wkl0lu.cloudfront.net/resource/styleguide/fonts/whitneyhtf-medium-webfont.dc3291ff0cd974e144bf1ec6f26ff046.woff
Requested by: Host: d19d5sz0wkl0lu.cloudfront.net
URL: https://d19d5sz0wkl0lu.cloudfront.net/resource/All.min.69291f2dd274c487402551172ea31741.gz.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5e00:1c:69b2:9480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4736a9f0dc07755d17719c58453b8d01c6dd4fa1efaf6e718fe15135cfe8794c

Request headers

Referer: https://d19d5sz0wkl0lu.cloudfront.net/resource/All.min.69291f2dd274c487402551172ea31741.gz.css
Origin: https://www.td.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 19:06:46 GMT
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
vary: Origin
age: 13504727
x-cache: Hit from cloudfront
content-length: 24648
last-modified: Thu, 25 Apr 2019 15:49:04 GMT
server: AmazonS3
etag: "f7268416af3e461938aec4a178a1371a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: tXvAeNs8Osmd-xIE1ofVUo_-HjCjkkiz_crrzCskhL7X5kR1iXIrcQ==

GET
H2 200 whitneyhtf-book-webfont.ce7699bbf0efdd51f8938bc47963b47d.woff
d19d5sz0wkl0lu.cloudfront.net/resource/styleguide/fonts/ 24 KB
24 KB 40ms
21ms Font
application/x-font-woff 2600:9000:2156:5e00:1c:69b2:9480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d19d5sz0wkl0lu.cloudfront.net/resource/styleguide/fonts/whitneyhtf-book-webfont.ce7699bbf0efdd51f8938bc47963b47d.woff
Requested by: Host: d19d5sz0wkl0lu.cloudfront.net
URL: https://d19d5sz0wkl0lu.cloudfront.net/resource/All.min.69291f2dd274c487402551172ea31741.gz.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5e00:1c:69b2:9480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e1ccde1698c49dad6c2cbae7d1c8187a42268ccb80387a5bf3561f90f0bba488

Request headers

Referer: https://d19d5sz0wkl0lu.cloudfront.net/resource/All.min.69291f2dd274c487402551172ea31741.gz.css
Origin: https://www.td.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 19:06:46 GMT
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
vary: Origin
age: 13504727
x-cache: Hit from cloudfront
content-length: 24448
last-modified: Thu, 25 Apr 2019 15:49:03 GMT
server: AmazonS3
etag: "101ad7dc3ff4b8826b944f54468fada5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: DPtlcGO-ikQKCLAQJjA8AUQZ2__okKWjTY8VWZOZsSlfyyTYUx29WQ==

GET
H2 200 whitneyhtf-bold-webfont.98775f3e97dd10a76916e4fec41ba5f3.woff
d19d5sz0wkl0lu.cloudfront.net/resource/styleguide/fonts/ 25 KB
25 KB 42ms
23ms Font
application/x-font-woff 2600:9000:2156:5e00:1c:69b2:9480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d19d5sz0wkl0lu.cloudfront.net/resource/styleguide/fonts/whitneyhtf-bold-webfont.98775f3e97dd10a76916e4fec41ba5f3.woff
Requested by: Host: d19d5sz0wkl0lu.cloudfront.net
URL: https://d19d5sz0wkl0lu.cloudfront.net/resource/All.min.69291f2dd274c487402551172ea31741.gz.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5e00:1c:69b2:9480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31d82c559174131618f95648c26d1b5e6095ae5fa5f6b984eba8cd76fe765259

Request headers

Referer: https://d19d5sz0wkl0lu.cloudfront.net/resource/All.min.69291f2dd274c487402551172ea31741.gz.css
Origin: https://www.td.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 03:01:13 GMT
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
vary: Origin
age: 23930660
x-cache: Hit from cloudfront
content-length: 25436
last-modified: Thu, 25 Apr 2019 15:49:03 GMT
server: AmazonS3
etag: "df28312f072c9fc701322096f83fcbc9"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: PJxGML8EdxRCYh8zOS8TbbjqEmYTHvjzRkcZg1LhWBFVzJoEuGi0yg==

GET
H2 200 icomoon.4559408e67be4308a4386e9207a9fec0.ttf
d19d5sz0wkl0lu.cloudfront.net/resource/styleguide/fonts/ 27 KB
9 KB 28ms
9ms Font
application/x-font-ttf 2600:9000:2156:5e00:1c:69b2:9480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d19d5sz0wkl0lu.cloudfront.net/resource/styleguide/fonts/icomoon.4559408e67be4308a4386e9207a9fec0.ttf?7gh8zs
Requested by: Host: d19d5sz0wkl0lu.cloudfront.net
URL: https://d19d5sz0wkl0lu.cloudfront.net/resource/All.min.69291f2dd274c487402551172ea31741.gz.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5e00:1c:69b2:9480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a80f59974c5ccd387deec03610ed74dca814b0b9b42154efc24b763baf41ab25

Request headers

Referer: https://d19d5sz0wkl0lu.cloudfront.net/resource/All.min.69291f2dd274c487402551172ea31741.gz.css
Origin: https://www.td.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 04:26:40 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 6559133
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 25 Apr 2019 15:47:46 GMT
server: AmazonS3
etag: W/"7d61ac0763ae90ea8bc89fdde38810a4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-font-ttf
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: krE_3mbQ4QYCALne3bx_bv1GcquSEx6uq4uoXubXd-_umTKeihRplw==

GET
H2 200 hotjar-338957.js Show response
static.hotjar.com/c/ 8 KB
3 KB 89ms
44ms Script
application/javascript 143.204.98.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-338957.js?sv=6

Requested by

Host: www.td.org
URL: https://www.td.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-93.fra50.r.cloudfront.net

Software

Resource Hash

51f0fcf2f2562dc8ab3e58a0ca388bc4b033adc36f2a7efcb51f0b25e5ba5b6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA50-C1
etag: W/190ef8718acbf49ab1df6272382eeaa7
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 3D4qXpCsOEDtVMZF_0wr6PUlHnatDeliXsEIyREVTef32nxtm7zCvA==
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)

GET
H2 200 /
d19d5sz0wkl0lu.cloudfront.net/dims4/default/f39a4f8/2147483647/brightness/-16x0/brightness/0x3/thumbnail/720x250%3E/quality/90/ 7 KB
7 KB 10ms
10ms Image
image/jpeg 2600:9000:2156:5e00:1c:69b2:9480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d19d5sz0wkl0lu.cloudfront.net/dims4/default/f39a4f8/2147483647/brightness/-16x0/brightness/0x3/thumbnail/720x250%3E/quality/90/?url=https%3A%2F%2Fatd-brightspot.s3.amazonaws.com%2Fef%2F89%2Ff4e859044150b4c5ebc9df3979a7%2Fmary-free-bed-rehabilitation-hospital-textured-background-orange-gradient.jpg
Requested by: Host: www.td.org
URL: https://www.td.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5e00:1c:69b2:9480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: a4ddb19a724fe9ddb3ef72c31d2eea21840f495220dc653909340b8cd70692c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 20:34:37 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: Apache
age: 2353854
etag: 0cc7a86dc77d6478dcb0f1cc6afc536a
x-cache: Hit from cloudfront
content-type: image/jpeg
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA50-C1
x-robots-tag: nofollow
content-length: 7148
x-amz-cf-id: gSDWqD7Z1UTeQ2NdSn39mYJefElC6Esogt4ZxyVGbaV3f4wTaHMu0g==
expires: Sat, 15 Oct 2022 20:34:38 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 01:49:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2186
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 12 Nov 2021 02:49:06 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:10:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 915
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 12 Nov 2021 03:10:17 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 97 KB
38 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-TQBJLSN&cid=491276104.1636683933

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

74fb6fd562fa0fbbd20a46d709187a3bf572b52fa071c2a4f8482f864bc1a0d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:25:32 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38240
x-xss-protection: 0
expires: Fri, 12 Nov 2021 02:25:32 GMT

GET
H2 200 pubads_impl_2021110901.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 15ms
15ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

290cb5d09439fb608eeeb01483d09a76d15f0056e3ff581a1a3d645f5ce9fb21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118212
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 09:34:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 12 Nov 2021 02:25:32 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 29 B
69 B 31ms
16ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.td.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

1564be87420b33b11c47cf2b30d816bfc5735397b5f82a3d0916b05ea17a6e1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Nov 2021 02:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45
x-xss-protection: 0
expires: Fri, 12 Nov 2021 02:25:32 GMT

GET
H2 200 modules.dad547d55d09325865c9.js Show response
script.hotjar.com/ 224 KB
59 KB 40ms
9ms Script
application/javascript 143.204.98.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.dad547d55d09325865c9.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-338957.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-33.fra50.r.cloudfront.net

Software

Resource Hash

d9ebe24a565a41a87adc5de5b4c0e8ca3d478af54d64d315c32ad0425ce991ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 17:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 118766
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 60319
access-control-allow-origin: *
last-modified: Wed, 10 Nov 2021 17:25:15 GMT
etag: "20ec4d522a02fcf0254cd43ea667f540"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: t6aEqwrMBZI7v4lqmYp5kUkIQIoG4Ja60oGhSlTJQpBgCG0bJw_zGw==

GET
H2 200 /
d19d5sz0wkl0lu.cloudfront.net/dims4/default/6b733f9/2147483647/thumbnail/720x405%3E/quality/90/ 32 KB
33 KB 11ms
10ms Image
image/jpeg 2600:9000:2156:5e00:1c:69b2:9480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d19d5sz0wkl0lu.cloudfront.net/dims4/default/6b733f9/2147483647/thumbnail/720x405%3E/quality/90/?url=https%3A%2F%2Fatd-brightspot.s3.amazonaws.com%2F4e%2F44%2F76d6a027487ca9c8921360092567%2Fnong-vang-9pw4tkvt3po-unsplash.jpg
Requested by: Host: www.td.org
URL: https://www.td.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5e00:1c:69b2:9480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 93a9d9d5a4ab5dcdb27f996468a6d5f09b7d4a4d784aadbf95ffd69809740566

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 15:46:37 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: Apache
age: 124735
etag: eb837cb8cb3816ffba50af7908efad5e
x-cache: Hit from cloudfront
content-type: image/jpeg
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA50-C1
x-robots-tag: nofollow
content-length: 33176
x-amz-cf-id: tMCW5lPfy5QBBDfhM4TCKZUv7xvf5OHDOerfpBNQ6lAQqGtvjQqbjg==
expires: Thu, 10 Nov 2022 15:46:37 GMT

GET
H2 200 /
d19d5sz0wkl0lu.cloudfront.net/dims4/default/86d4562/2147483647/thumbnail/210x120%3E/quality/90/ 33 KB
33 KB 12ms
11ms Image
image/png 2600:9000:2156:5e00:1c:69b2:9480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d19d5sz0wkl0lu.cloudfront.net/dims4/default/86d4562/2147483647/thumbnail/210x120%3E/quality/90/?url=https%3A%2F%2Fatd-brightspot.s3.amazonaws.com%2F97%2Fab%2Ff7f2ee2e4012ad8c8e95bd104013%2F1139-thumb-2.png
Requested by: Host: www.td.org
URL: https://www.td.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5e00:1c:69b2:9480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 0915fb8fdb9fdb4aba717bb0112ddd88196770320825c5c05e115e99ad4ff29b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 15:46:37 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: Apache
age: 124735
etag: 9ba09dfb3254dca7c173cec4bcbcbb6e
x-cache: Hit from cloudfront
content-type: image/png
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA50-C1
x-robots-tag: nofollow
content-length: 33481
x-amz-cf-id: N_iUWr49xd7gVTxWvmeQDHJyLJY3_CQRRAQMzXAcyj95m383d1DxSA==
expires: Thu, 10 Nov 2022 15:46:37 GMT

GET
H2 200 /
d19d5sz0wkl0lu.cloudfront.net/dims4/default/cccfef4/2147483647/thumbnail/210x120%3E/quality/90/ 9 KB
9 KB 10ms
9ms Image
image/jpeg 2600:9000:2156:5e00:1c:69b2:9480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d19d5sz0wkl0lu.cloudfront.net/dims4/default/cccfef4/2147483647/thumbnail/210x120%3E/quality/90/?url=https%3A%2F%2Fatd-brightspot.s3.amazonaws.com%2F68%2Ff2%2F82f84b0e4026829b37fc4bd6aff2%2F1-017lic2-xgrt45gyldcmmw.jpeg
Requested by: Host: www.td.org
URL: https://www.td.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5e00:1c:69b2:9480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 53682d5e13eeda49ac7d909151825a7ace02687f08e670d8d92e4b24f338f74f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 18:17:14 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: Apache
age: 202098
etag: d5f6e70fa4171e053061c9d3744fe478
x-cache: Hit from cloudfront
content-type: image/jpeg
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA50-C1
x-robots-tag: nofollow
content-length: 8852
x-amz-cf-id: vbPNhQJebyVhdxSdCqAzt7m1m0a8C1SCJ1HUDiiMqO6AapH0nQIrCg==
expires: Wed, 09 Nov 2022 18:17:14 GMT

GET
H2 200 /
d19d5sz0wkl0lu.cloudfront.net/dims4/default/c448862/2147483647/crop/1400x800%2B88%2B0/resize/210x120%3E/quality/90/ 6 KB
7 KB 11ms
10ms Image
image/jpeg 2600:9000:2156:5e00:1c:69b2:9480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d19d5sz0wkl0lu.cloudfront.net/dims4/default/c448862/2147483647/crop/1400x800%2B88%2B0/resize/210x120%3E/quality/90/?url=https%3A%2F%2Fatd-brightspot.s3.amazonaws.com%2F4f%2Fd6%2Fd6c2a32f40e8853e8d08821a0076%2Fsotd3snapshot-fall21-ctdo.jpg
Requested by: Host: www.td.org
URL: https://www.td.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5e00:1c:69b2:9480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 100ee80fed6ae64ba04a7067d73e92b4d9988d07f25dc311220572ddb26a4a2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 19:55:28 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: Apache
age: 282604
etag: d49f7d4f277ee80e0af8749255490524
x-cache: Hit from cloudfront
content-type: image/jpeg
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA50-C1
x-robots-tag: nofollow
content-length: 6423
x-amz-cf-id: z-3Uw16GbZ19bjalsMq9VhPMaVf6qNvE3kNIOUgWFKEiLWabLvkUYg==
expires: Tue, 08 Nov 2022 19:55:28 GMT

GET
H2 200 /
d19d5sz0wkl0lu.cloudfront.net/dims4/default/8ebf483/2147483647/thumbnail/210x120%3E/quality/90/ 11 KB
11 KB 15ms
14ms Image
image/jpeg 2600:9000:2156:5e00:1c:69b2:9480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d19d5sz0wkl0lu.cloudfront.net/dims4/default/8ebf483/2147483647/thumbnail/210x120%3E/quality/90/?url=https%3A%2F%2Fatd-brightspot.s3.amazonaws.com%2Fa7%2F82%2F806d9ffd46d99e7965a9269b7c9d%2Fweb-design-concept-outlining-page-flow.jpeg
Requested by: Host: www.td.org
URL: https://www.td.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5e00:1c:69b2:9480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 6eda1593a088e77f6f338561b24051361c702f9046c8d3154450619fbacc925e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 12:34:13 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: Apache
age: 309079
etag: 98b0df7822663e134be953d256cc4cb9
x-cache: Hit from cloudfront
content-type: image/jpeg
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA50-C1
x-robots-tag: nofollow
content-length: 11115
x-amz-cf-id: b9wdp11y109BmScCqpNk9Me_gEZ-nB_c9ex20tm_YcVegrJGFzGCgg==
expires: Tue, 08 Nov 2022 12:34:13 GMT

GET
H2 200 /
d19d5sz0wkl0lu.cloudfront.net/dims4/default/9dad7ab/2147483647/thumbnail/720x405%3E/quality/90/ 49 KB
49 KB 16ms
15ms Image
image/jpeg 2600:9000:2156:5e00:1c:69b2:9480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d19d5sz0wkl0lu.cloudfront.net/dims4/default/9dad7ab/2147483647/thumbnail/720x405%3E/quality/90/?url=https%3A%2F%2Fatd-brightspot.s3.amazonaws.com%2F96%2F8c%2Fda4830394f3dba34ae417fc90f73%2F492856480-ci-brandawareness-ads-720x405-2.jpg
Requested by: Host: www.td.org
URL: https://www.td.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5e00:1c:69b2:9480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 4cb2c4a73e816ed4cc66bd87a862b7240c5dc6f790039d31a1129dd9144a5c8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 18:09:47 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: Apache
age: 288945
etag: e0ea760eaa48d66b90de9de2b6f4a70b
x-cache: Hit from cloudfront
content-type: image/jpeg
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA50-C1
x-robots-tag: nofollow
content-length: 49684
x-amz-cf-id: pq3pIPBCyhuT19dUZoc-PE-sEQoQPgamLZOzbI7paAVQWw4kU9pE8g==
expires: Tue, 08 Nov 2022 18:09:47 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
179 B 14ms
14ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=61405059&t=pageview&_s=1&dl=https%3A%2F%2Fwww.td.org%2F&ul=en-us&de=UTF-8&dt=ATD%20%7C%20The%20World%27s%20Largest%20Talent%20Development%20Association&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBACEIrRAAAAC~&jid=1873628207&gjid=958502188&cid=491276104.1636683933&uid=6B5FBC6E1E3442C59C994139D7E22496&tid=UA-27831435-1&_gid=1601211623.1636683933&_r=1&_slc=1&cd6=6B5FBC6E1E3442C59C994139D7E22496&cd4=false&cd7=0000015b-aac3-dcc7-ab5b-bee3e4cb0000&cd13=02%2F14%2F2020&z=1885764159

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.td.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 02:25:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.td.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 79ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.td.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Nov 2021 02:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 52ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.td.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Nov 2021 02:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
19 KB 56ms
56ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1076673873431236&correlator=1307217650153349&output=ldjh&impl=fif&hxva=1&scor=4117600193129995&eid=31063704%2C44754276%2C31062931&vrg=2021110901&ptt=17&sc=1&sfv=1-0-38&ecs=20211112&iu_parts=14020868%2CATD_Super_Leaderboard&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&prev_scp=logged_in%3DN%26templateid%3DHome%2520Page%26pageid%3D0000015b-aac3-dcc7-ab5b-bee3e4cb0000&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1636683390&dt=1636683932796&dlt=1636683932476&idt=294&frm=20&biw=1600&bih=1200&oid=2&adxs=230&adys=620&adks=4115206101&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.td.org%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1140x30&msz=1140x0&ga_vid=491276104.1636683933&ga_sid=1636683933&ga_hid=61405059&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

b46c99b0ab99ea411bb99b8b17ed07ed74c5e40ba005b886c614b5a536652917

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
x-xss-protection: 0
google-lineitem-id: 5824369647
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138370172266
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.td.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
16 KB 52ms
51ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1076673873431236&correlator=4126858138006450&output=ldjh&impl=fif&hxva=1&scor=4117600193129995&eid=31063704%2C44754276%2C31062931&vrg=2021110901&ptt=17&sc=1&sfv=1-0-38&ecs=20211112&iu_parts=14020868%2CATD_Video_Super_Leaderboard&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&prev_scp=logged_in%3DN%26templateid%3DHome%2520Page%26pageid%3D0000015b-aac3-dcc7-ab5b-bee3e4cb0000&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1636683390&dt=1636683932801&dlt=1636683932476&idt=294&frm=20&biw=1600&bih=1200&oid=2&adxs=230&adys=2086&adks=1028915960&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.td.org%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1140x30&msz=1140x0&ga_vid=491276104.1636683933&ga_sid=1636683933&ga_hid=61405059&ga_fc=true&fws=4&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

65b71260aaf2902a4bedc0408a564fd6ebb5bbde78a9867b38bfa709dcc2c24e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16029
x-xss-protection: 0
google-lineitem-id: 5822696088
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138361309395
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.td.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
31791c57abdf2cfd3457cbea44eea327.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8DF3 6 KB
4 KB 69ms
14ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://31791c57abdf2cfd3457cbea44eea327.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 12 Nov 2021 02:25:32 GMT
expires: Sat, 12 Nov 2022 02:25:32 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 61ms
19ms XHR
text/plain 2a00:1450:400c:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-27831435-1&cid=491276104.1636683933&jid=1873628207&uid=6B5FBC6E1E3442C59C994139D7E22496&gjid=958502188&_gid=1601211623.1636683933&_u=aGBACEIqRAAAAC~&z=42243752

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c03::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.td.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 12 Nov 2021 02:25:32 GMT
content-type: text/plain
access-control-allow-origin: https://www.td.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/HhXyk4KyVPvMC91PoiL7lYfhT5W0lRwK/ 10 KB
4 KB 27ms
11ms XHR
application/json 143.204.99.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/HhXyk4KyVPvMC91PoiL7lYfhT5W0lRwK/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HhXyk4KyVPvMC91PoiL7lYfhT5W0lRwK/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.99.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-99-83.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c4d1097235e3d62bdc801199ce2e2a78d72c8ec112952e9b7ccb348f2f3015fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: xETZT2hEBDt.f23HGdEEoiEMRS5ZzyTE
content-encoding: gzip
etag: W/"61c0bf2b6caa558985964902c8138c2f"
age: 1275
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Tue, 02 Nov 2021 15:01:43 GMT
server: AmazonS3
date: Fri, 12 Nov 2021 02:04:18 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: public, max-age=10800
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ekDHOamlz28o_qExm7BbCLgX3Dw_1wPr_4MQMWktN3cGg1Hr90L0Pg==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 13AA 0
0 43ms
43ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZiAArTat7Rbp1ET_lnyQOSZAVoOWdUqS7x7b6JxZCLF6FTXlLE6gXqajQDaQjUI_OdWK5VtufUhMLepX-DiE9DL8UQnau2HSBOGuegwn3R3B1sNjqTb84XBcXcV5ODaU4293SwMKBSLhgTK7el3zGxU_maqRx1a4ue1LWgl80rdbWmfZfn49BYhpbkAkodZRSjMaPbFk4KqhRBJg4e4tQuMWefhopH3x3odgvViuuh2Oe7yzleCjf7YDtBGk1WzM0t4bvUdyB9QlwO6YJ5LZn4rEbdisIKoiMgd_eaoTUGcYE0GfWC9EnWqB9wYn0_ffANw&sai=AMfl-YQYg3K8iP76p5Wcv0wxOd0r6kZvi9k_jZxQ1mx6WIAoJyLOqGgKoKGbxbwBmReqJzqrIzr6dPm32YgimcJOw9oboddL45WrT7wnvpQY5VmRAA3FZmYg-HY98Qft44w&sig=Cg0ArKJSzLDb8CwuJa50EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.td.org
URL: https://www.td.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Nov 2021 02:25:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 12 Nov 2021 02:25:32 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame 13AA 19 KB
8 KB 62ms
5ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:12:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 768
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7882
x-xss-protection: 0
server: cafe
etag: 2787528384799239804
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 02:12:44 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 13AA 2 KB
1 KB 67ms
11ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 01:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1963
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 01:52:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 13AA 119 KB
37 KB 49ms
26ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 12 Nov 2021 02:25:32 GMT

GET
H2 200 13826443355365288789
tpc.googlesyndication.com/simgad/ Frame 13AA 75 KB
75 KB 67ms
11ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13826443355365288789

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

453ceca4cb76352b2bb70f1fe11d9d56e2c0ffd75e10b350f8c59d7955ba3e16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 14:03:31 GMT
x-content-type-options: nosniff
age: 130921
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76299
x-xss-protection: 0
last-modified: Fri, 28 May 2021 17:31:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 10 Nov 2022 14:03:31 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 817B 0
0 65ms
65ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssW9tVeSF80ogvbBFmvCgGtzzTwztIII0ijgarE3SL3HcsglX-2OVE0V4k5bp7RhEJeXIDfDwG_4pVy5WeJVdSuOGnLy7aDR4FeDfn6L8qrDA6Ayg6szFfgTCPT2c9r7nkKAJK2-Q7zxTd4i_EsoHp8tVXBue4S7du3vJFBDv02MDHRA52-RzQsMdvxcZtWToAg8ejbY5G3ZQBB2C7nQPg8R9k7HAlDg8vRfUxmUs0F-9tWHX-v0mPEkQpGlUinHQb2YwDckPanJgb8QYvy5JfMpq__0SuSHhdRHlJATrasBaGsbuWC9pMiq4BzlQ&sai=AMfl-YRP61uNKiBSjxBhjgQl9hSnxzANxwBZjvdS_vFA-GFS_0xfebcVusgRFRMZbFvHQAStgy-Ea2MUrxDuHDFIoFynkm3_N3SbZenSI2YATnqD3z-wRD9Q2rtc43RNEW4&sig=Cg0ArKJSzA6SQeHv0WUDEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.td.org
URL: https://www.td.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Nov 2021 02:25:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 12 Nov 2021 02:25:32 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame 817B 19 KB
8 KB 53ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:12:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 768
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7882
x-xss-protection: 0
server: cafe
etag: 2787528384799239804
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 02:12:44 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 817B 2 KB
1 KB 55ms
11ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 01:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1963
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 01:52:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 817B 119 KB
36 KB 45ms
34ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 12 Nov 2021 02:25:32 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 817B 0
0 39ms
15ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSbM0oEclyM3v5QH79srszqDjAGhLpXjMOLdOnzz01d9lc6_9VfsLls7ueCtlHsZwQw00B6A4B4BbkCHZiUk552Emsx3Q
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 6820019169901254601
tpc.googlesyndication.com/simgad/ Frame 817B 74 KB
74 KB 60ms
16ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6820019169901254601

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e09406c4489f5b31f50d9e94da0b254121bf0bdb9e079c82d53a8734ac7cc321

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:47:25 GMT
x-content-type-options: nosniff
age: 196687
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75791
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 18:44:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 09 Nov 2022 19:47:25 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
324 B 41ms
20ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-27831435-1&cid=491276104.1636683933&jid=1873628207&_u=aGBACEIqRAAAAC~&z=687857446

Requested by

Host: www.td.org
URL: https://www.td.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 02:25:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 42ms
20ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-27831435-1&cid=491276104.1636683933&jid=1873628207&_u=aGBACEIqRAAAAC~&z=687857446

Requested by

Host: www.td.org
URL: https://www.td.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 02:25:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 130.bundle.55742ac9337d9e12bdd6.js Show response
cdn.segment.com/analytics-next/bundles/ 10 KB
4 KB 7ms
7ms Script
application/javascript 143.204.99.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/130.bundle.55742ac9337d9e12bdd6.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HhXyk4KyVPvMC91PoiL7lYfhT5W0lRwK/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.99.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-99-83.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 98cfbc4941d976520dde0a548b87b499e1c0454f9bc38aeb581b9e13b1e219a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 02:42:05 GMT
content-encoding: br
vary: Accept-Encoding
age: 1122208
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Fri, 29 Oct 2021 23:16:36 GMT
server: AmazonS3
etag: W/"c32e07e36ae390e42c9cea85fcb9bb33"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: UvSxvdHgsDlPO8OsHFG8aObTtbAtOVjt
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: Lghod33hAq74it2k2VhlPOsTeLQ8tCxZld93bc_OVujiTrFtMmfv5w==

GET
H2 200 ajs-destination.bundle.36b90a11867ae217be52.js Show response
cdn.segment.com/analytics-next/bundles/ 10 KB
3 KB 8ms
8ms Script
application/javascript 143.204.99.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.36b90a11867ae217be52.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HhXyk4KyVPvMC91PoiL7lYfhT5W0lRwK/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.99.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-99-83.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4397a57f8357b3b0371c6df32a62b87eaa43218c42fa538fb34980bfb0b20a78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 11:40:37 GMT
content-encoding: br
vary: Accept-Encoding
age: 830696
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Fri, 29 Oct 2021 23:16:36 GMT
server: AmazonS3
etag: W/"605f393e8c3fbadf09528d469743232e"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: FjBsbHA.8FN2h5.3COmnYMKZvuK7a99Y
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: juVjHaDbnMRxqNqVR4R-lzHujrx3a9inks1Yp4LLRfd_yfSRKm6KGg==

GET
H2 200 linkedin-insight-tag.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/linkedin-insight-tag/1.0.1/ 2 KB
2 KB 8ms
8ms Script
application/javascript 143.204.99.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/linkedin-insight-tag/1.0.1/linkedin-insight-tag.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HhXyk4KyVPvMC91PoiL7lYfhT5W0lRwK/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.99.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-99-83.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2bd6628e4b4023608f91392be7d69fbe287d178db35745fe031adedf8d85f877

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 23:25:03 GMT
content-encoding: gzip
age: 3380430
x-cache: Hit from cloudfront
content-length: 1064
access-control-allow-origin: *
last-modified: Tue, 28 Sep 2021 23:16:38 GMT
server: AmazonS3
etag: "b13fc6c7039dc583c45f61feb378c0f4"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: Wnd16IGD2d8CoQ9J_07_lEfvFK13STcz
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: SbLBjy1DMG2LFm6C48cvYjcPyFEEY4IrkGmH0Ka58pg2ibMhYEieWA==

GET
H2 200 appboy.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/appboy/1.16.1/ 18 KB
5 KB 9ms
9ms Script
application/javascript 143.204.99.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/appboy/1.16.1/appboy.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HhXyk4KyVPvMC91PoiL7lYfhT5W0lRwK/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.99.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-99-83.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06f66f419a7bd47d642fe40cee02fea6e5d10023f2b7ba696e4695888c5190b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 23:19:08 GMT
content-encoding: gzip
age: 3639984
x-cache: Hit from cloudfront
content-length: 4668
access-control-allow-origin: *
last-modified: Tue, 28 Sep 2021 23:16:38 GMT
server: AmazonS3
etag: "f363c9d8c56a6cd41d7d1ddc59ff3f96"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: AKe0cEO6.IyqnPL9sOJSq9q_Gcvpa9M6
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: QxXLQW8bj2ySlEJpVrThQgGZemYJdTEDCNq554yg6TbfmA7EF_0C_g==

GET
H2 200 adwords.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/adwords/2.5.3/ 4 KB
2 KB 8ms
7ms Script
application/javascript 143.204.99.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/adwords/2.5.3/adwords.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HhXyk4KyVPvMC91PoiL7lYfhT5W0lRwK/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.99.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-99-83.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c29a52c564bef2d326c8723396c01258f2d4ed22b85af4c5de81de5ee18180ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 22:27:57 GMT
content-encoding: gzip
age: 13924656
x-cache: Hit from cloudfront
content-length: 1356
access-control-allow-origin: *
last-modified: Thu, 03 Jun 2021 21:05:54 GMT
server: AmazonS3
etag: "fd94a496d6261d96c2a0a8a3d4f1d858"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: J3_FXWgB2bmCPA6q38UoM.GiDeJQELLr
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: L7NVlaFaZ1X-025ElihwboLATRtTQ1o5dmTVpaEFYv9wfTzFwTqa7Q==

GET
H2 200 facebook-pixel.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/facebook-pixel/2.11.4/ 10 KB
4 KB 9ms
9ms Script
application/javascript 143.204.99.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/facebook-pixel/2.11.4/facebook-pixel.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HhXyk4KyVPvMC91PoiL7lYfhT5W0lRwK/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.99.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-99-83.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 09d71848005e2a44102e11442fccc6b1429039cbd02c66cce4d96db18132d68f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 23:24:04 GMT
content-encoding: gzip
age: 3380489
x-cache: Hit from cloudfront
content-length: 3272
access-control-allow-origin: *
last-modified: Tue, 28 Sep 2021 23:16:38 GMT
server: AmazonS3
etag: "ab115bd9059fb5e919474aa3bf6be638"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: VkqnfOaJQM76tlr6HwRJ7qjSNtV7saEm
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: TzBPaFENCawItDjnDK8-BTrLZ9TC8jcc03Dl4lYHmwI9w9MLZVEVmA==

GET
H2 200 visual-tagger.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/visual-tagger/0.3.5/ 45 KB
16 KB 10ms
10ms Script
application/javascript 143.204.99.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/visual-tagger/0.3.5/visual-tagger.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HhXyk4KyVPvMC91PoiL7lYfhT5W0lRwK/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.99.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-99-83.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 78da1701130cff315a738309e9a1636114a0261cdc64f8ee6785575457110a85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 22:39:31 GMT
content-encoding: gzip
age: 2346361
x-cache: Hit from cloudfront
content-length: 15524
access-control-allow-origin: *
last-modified: Tue, 12 Oct 2021 23:21:30 GMT
server: AmazonS3
etag: "bcf86fcfccfb75beafabde13e5cb2120"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: WmrjfFym.leFtoIjoAV90nfXfDS21kw.
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: EQUsMOEQL4wG0HTaBnR_Oh7Blf8A0N3h9RVSAPJsBWEWam9tljiXNw==

GET
H2 200 twitter-ads.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/twitter-ads/2.5.2/ 5 KB
2 KB 11ms
11ms Script
application/javascript 143.204.99.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/twitter-ads/2.5.2/twitter-ads.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HhXyk4KyVPvMC91PoiL7lYfhT5W0lRwK/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.99.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-99-83.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b8a7e9f048c30e7f75c75176225123a60adaa05afa3587de2726ca8013a8a005

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 23:14:05 GMT
content-encoding: gzip
age: 3640288
x-cache: Hit from cloudfront
content-length: 1973
access-control-allow-origin: *
last-modified: Tue, 28 Sep 2021 23:16:39 GMT
server: AmazonS3
etag: "cbe61cc0a51814680c783e0c643c80c7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: nEC5Q6vtg875uLu2opYWRywyWpdu5Gt0
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: DolEAQ4zveAo-C0zTC_7sgpwBCsmaz3Q_uvzYXqtXdZMcN1zUAiqnA==

GET
H2 200 commons.dddbd6a06577f22e5c7f.js.gz Show response
cdn.segment.com/next-integrations/integrations/vendor/ 73 KB
22 KB 11ms
8ms Script
application/javascript 143.204.99.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.dddbd6a06577f22e5c7f.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HhXyk4KyVPvMC91PoiL7lYfhT5W0lRwK/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.99.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-99-83.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5ad7b91941f455bd1260b2d44ab9de7b3cfc1fff40fb56c4798afef02d8d012e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:25:01 GMT
content-encoding: gzip
age: 8334032
x-cache: Hit from cloudfront
content-length: 22055
access-control-allow-origin: *
last-modified: Mon, 02 Aug 2021 21:35:35 GMT
server: AmazonS3
etag: "a58c4402066684684bff5837e7b5fe12"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: zkm5nKHdYX074QnkKX8hTl4BnbVqYwQ1
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 1L6m2foqUmYJ9G_QshVBT-KyXZoy_9vQ2HKaqMAG1e-6NAWrhC26yg==

GET
H2 200 commons.3495c86769f191d6894f.js.gz Show response
cdn.segment.com/next-integrations/integrations/vendor/ 73 KB
22 KB 14ms
13ms Script
application/javascript 143.204.99.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.3495c86769f191d6894f.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HhXyk4KyVPvMC91PoiL7lYfhT5W0lRwK/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.99.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-99-83.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b5e884ac6bca471440d62a21038e1b0342c4bc6e840388256b5f4137c2e666e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 07:50:32 GMT
content-encoding: gzip
age: 5510100
x-cache: Hit from cloudfront
content-length: 22175
access-control-allow-origin: *
last-modified: Thu, 26 Aug 2021 21:35:44 GMT
server: AmazonS3
etag: "97bdd3686696ee0e0f60bfaaa6b5693b"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: ycGBqmRQJe7ubt596zlSYLfgMdBxARsQ
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 4PV6R0ap7NZ-fJzgwGCyoQMbIOXYIk_Xu5HoFbqAIai4fX8bFQUAyQ==

GET
H2 404 gtm.js
www.googletagmanager.com/ 0
0 39ms
15ms Script
text/html 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/gtm.js?id=%REACT_GTM_ID%
Requested by: Host: www.td.org
URL: https://www.td.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 13AA 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6255e08ec3283e0c5d5320814ae89fef9dc907528a56a914f5737bbd3c480bb9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 817B 0
0 42ms
41ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst27xz1DE0xoiLfNXv6Q9YjciQTLbNbDMHbq9LqKwHfsXz3HodPF_7YF7yR_4XJOhmbmcz-wZhYvhkG3OHoPOxGV5ELJoIcSyt_9n65st5-NaHEuPUygdYgvGLv9F7n6-wSTgwbGZRzhuRtIJcb_w0YtxG3ZMdcLlT1JWZ6Ti4-un-0j2qPvkAOS41UcguHL2ixvEiFMCYCeKxN_gIPX-I2ZGnXy3Fh6TbOMQb5vNtrN9k1XFqDeL3H8Igz5i6ODlYo88LU2BFINBgR3SCD1viL8rPGB90EaGPP30S_KM-gLm9lKeEXapfXnWMJcI9C&sai=AMfl-YTPpsi7u5TO0zzl5AuzNTQpo4fKTImy44XF3ROrXRMAiCQs7nngE5VlPwSTBKF80hYnxjcq2pBb5bm4bjqly-mIuf4YiKhCQhKbZSpiJLhwaqZyGv_IgI8JGtW6fWQ&sig=Cg0ArKJSzGgL1vIrzspUEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Nov 2021 02:25:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 12 Nov 2021 02:25:33 GMT

GET
DATA 200
OK truncated
/ Frame 817B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f02c316d98e7c14bcbc6f6a72d31f4f1644818a6771f14535cb1676812bda947

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 13AA 0
0 69ms
68ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuEAGTX2ARSp9vrsdjlgWEXMPQO3Kc_D_y0Fhu5oLyAs6i1WXBaT1eqRjAGBt1dl_9MRgxtJzWsRsEsPgmcdHnh-_7R-1eWs5LZIp6EF3DtZSBqw1gNgDEPPvp1p-8YhgzABGkMn-8G0h2IJ4e7Y3zjBiCbujuspHKajhnn6s-ZAUn7FokVdxX_2kFuJ-Wwn4muYYXcWks2M1zmBgPbFsGyBy1D6sONNJS90gg3fltrUN4qKLx-4mMpoPGo5nZyV8l1ZnXWGc55hd06SkXFroM-0cM2FemIdeHNXSv9tfK7EBUWiQEdK3FLrlRZ2-jvORp6OX2x&sai=AMfl-YR_inH0zNkjU4I8teKqG2un6hUgl0gQGe5IbxsvQYt6odSMw6M_cihjKe-AE5UJGeF_UAIg8t483XIafPR63dBoeKvGTGhQbX9gC7gtm_4yGrY3FrI-YOZdvm-nCd0&sig=Cg0ArKJSzPPjhSvM15tUEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Nov 2021 02:25:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 12 Nov 2021 02:25:33 GMT

GET
H2 200 remoteMiddleware.bundle.1e10f4cbefbb089658bc.js Show response
cdn.segment.com/analytics-next/bundles/ 1 KB
1 KB 8ms
8ms Script
application/javascript 143.204.99.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/remoteMiddleware.bundle.1e10f4cbefbb089658bc.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HhXyk4KyVPvMC91PoiL7lYfhT5W0lRwK/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.99.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-99-83.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9cd37aa027c8539bd71677e5c17400c240e5563a65a114ecbbd561e72be28c15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 05:29:00 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 6468994
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Fri, 27 Aug 2021 18:41:41 GMT
server: AmazonS3
etag: W/"e8b3ac0fc94f44f7e6c04ac17af0a812"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: Lk.0PLAxqyyWKrfD1EsDKwt9dFRCHqn7
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: pj_C1I51RZfkHysaZpcaRuHI8o4I_87Bc5UemlwCGLRXuuFKN2sZww==

GET
H2 200 appboy.min.js Show response
js.appboycdn.com/web-sdk/2.4/ 186 KB
48 KB 82ms
29ms Script
application/javascript 2606:4700:10::6816:94f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.appboycdn.com/web-sdk/2.4/appboy.min.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.3495c86769f191d6894f.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:94f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fd9f160495e13ca8b9261831a698e2195ee4dc67c92253b6353af84511431f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:25:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 11 Dec 2019 16:29:39 GMT
server: cloudflare
age: 336
etag: W/"dce4574b1646058ce5d0902f54d4b49d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 6acc4f75de75e907-MXP
x-amz-request-id: Z9PMH9D7AVQ7NWM4
x-amz-id-2: nYM7+hwiP2lO4T/419wSNKHJMLysZmtqp0Uy2Ga14Ya6N+5LAyweCN0Ja2tq1vgZY/S3ksAxOaw=

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 68ms
14ms Script
application/x-javascript 2a02:26f0:6c00::210:ba11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.3495c86769f191d6894f.js.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 12 Nov 2021 02:25:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=71333
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 27ms
7ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.3495c86769f191d6894f.js.gz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:25:33 GMT
content-encoding: gzip
last-modified: Mon, 20 Sep 2021 23:58:10 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kiad7000167-IAD, cache-hhn11550-HHN

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 25ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.3495c86769f191d6894f.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: KBJLkjsvitAAt1XMaGM1jNCU3ZojQUhFqeKqsifW/bbvUcFh9Wnj1ouIAnm4q1poB7meU6sk2J7GrEXn3DacAA==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Fri, 12 Nov 2021 02:25:33 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
15 KB 46ms
23ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.dddbd6a06577f22e5c7f.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

7f0690cc7aa3e0a4f7ad0894766c1db5c291fb1d4840bfe4ab91cb393b77a608

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14377
x-xss-protection: 0
server: cafe
etag: 16570183496300854077
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 12 Nov 2021 02:25:33 GMT

GET
H2 200 analytics.js-middleware-braze-deduplicate.js.gz Show response
cdn.segment.com/next-integrations/middleware/analytics.js-middleware-braze-deduplicate/latest/ 2 KB
1 KB 9ms
9ms Script
application/javascript 143.204.99.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/middleware/analytics.js-middleware-braze-deduplicate/latest/analytics.js-middleware-braze-deduplicate.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HhXyk4KyVPvMC91PoiL7lYfhT5W0lRwK/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.99.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-99-83.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 66681843d2dddef898a0e614bc668cab30aceecd7a0d89965b7b0447bfcf14c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 03:43:56 GMT
content-encoding: gzip
age: 81698
x-cache: Hit from cloudfront
content-length: 778
access-control-allow-origin: *
last-modified: Wed, 10 Nov 2021 19:47:37 GMT
server: AmazonS3
etag: "3f0dbc48d4537cdf84414eec13b0164c"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: 82k_hxHQzmARrxrKmJo8wA3ymwEco5Oe
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: zfoC5dV8UYTrue5s4Yquhzr5m32SHpoQ1OlVKXFJNW9K1URQytQwZw==

GET
H2 200 /
d19d5sz0wkl0lu.cloudfront.net/dims4/default/4b1b7c4/2147483647/thumbnail/140x140%3E/quality/90/ 19 KB
19 KB 10ms
10ms Image
image/png 2600:9000:2156:5e00:1c:69b2:9480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d19d5sz0wkl0lu.cloudfront.net/dims4/default/4b1b7c4/2147483647/thumbnail/140x140%3E/quality/90/?url=https%3A%2F%2Fatd-brightspot.s3.amazonaws.com%2Fc1%2F1f%2Fd0ba51364b0bb1817b8b82552e69%2Fcertificate-square-512x512.png
Requested by: Host: www.td.org
URL: https://www.td.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5e00:1c:69b2:9480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 19156f4d87766f7222b1958a41aae4a3a148ea509bf5da7213651650d633b210

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 04:56:08 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: Apache
age: 1546165
etag: afea17cbcfeefe8f6aabf01b732702ac
x-cache: Hit from cloudfront
content-type: image/png
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA50-C1
x-robots-tag: nofollow
content-length: 19312
x-amz-cf-id: AlioFqcAHAoAMyTHapDaalRkJCtSMTyyqrITgd-O4me-LKyMeQDvmA==
expires: Tue, 25 Oct 2022 04:56:08 GMT

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
21 KB 10ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.48

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 20661
x-xss-protection: 0
pragma: public
x-fb-debug: Bxm5T0urvioNtGJIRVQWxai8/n4nX41eGM8NSevvp5TLVXnRkRcqjgs4EAr9VYhhVJttqAhLNaeX55dqzS+KSw==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 12 Nov 2021 02:25:33 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 186855815417782 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 55ms
54ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/186855815417782?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

42e6969db849f0abdf6106a23ca98c32f1bddb2608b03538ce2dc726c86d957a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: xNMa2/98SOhq+sRkyBTgUI1PSope64AzJ2WVMW8E6v3flGT1zlYDFFwCc67kkXiRywPVt18OwI2k2rKuu6tArw==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 12 Nov 2021 02:25:33 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=15552&time=1636683933109&url=https%3A%2F%2Fwww.td.org%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D15552%26time%3D1636683933109%26url%3Dhttps%253A%252F%252Fwww.td.org%252F%26liSync...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=15552&time=1636683933109&url=https%3A%2F%2Fwww.td.org%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=15552&time=1636683933109&url=https%3A%2F%2Fwww.td.org%2F&liSync=true&e_ipv6=AQJmyKDJbbgfIAAAAX0R9ufPXiePMDnfXroMUf7qK_207xumhf4s2igy4v18V_Og1PQOk_Mv

0
155 B

527ms
108ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=15552&time=1636683933109&url=https%3A%2F%2Fwww.td.org%2F&liSync=true&e_ipv6=AQJmyKDJbbgfIAAAAX0R9ufPXiePMDnfXroMUf7qK_207xumhf4s2igy4v18V_Og1PQOk_Mv
Requested by: Host: www.td.org
URL: https://www.td.org/
Protocol: H2
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:25:34 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: gnlz2V2rthYAAAH4jysAAA==

Redirect headers

date: Fri, 12 Nov 2021 02:25:33 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=15552&time=1636683933109&url=https%3A%2F%2Fwww.td.org%2F&liSync=true&e_ipv6=AQJmyKDJbbgfIAAAAX0R9ufPXiePMDnfXroMUf7qK_207xumhf4s2igy4v18V_Og1PQOk_Mv
x-li-proto: http/2
x-li-pop: prod-lva1
content-length: 0
x-li-uuid: McfbuV2rthZwhMOfkisAAA==

OPTIONS
H2 200 /
sdk.iad-03.braze.com/api/v3/data/ Frame 0
0 397ms
364ms Preflight 151.101.65.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-03.braze.com/api/v3/data/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
Origin: https://www.td.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, GET
access-control-expose-headers
access-control-max-age: 7200
access-control-allow-headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
content-encoding: gzip
accept-ranges: bytes
date: Fri, 12 Nov 2021 02:25:33 GMT
via: 1.1 varnish
x-served-by: cache-hhn4034-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1636683933.195930,VS0,VE358
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 201 / Show response
sdk.iad-03.braze.com/api/v3/data/ 3 KB
1 KB 473ms
473ms XHR
application/json 151.101.65.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-03.braze.com/api/v3/data/

Requested by

Host: js.appboycdn.com
URL: https://js.appboycdn.com/web-sdk/2.4/appboy.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c4f1509b81c2ab3166dcced2dc804fd62fd6339679715bb93788f2d2a4a34215

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-Braze-Api-Key: 5aa8cf36-8688-4b04-8385-ef090bfa2008
X-Braze-TriggersRequest: true
X-Braze-DataRequest: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json
Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
X-Requested-With: XMLHttpRequest

Response headers

date: Fri, 12 Nov 2021 02:25:34 GMT
content-encoding: gzip
access-control-allow-origin: *
x-cache: MISS
access-control-max-age: 7200
strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: cb5e06dd-04f9-46b7-907f-5532e39c4900
x-served-by: cache-hhn4034-HHN
x-runtime: 0.106815
server: nginx
x-timer: S1636683934.561002,VS0,VE466
etag: W/"c4f1509b81c2ab3166dcced2dc804fd6"
vary: Origin,Accept-Encoding
access-control-allow-methods: POST, GET
content-type: application/json
via: 1.1 varnish
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/975763705/ 2 KB
1 KB 32ms
16ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/975763705/?random=1636683933176&cv=9&fst=1636683933176&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.td.org%2F&tiba=ATD%20%7C%20The%20World%27s%20Largest%20Talent%20Development%20Association&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

05de8a83425a80584b4913271db2c62266572ff14914c439939aae2355e1ff12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 02:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1078
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/975763705/ 3 KB
2 KB 47ms
23ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/975763705/?random=1636683933182&cv=9&fst=1636683933182&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=path%3D%2F%3Breferrer%3D%3Bsearch%3D%3Btitle%3DATD%20%7C%20The%20World%27s%20Largest%20Talent%20Development%20Association%3Burl%3Dhttps%3A%2F%2Fwww.td.org%2F%3Bname%3DHomepage&frm=0&url=https%3A%2F%2Fwww.td.org%2F&tiba=ATD%20%7C%20The%20World%27s%20Largest%20Talent%20Development%20Association&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84ca83097977463be96eb6ee5ee4fd8208864ef04abae57fe837c656154d2793

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 02:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1079
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 p Show response
apisegment.td.org/v1/ 21 B
241 B 887ms
825ms XHR
application/json 2606:4700:10::6816:4e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://apisegment.td.org/v1/p
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HhXyk4KyVPvMC91PoiL7lYfhT5W0lRwK/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://www.td.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Nov 2021 02:25:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.td.org
cf-ray: 6acc4f76df583755-MXP
content-length: 21

GET
H2 200 adsct
t.co/i/ 43 B
470 B 137ms
120ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nur6l&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=e91f49c2-71a8-4062-983d-c89d414e6658&tw_document_href=https%3A%2F%2Fwww.td.org%2F

Requested by

Host: www.td.org
URL: https://www.td.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 112
pragma: no-cache
last-modified: Fri, 12 Nov 2021 02:25:33 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 3c46908984a35c31ff220fafd291ea813540c273bc5476bc334579e7c3e3c216
x-transaction: 64723f2a53240c5c
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 23ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=186855815417782&ev=PageView&dl=https%3A%2F%2Fwww.td.org%2F&rl=&if=false&ts=1636683933200&sw=1600&sh=1200&v=2.9.48&r=stable&a=seg&ec=0&o=30&fbp=fb.1.1636683933199.2140918362&it=1636683933082&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=p0&rqm=GET

Requested by

Host: www.td.org
URL: https://www.td.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:25:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 12 Nov 2021 02:25:33 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/975763705/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/975763705/?random=1800079026&cv=9&fst=1636683933176&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=2...
https://www.google.com/pagead/1p-conversion/975763705/?random=1800079026&cv=9&fst=1636683933176&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_ja...
https://www.google.de/pagead/1p-conversion/975763705/?random=1800079026&cv=9&fst=1636683933176&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_jav...

42 B
108 B

22ms
22ms

Image
image/gif

2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/975763705/?random=1800079026&cv=9&fst=1636683933176&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.td.org%2F&tiba=ATD%20%7C%20The%20World%27s%20Largest%20Talent%20Development%20Association&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=ndCNYdbBDNjXgQfP8qqIBw&cid=CAQSKQCNIrLMtPBml9_HFGmIhWeslgOKVj54vDL0Jm2pJlF-IZrCCsNcgxwl&random=24161062&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Host: www.td.org
URL: https://www.td.org/

Protocol

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 02:25:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Nov 2021 02:25:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/975763705/?random=1800079026&cv=9&fst=1636683933176&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.td.org%2F&tiba=ATD%20%7C%20The%20World%27s%20Largest%20Talent%20Development%20Association&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=ndCNYdbBDNjXgQfP8qqIBw&cid=CAQSKQCNIrLMtPBml9_HFGmIhWeslgOKVj54vDL0Jm2pJlF-IZrCCsNcgxwl&random=24161062&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/975763705/ 42 B
154 B 22ms
21ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/975763705/?random=1636683933182&cv=9&fst=1636682400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=path%3D%2F%3Breferrer%3D%3Bsearch%3D%3Btitle%3DATD%20%7C%20The%20World%27s%20Largest%20Talent%20Development%20Association%3Burl%3Dhttps%3A%2F%2Fwww.td.org%2F%3Bname%3DHomepage&frm=0&url=https%3A%2F%2Fwww.td.org%2F&tiba=ATD%20%7C%20The%20World%27s%20Largest%20Talent%20Development%20Association&async=1&fmt=3&is_vtc=1&random=3645109395&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.td.org
URL: https://www.td.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 02:25:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/975763705/ 42 B
154 B 22ms
21ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/975763705/?random=1636683933182&cv=9&fst=1636682400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=path%3D%2F%3Breferrer%3D%3Bsearch%3D%3Btitle%3DATD%20%7C%20The%20World%27s%20Largest%20Talent%20Development%20Association%3Burl%3Dhttps%3A%2F%2Fwww.td.org%2F%3Bname%3DHomepage&frm=0&url=https%3A%2F%2Fwww.td.org%2F&tiba=ATD%20%7C%20The%20World%27s%20Largest%20Talent%20Development%20Association&async=1&fmt=3&is_vtc=1&random=3645109395&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.td.org
URL: https://www.td.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 02:25:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame EED9 0
81 B 7ms
7ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.td.org
URL: https://www.td.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.td.org
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.td.org
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
date: Fri, 12 Nov 2021 02:25:33 GMT

OPTIONS
H2 204 /
atd-api.td.org/ Frame 0
0 4491ms
4408ms Preflight 2a03:b0c0:3:d0::d23:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://atd-api.td.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:b0c0:3:d0::d23:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Netlify /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.td.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type
access-control-allow-origin: https://www.td.org
cache-control: no-cache
server: Netlify
x-nf-request-id: 01FM8ZDTFYEX4S3X9WF18QNY54
age: 3
date: Fri, 12 Nov 2021 02:25:37 GMT
content-length: 0

OPTIONS
H2 204 /
atd-api.td.org/ Frame 0
0 727ms
645ms Preflight 2a03:b0c0:3:d0::d23:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://atd-api.td.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:b0c0:3:d0::d23:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Netlify /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.td.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type
access-control-allow-origin: https://www.td.org
cache-control: no-cache
server: Netlify
x-nf-request-id: 01FM8ZDTFYNKWZWZ6ZWQSFHY77
age: 0
date: Fri, 12 Nov 2021 02:25:34 GMT
content-length: 0

OPTIONS
H2 204 /
atd-api.td.org/ Frame 0
0 793ms
712ms Preflight 2a03:b0c0:3:d0::d23:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://atd-api.td.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:b0c0:3:d0::d23:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Netlify /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.td.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type
access-control-allow-origin: https://www.td.org
cache-control: no-cache
server: Netlify
x-nf-request-id: 01FM8ZDTFY2SA93Q0BJTNDJKFF
age: 0
date: Fri, 12 Nov 2021 02:25:34 GMT
content-length: 0

GET
H/1.1 200
OK atd-logo-small.a3f91e1a.svg
s3.amazonaws.com/files.astd.org/public/static/media/ 3 KB
3 KB 117ms
117ms Image
image/svg+xml 52.216.138.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/files.astd.org/public/static/media/atd-logo-small.a3f91e1a.svg
Requested by: Host: www.td.org
URL: https://www.td.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.138.149 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e9b03aa892e17dfd9c64bd6c8cff4bda900a8e041764e25e7c23121e3bfc9ad4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 12 Nov 2021 02:25:35 GMT
Last-Modified: Thu, 11 Mar 2021 21:47:43 GMT
Server: AmazonS3
x-amz-request-id: C7MJXTBH7G0XERNC
ETag: "b13371cc6d4f5cc12a7e0d873f6cf9ee"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 2564
x-amz-id-2: 3JE8j7+8fNS2mxaccf5H3JlLtJMx0lpifgMbNUEzE8bh7o9j2gTWa4H2TrucoB2kEJphl46XXQA=

GET
H/1.1 200
OK atd-logo.a087cc93.svg
s3.amazonaws.com/files.astd.org/public/static/media/ 10 KB
10 KB 117ms
117ms Image
image/svg+xml 52.216.138.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/files.astd.org/public/static/media/atd-logo.a087cc93.svg
Requested by: Host: www.td.org
URL: https://www.td.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.138.149 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 24dcc4d51a509e8e7ab69e6e0dcbcf2134123c135badaa5fa6ddc2c2287f9b80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 12 Nov 2021 02:25:35 GMT
Last-Modified: Thu, 11 Mar 2021 21:47:44 GMT
Server: AmazonS3
x-amz-request-id: C7MZNXYC338B2D37
ETag: "746c2f9aa696c07559de47ff2983a101"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 9806
x-amz-id-2: w4VZQsho179a8k8YOBipeRirQb+WJ6HaW8BD27U2f9ETrKl/8NMK2HRN4hq36MbhxrJysFJrfTM=

POST
H2 200 / Show response
atd-api.td.org/ 1 KB
1 KB 430ms
429ms Fetch
application/json 2a03:b0c0:3:d0::d23:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://atd-api.td.org/
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/files.astd.org/public/static/js/2.336f8669.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:b0c0:3:d0::d23:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Netlify /
Resource Hash: e4702fbb2e7f984de5f3668eb9bdcb08b2031694022045034084ea552b7950ee

Request headers

accept: */*
Referer: https://www.td.org/
authorization
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type: application/json

Response headers

x-nf-request-id: 01FM8ZDYSS4HJJ460ABXWESMB4
date: Fri, 12 Nov 2021 02:25:39 GMT
server: Netlify
age: 1
content-type: application/json
access-control-allow-origin: https://www.td.org
cache-control: no-cache
access-control-allow-credentials: true
content-length: 1128

POST
H2 200 / Show response
atd-api.td.org/ 34 KB
35 KB 598ms
539ms Fetch
application/json 2a03:b0c0:3:d0::d23:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://atd-api.td.org/
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/files.astd.org/public/static/js/2.336f8669.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:b0c0:3:d0::d23:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Netlify /
Resource Hash: 92c863d2d2c6231dd341c4ad2977cb86fce24a8c5e460009f35488c8b7a92ea1

Request headers

accept: */*
Referer: https://www.td.org/
authorization
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type: application/json

Response headers

x-nf-request-id: 01FM8ZDV5YVXS859M7VMWQVFQG
date: Fri, 12 Nov 2021 02:25:35 GMT
server: Netlify
age: 1
content-type: application/json
access-control-allow-origin: https://www.td.org
cache-control: no-cache
access-control-allow-credentials: true
content-length: 35273

POST
H2 200 / Show response
atd-api.td.org/ 22 KB
23 KB 430ms
430ms Fetch
application/json 2a03:b0c0:3:d0::d23:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://atd-api.td.org/
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/files.astd.org/public/static/js/2.336f8669.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:b0c0:3:d0::d23:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Netlify /
Resource Hash: 3feda6c090f3b4e272c47e180e5b69a02e5913bc56b2b06f6060c9df2bf8fb07

Request headers

accept: */*
Referer: https://www.td.org/
authorization
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type: application/json

Response headers

x-nf-request-id: 01FM8ZDV67S51HMYVGSFS9VQP3
date: Fri, 12 Nov 2021 02:25:35 GMT
server: Netlify
age: 1
content-type: application/json
access-control-allow-origin: https://www.td.org
cache-control: no-cache
access-control-allow-credentials: true
content-length: 22948

GET
H/1.1 200
OK optanon.css
optanon.blob.core.windows.net/skins/5.2.0/default_flat_bottom_two_button_black/v2/css/ 23 KB
6 KB 31ms
31ms Stylesheet
text/css 52.239.137.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://optanon.blob.core.windows.net/skins/5.2.0/default_flat_bottom_two_button_black/v2/css/optanon.css
Requested by: Host: optanon.blob.core.windows.net
URL: https://optanon.blob.core.windows.net/consent/28b2b89e-035b-4e87-b252-b4a0507f42e0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.137.4 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 0bd0bc4edd5e4b256b9c40ce082680ad16a78ac5faf4d3337d39cf9605518bfe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 12 Nov 2021 02:25:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Sep 2019 20:24:48 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: jzLE25vmrDR3ZmMxTSa8+w==
ETag: 0x8D73D3F6B302F72
Content-Type: text/css
Access-Control-Allow-Origin: *
x-ms-request-id: 0aef9704-501e-010e-0c6c-d772b8000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 5556

GET
H2 200 EU Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/ 32 B
256 B 41ms
20ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/EU?callback=jQuery331008542254336719046_1636683932644&_=1636683932645

Requested by

Host: d19d5sz0wkl0lu.cloudfront.net
URL: https://d19d5sz0wkl0lu.cloudfront.net/resource/styleguide/All.min.dac687947a9f84295bac32653b813337.gz.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:25:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6acc4f7c7fa20ea7-FRA
content-length: 32

POST
H2 200 _track Show response
www.td.org/ 0
142 B 429ms
428ms XHR
text/plain 2606:4700:10::6816:4f93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.td.org/_track
Requested by: Host: d19d5sz0wkl0lu.cloudfront.net
URL: https://d19d5sz0wkl0lu.cloudfront.net/resource/styleguide/All.min.dac687947a9f84295bac32653b813337.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4f93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://www.td.org/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 12 Nov 2021 02:25:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6acc4f7c6a5b374e-MXP
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 155 KB
56 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WGTDK2H

Requested by

Host: www.td.org
URL: https://www.td.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

322bd1dee56f5d22b27f5567d1d2ee25bb6c1a29b2f597e3648363c6e44e131b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:25:34 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56846
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 01:01:23 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Nov 2021 02:25:34 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
675 B 133ms
116ms Script
application/javascript 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nur6l&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=e91f49c2-71a8-4062-983d-c89d414e6658&tw_document_href=https%3A%2F%2Fwww.td.org%2F&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:25:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 109
pragma: no-cache
last-modified: Fri, 12 Nov 2021 02:25:34 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: e711e8e3e1602e00231270db7f81476efe62e7faea5fbcbe9804c6b70067e84b
x-transaction: f9e4c19fb9e0e6c5
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK whitneyhtf-book-webfont.a7215fa9.woff2
s3.amazonaws.com/files.astd.org/public/static/media/ 18 KB
19 KB 446ms
139ms Font
binary/octet-stream 52.216.138.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/files.astd.org/public/static/media/whitneyhtf-book-webfont.a7215fa9.woff2
Requested by: Host: www.td.org
URL: https://www.td.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.138.149 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5c156222ef3eb1228001f6746c78136377d6f4f5387af85ee1ddf147d7e4263b

Request headers

Referer: https://www.td.org/
Origin: https://www.td.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 12 Nov 2021 02:25:35 GMT
Last-Modified: Thu, 11 Mar 2021 21:47:45 GMT
Server: AmazonS3
x-amz-request-id: C7MK6SA55XPXTYMG
ETag: "92278e555b2d35d68509dd9c284f0304"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 18600
x-amz-id-2: 3ohMSZIt5Jt/vCyRJAWaf1u65Rh8EWYkGjAiOPIlmZA8WE8Su5EeHKals5CvOk1rhOjrI+sYQj8=

GET
H/1.1 200
OK whitneyhtf-semibold-webfont.7e8d4282.woff2
s3.amazonaws.com/files.astd.org/public/static/media/ 19 KB
19 KB 721ms
414ms Font
binary/octet-stream 52.216.138.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/files.astd.org/public/static/media/whitneyhtf-semibold-webfont.7e8d4282.woff2
Requested by: Host: www.td.org
URL: https://www.td.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.138.149 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 29b0455cafe4c2011761c4b873006f612b67a74a536cb0fce0dc7c8c9734b7ef

Request headers

Referer: https://www.td.org/
Origin: https://www.td.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 12 Nov 2021 02:25:35 GMT
Last-Modified: Thu, 11 Mar 2021 21:47:46 GMT
Server: AmazonS3
x-amz-request-id: C7MZFZCKXGB6XCV3
ETag: "bc3104f54b1934df7ef78790711276d0"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 19072
x-amz-id-2: cO6sadwa6uZasRvGek8itA/mk1zakGbCcAKIB5RNTC5gcdcvo/Zvjv8oo6v+hh9d40sksqlhfVs=

GET
H/1.1 200
OK whitneyhtf-medium-webfont.fae58b81.woff2
s3.amazonaws.com/files.astd.org/public/static/media/ 18 KB
19 KB 438ms
131ms Font
binary/octet-stream 52.216.138.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/files.astd.org/public/static/media/whitneyhtf-medium-webfont.fae58b81.woff2
Requested by: Host: www.td.org
URL: https://www.td.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.138.149 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 601837441752c96e0ce16346aa1dd61f984c6854cfafc2928355f8bb8c35c31c

Request headers

Referer: https://www.td.org/
Origin: https://www.td.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 12 Nov 2021 02:25:35 GMT
Last-Modified: Thu, 11 Mar 2021 21:47:46 GMT
Server: AmazonS3
x-amz-request-id: C7MPJGD4STA5MGHW
ETag: "9a78dc140569eb84124c710c7b9bda7c"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 18760
x-amz-id-2: 0LXA1rsbt6Gj3W6ZCOBwxp7YEt7xx2cUgndSnUQ0A8aCRN9Szf8xsEG2yRV7bks/DxRKcuFvNuU=

OPTIONS
H2 200 sync
sdk.iad-03.braze.com/api/v3/content_cards/ Frame 0
0 100ms
100ms Preflight 151.101.65.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-03.braze.com/api/v3/content_cards/sync

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
Origin: https://www.td.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, GET
access-control-expose-headers
access-control-max-age: 7200
access-control-allow-headers: content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
content-encoding: gzip
accept-ranges: bytes
date: Fri, 12 Nov 2021 02:25:34 GMT
via: 1.1 varnish
x-served-by: cache-hhn4034-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1636683934.201718,VS0,VE93
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 201 sync Show response
sdk.iad-03.braze.com/api/v3/content_cards/ 59 B
214 B 113ms
113ms XHR
application/json 151.101.65.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-03.braze.com/api/v3/content_cards/sync

Requested by

Host: js.appboycdn.com
URL: https://js.appboycdn.com/web-sdk/2.4/appboy.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

56ed64ba1a0f1af7b481c5ae8ea4124175048757a70b7e2defa1038edf0c8cf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-Braze-Api-Key: 5aa8cf36-8688-4b04-8385-ef090bfa2008
X-Braze-DataRequest: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json
Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
X-Requested-With: XMLHttpRequest
X-Braze-ContentCardsRequest: true

Response headers

date: Fri, 12 Nov 2021 02:25:34 GMT
content-encoding: gzip
access-control-allow-origin: *
x-cache: MISS
access-control-max-age: 7200
strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 891dfb47-ded1-4a0c-84f0-ec88d047b95c
x-served-by: cache-hhn4034-HHN
x-runtime: 0.012237
server: nginx
x-timer: S1636683934.302083,VS0,VE106
etag: W/"56ed64ba1a0f1af7b481c5ae8ea41241"
vary: Origin,Accept-Encoding
access-control-allow-methods: POST, GET
content-type: application/json
via: 1.1 varnish
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 817B 42 B
497 B 81ms
43ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstFj-kew9JMuqsCZMnQ9pO1rAF0p-hW79agcveJE_9PQuWyNSJM9VUbk0J6kRTTFxsRyulHSuoXSTRR_YkA6Z71hwC9W08I1SVPo1124RkrL9NwJq2P&sig=Cg0ArKJSzDbMCIO7ZmMvEAE&id=lidar2&mcvt=1207&p=620,315,711,1285&mtos=1207,1207,1207,1207,1207&tos=1207,0,0,0,0&v=20211110&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=4115206101&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636683932881&rpt=112&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 02:25:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 list-cart Show response
www.td.org/ajax/ 162 B
261 B 576ms
576ms XHR
application/json 2606:4700:10::6816:4f93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.td.org/ajax/list-cart?customerNumber=712d01d1-3bb9-4aea-ac1f-a3f10826f178
Requested by: Host: d19d5sz0wkl0lu.cloudfront.net
URL: https://d19d5sz0wkl0lu.cloudfront.net/resource/styleguide/All.min.dac687947a9f84295bac32653b813337.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4f93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Brightspot
Resource Hash: ee9b8e4e2413a5b123288999d4a6d302afe31e08df6015b5a8efb4b127b23d4a

Request headers

Accept: */*
Referer: https://www.td.org/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:25:34 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 12 Nov 2021 02:25:34 GMT
server: cloudflare
x-powered-by: Brightspot
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
cache-control: max-age=14400
cf-ray: 6acc4f7d0ad2374e-MXP
x-robots-tag: nofollow

GET
H2 200 box-028f986f575e1b13474634857daa6bfc.html Show response
vars.hotjar.com/ Frame E406 2 KB
1 KB 36ms
7ms Document
text/html 143.204.98.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-028f986f575e1b13474634857daa6bfc.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-338957.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-123.fra50.r.cloudfront.net
Software: /
Resource Hash: 8b975e3e6910f571ee21a21922394a133e7cfd1ae1207bab6d5a629c142321aa

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/

Response headers

content-type: text/html
content-length: 1044
date: Mon, 08 Nov 2021 14:05:14 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "1502011b9c345a816e17e09cda9762e1"
last-modified: Wed, 20 Oct 2021 10:53:36 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: H2gjdN4yzs5gHYQiyQuaoe-6_cjK4Xlcuk8jTEeWOvaaBSwMt7TwYg==
age: 303620

GET
H2 200 /
d19d5sz0wkl0lu.cloudfront.net/dims4/default/070f368/2147483647/thumbnail/720x250%3E/quality/90/ 67 KB
67 KB 12ms
11ms Image
image/png 2600:9000:2156:5e00:1c:69b2:9480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d19d5sz0wkl0lu.cloudfront.net/dims4/default/070f368/2147483647/thumbnail/720x250%3E/quality/90/?url=https%3A%2F%2Fatd-brightspot.s3.amazonaws.com%2Fd3%2F3d%2Fb402b4e74492901c6d2ba278c5fb%2Fpromo-card-background-green-1.png
Requested by: Host: www.td.org
URL: https://www.td.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5e00:1c:69b2:9480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: b1d2559162fd73cd23bc46ba1447216b6de912a5663f67eb379117e72d42fd22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 12:21:00 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: Apache
age: 13269873
etag: a1a987f5e85ff3048c1cf6cd0764157e
x-cache: Hit from cloudfront
content-type: image/png
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA50-C1
x-robots-tag: nofollow
content-length: 68190
x-amz-cf-id: q83DJ4XRT_EKnhdXfVnz5XcaB-mDSNuVkQ_SeM-zni7WLFbH64r1jQ==
expires: Sat, 11 Jun 2022 12:21:01 GMT

GET
H2 200 bullet-arrow.85b3979270c1de4e0db2ca1ba778d72c.png
d19d5sz0wkl0lu.cloudfront.net/resource/styleguide/images/ 181 B
537 B 10ms
10ms Image
image/png 2600:9000:2156:5e00:1c:69b2:9480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d19d5sz0wkl0lu.cloudfront.net/resource/styleguide/images/bullet-arrow.85b3979270c1de4e0db2ca1ba778d72c.png
Requested by: Host: d19d5sz0wkl0lu.cloudfront.net
URL: https://d19d5sz0wkl0lu.cloudfront.net/resource/All.min.69291f2dd274c487402551172ea31741.gz.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5e00:1c:69b2:9480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a4cd72a2bc2315d2eb1236c9357592514a63cc29b355dea5ccfdea477de6c8f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d19d5sz0wkl0lu.cloudfront.net/resource/All.min.69291f2dd274c487402551172ea31741.gz.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 15:51:01 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified: Wed, 19 Jun 2019 14:10:33 GMT
server: AmazonS3
age: 13257273
etag: "53f3de887e1d0e9a1e024083a2ac080f"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 181
x-amz-cf-id: 7Wl5DzuAGiM71O144umU-R9LqjjIDurX6d0HDUUdokQgFlYjeA0rDw==

GET
H2 200 bat.js Show response
bat.bing.com/ 35 KB
10 KB 53ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGTDK2H
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d068af5c09c1417e301e13b2c90fa877e0a24e0baae8160b6b77f1650486eb13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:25:34 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 17:40:42 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 95D917628A974586BABEF294DB1EA24F Ref B: FRAEDGE1409 Ref C: 2021-11-12T02:25:34Z
etag: "08933ecd9d0d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10202

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/338957/ 146 B
323 B 107ms
33ms XHR
application/json 52.210.84.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/338957/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.dad547d55d09325865c9.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.84.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-84-221.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1f93261e6db2c54e59dd3384dbb44d59a47c0118c3526bec3a3e5f52925e5243

Request headers

Referer: https://www.td.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 12 Nov 2021 02:25:34 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 204 338957 Show response
vc.hotjar.io/sessions/ 0
258 B 76ms
36ms XHR
text/plain 143.204.98.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/338957?s=0.25&r=0.1920077293609037
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.dad547d55d09325865c9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-62.fra50.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:25:34 GMT
via: 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: 7EKp6srmpQPV8rjaF_Yi8HMWrCxE_ZO9h5RHvmjGTOlfUFjuN94ThA==

GET
H2 204 15093466.js Show response
bat.bing.com/p/action/ 0
93 B 189ms
189ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/15093466.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 12 Nov 2021 02:25:34 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EE9E6706EC8D489A8932D32822199B5A Ref B: FRAEDGE1409 Ref C: 2021-11-12T02:25:34Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
150 B 29ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=15093466&tm=gtm002&Ver=2&mid=d71b8d47-97a9-4aa4-b439-5111781d737c&sid=d0af4a50435f11ec996b15bd84e2f090&vid=d0af6440435f11ec8f609b3781aeb042&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=ATD%20%7C%20The%20World%27s%20Largest%20Talent%20Development%20Association&p=https%3A%2F%2Fwww.td.org%2F&r=&lt=1979&evt=pageLoad&msclkid=N&sv=1&rn=97178
Requested by: Host: www.td.org
URL: https://www.td.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 02:25:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D3CE0F997C2F424EA1EC253031DBB68E Ref B: FRAEDGE1409 Ref C: 2021-11-12T02:25:34Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Pixel
emailprofile.td.org/Tracking/ 95 B
367 B 451ms
422ms Image
image/png 2606:4700:10::6816:4f93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emailprofile.td.org/Tracking/Pixel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4f93 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.td.org
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:25:35 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-length: 95
x-xss-protection: 1; mode=block
x-aspnetmvc-version: 5.0
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: private
content-security-policy: frame-ancestors https://*.td.org
cf-ray: 6acc4f81bdb6374e-MXP

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 321ms
19ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c69543e28c40655b92c15bbb299fb01df84baa23ab3f42bff34e1280aeced76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Nov 2021 02:25:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9274
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 12ae01d498fd998263b555e99880c6838ef6acca33fcd2e1cb12367a99e928f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 /
d19d5sz0wkl0lu.cloudfront.net/dims4/default/4b1b7c4/2147483647/thumbnail/140x140%3E/quality/90/ 19 KB
19 KB 16ms
16ms Image
image/png 2600:9000:2156:5e00:1c:69b2:9480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d19d5sz0wkl0lu.cloudfront.net/dims4/default/4b1b7c4/2147483647/thumbnail/140x140%3E/quality/90/?url=https%3A%2F%2Fatd-brightspot.s3.amazonaws.com%2Fc1%2F1f%2Fd0ba51364b0bb1817b8b82552e69%2Fcertificate-square-512x512.png
Requested by: Host: www.td.org
URL: https://www.td.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5e00:1c:69b2:9480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 19156f4d87766f7222b1958a41aae4a3a148ea509bf5da7213651650d633b210

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 04:56:08 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: Apache
age: 1546167
etag: afea17cbcfeefe8f6aabf01b732702ac
x-cache: Hit from cloudfront
content-type: image/png
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA50-C1
x-robots-tag: nofollow
content-length: 19312
x-amz-cf-id: ei_4AT3_m6pA9HM_z1uWIg0GJmG8OS6GkaWnXn5AglzdXX74WFYqgA==
expires: Tue, 25 Oct 2022 04:56:08 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 323ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:25:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 12 Nov 2021 02:25:35 GMT

GET
H2 200 Referrer Show response
emailprofile.td.org/Tracking/ 4 B
236 B 421ms
420ms XHR
application/javascript 2606:4700:10::6816:4f93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://emailprofile.td.org/Tracking/Referrer?host=https%3A%2F%2Fwww.td.org&referrer=

Requested by

Host: d2suo6y6ick5ug.cloudfront.net
URL: https://d2suo6y6ick5ug.cloudfront.net/tdx/tdx.js?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4f93 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.td.org
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:25:35 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-length: 4
x-xss-protection: 1; mode=block
x-aspnetmvc-version: 5.0
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET,PUT,POST,DELETE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.td.org
cache-control: private
access-control-allow-credentials: true
content-security-policy: frame-ancestors https://*.td.org
cf-ray: 6acc4f846f15374e-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H/1.1 200
OK 690578194-membership-retentiondigitalads.jpg
d22bbllmj4tvv8.cloudfront.net/e5/2d/874f087e4a9ba5ba580799f6ce18/ 49 KB
49 KB 58ms
10ms Image
image/jpeg 143.204.98.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d22bbllmj4tvv8.cloudfront.net/e5/2d/874f087e4a9ba5ba580799f6ce18/690578194-membership-retentiondigitalads.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-96.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0302bd2949754f823cbd89f3108b14fdfd0f053c02e7af6b6fe35258bbf0b261

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 14:30:38 GMT
Via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Mon, 08 Nov 2021 13:17:48 GMT
Server: AmazonS3
Age: 302098
ETag: "6c5533a6dbf567f2355ec01e06e0040c"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 49826
X-Amz-Cf-Id: YL4flDs0sa1U8FbCZBot9DSLql4GZZhBHPhSZKyJuUt7trOwp2EV8g==

GET
H/1.1 200
OK 630945215-edu-2021-catalog-banners-meganav-r1.jpg
d22bbllmj4tvv8.cloudfront.net/09/ec/fdd4a3b04ad5b86c2f97eaca4bd8/ 17 KB
18 KB 60ms
12ms Image
image/jpeg 143.204.98.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d22bbllmj4tvv8.cloudfront.net/09/ec/fdd4a3b04ad5b86c2f97eaca4bd8/630945215-edu-2021-catalog-banners-meganav-r1.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-96.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e37896d7e638b343bee86fc2e3cf3b746d884b6e02cda06ad4ff115b103b0f9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 15:57:58 GMT
Via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Mon, 15 Mar 2021 16:34:21 GMT
Server: AmazonS3
Age: 2024857
ETag: "22c045ff1e81e12736180aaf8d5582af"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 17852
X-Amz-Cf-Id: I9Sw0_P76CDmBSK6Fzp7ZizuvSblfdO_1swuJkJi8NHvaIGvyaptQg==

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 582E 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Thu, 11 Nov 2021 22:09:37 GMT
expires: Fri, 11 Nov 2022 22:09:37 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 15358
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 21E8 783 B
951 B 17ms
17ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dfcafe8127682bc5180f7d62f7bc3cb4195474302106bd7b29fb9751db44b0de

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-k4cnLxFILw/artScY/DejQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 12 Nov 2021 02:25:35 GMT
date: Fri, 12 Nov 2021 02:25:35 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-k4cnLxFILw/artScY/DejQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js Show response
pagead2.googlesyndication.com/bg/ Frame 582E 35 KB
14 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 20:21:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 194670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13296
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 20:21:05 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 21E8 0
0 42ms
28ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021110901&jk=1076673873431236&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
119 B 44ms
44ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110901&jk=1076673873431236&bg=!oaKloubNAAZQLpa_UC47ACkAdvg8Wi0RmndOQ-dq0k3389EYN-YiCnYQwIs7O4oQw7dr9_tSKMTpXAIAAACMUgAAAA1oAQcKAFSx3olt10QWA_vblOp2CSgZyNi6Ms2EGMqZ_JqdGwwvPkAFWa0vFRSCpdVyOlhzN-pYAl0eFjgnDoQzZjeiYLyb5-GAiuSD67nqEljkE6BAUPOar1eZAsjHMHGFcBs1BHDNPKAL20oNvhejCS9lBTYCOeEDYLsjGO3r3Ky7sMoYLaGF_EuyY9dbZP5hxMNNgWCBdF-9azRoi2JwTGsWZQDyA2XhQhZPB5yp10_t20lGcSAmXThLK5Nr_H_nBi5aPeBKUqzwb2SYoClmRhYRJLSMGJxgO3k1hzpB66obqucD9UgkIrCQLortfQxwgoCsHpy9KmHW9qM5ptk4upoofD7WJCy3i5bN7QJsVxdET9Px-gfGzoF3uYfQtiVYDgTOJeqthLLFiZKZO8nI33Hdc178vN_HNHNE69t_5xP14X_gBKlI3yVqCe_OeoWAfEI_z5LIgWnVaXcBIZ-TlByxhaNxQquL6bPbRdV8N04tX6Q15ijNAny62nv-2kS-Dc-kcu-mGfS9Cx6w0-SmYNicWQ4-ehk1sfwdyzAAqsFdhqmqegb3LecElmGDc-hKJ605bKmSeJq4QQRepuHAce_CWRDfw7hgLhaGVy1WCyA3Gr53Sdf2TG346hBAuglNBJsw9Pq7KV8mD8N7zYFsJ8jXYEKxIZSdIhF6uGOwezy4CAdT2ScIJM5JoBUs6_iw1zZ3_o0Q9EJ3w00t08w-Vz7hsItJNM00DXg0TPE-yB0Y6yMDD7_xKiNt68HNcnQ2y-urfHJYcoUN2-OnrkrFYi11MnC3039ccj_FAn6hKlzCcAHMWZwNKYaqM4dlbwKHMsmQ5UD0ElJ1EL31A98L_72M2d5iCyWWkQFWI4_eNk3JBa8-r2FSvS5qQL9QIvtvDoAh9VmrrLkzkfOorbcseQS2o2FCXsaO0u4EUtY-7dihZz0FJlltiygbYXiPxjAj6vdKjcocSuJIFtx8CtIahO9pXYQR2F7ndieb8T1DLFTIYKa-tQc27T5qB5lOQZ1p3KBiDLbO62PrODOrl21CouUROR8mZD2Zv54sEX65FzrRI0Uk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.td.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 02:25:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.td.org/	1970-01-20 16:09:15	Name: _ga Value: GA1.2.491276104.1636683933
.td.org/	1970-01-19 22:39:30	Name: _gid Value: GA1.2.1601211623.1636683933
.td.org/	1970-01-20 16:09:15	Name: FSAV Value: 95594032.934912347.1636683933.1636683933.1636683933.1.
.td.org/	1970-01-20 03:00:51	Name: FSAC Value: 95594032.1636683933.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)
.td.org/	1970-01-19 22:38:03	Name: _gat Value: 1
.td.org/	1970-01-20 07:23:39	Name: _hjid Value: 1d76a724-2ce6-421a-84b0-2d1bb2fcb406
.td.org/	1970-01-19 22:38:05	Name: _hjFirstSeen Value: 1
.td.org/	1970-01-20 07:59:39	Name: __gads Value: ID=0e842b3d6c68f40a-224e974d55cb0041:T=1636683932:S=ALNI_MYchL3WPiKex2_8bd4v897dyaM6MA
.doubleclick.net/	1970-01-20 07:59:39	Name: IDE Value: AHWqTUn-SQQr-toOC-7-vEWr_8VP8RdZyDwP0zAvgDlJd2DUPRQmr2lkkLPtVBseV-Q
.td.org/	1970-01-20 07:24:00	Name: ab.storage.deviceId.5aa8cf36-8688-4b04-8385-ef090bfa2008 Value: %7B%22g%22%3A%22c1175608-de12-63aa-f92d-a9cc7adb44bb%22%2C%22c%22%3A1636683933148%2C%22l%22%3A1636683933148%7D
.td.org/	1970-01-20 07:23:39	Name: ajs_anonymous_id Value: 712d01d1-3bb9-4aea-ac1f-a3f10826f178
.td.org/	1970-01-20 07:23:39	Name: .StoreAnonymousUser Value: 712d01d1-3bb9-4aea-ac1f-a3f10826f178
.td.org/	1970-01-20 07:24:00	Name: ab.storage.sessionId.5aa8cf36-8688-4b04-8385-ef090bfa2008 Value: %7B%22g%22%3A%2297791740-f95a-d856-0f4e-dec2ca2dfa78%22%2C%22e%22%3A1636683963174%2C%22c%22%3A1636683933146%2C%22l%22%3A1636683933174%7D
.td.org/	1970-01-20 00:47:39	Name: _fbp Value: fb.1.1636683933199.2140918362
.linkedin.com/	1970-01-19 23:21:15	Name: UserMatchHistory Value: AQKN-OrOKmzI1wAAAX0R9ubBakqgsEKieYWEy6NQvTL0jPWla45GN5qZdFHimjSm9ZhIUgFxUpv2Gg
.linkedin.com/	1970-01-19 23:21:15	Name: AnalyticsSyncHistory Value: AQIFO3F4Watj4gAAAX0R9ubBX-UDhtxT-9zRPR3GinVPmx2iVI-CjkO4fRtM-r09dIGgrPsgcyMUQhS0TpSgiw
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:09:57	Name: bcookie Value: "v=2&ab8d668a-72e9-403a-8770-0d853f335ba5"
.linkedin.com/	1970-01-19 22:39:30	Name: lidc Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2153:u=1:x=1:i=1636683933:t=1636770333:v=2:sig=AQFqgfZx-wlgRqyyOrl9auP_Wolf0R7L"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 16:09:57	Name: bscookie Value: "v=1&202111120225334a16e00e-6374-45ee-85ed-986d6320029fAQETqzKPjF9L8HfKqC0iHjgb6H0LlmYT"
.linkedin.com/	1970-01-20 16:00:09	Name: li_gc Value: MTswOzE2MzY2ODM5MzM7MjswMjGOSbAV4jt35NYYFBzi7o3RLDcfIy5ItFh7HgrU78UcWg==
.twitter.com/	1970-01-20 16:09:15	Name: personalization_id Value: "v1_MDdZionTFB+AJJhyV5WnQw=="
www.td.org/	1970-01-19 22:38:04	Name: _hjIncludedInPageviewSample Value: 1
.td.org/	1970-01-19 22:38:05	Name: _hjAbsoluteSessionInProgress Value: 1
www.td.org/	1970-01-19 22:38:04	Name: _hjIncludedInSessionSample Value: 0
.bing.com/	1970-01-20 07:59:39	Name: MUID Value: 1A184467020169A916A9548A036A68B0
.td.org/	1970-01-19 22:39:30	Name: _uetsid Value: d0af4a50435f11ec996b15bd84e2f090
.td.org/	1970-01-20 07:59:39	Name: _uetvid Value: d0af6440435f11ec8f609b3781aeb042
.td.org/	1970-01-19 22:39:30	Name: bsp.country Value: GB
.td.org/	1970-01-20 07:23:39	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Fri+Nov+12+2021+02%3A25%3A34+GMT%2B0000+(GMT)&version=5.2.0&landingPath=https%3A%2F%2Fwww.td.org%2F&EU=true&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1%2C101%3A1%2C102%3A1%2C103%3A1%2C104%3A1%2C105%3A1%2C106%3A1%2C107%3A1%2C108%3A1%2C109%3A1%2C110%3A1%2C111%3A1%2C112%3A1%2C113%3A1%2C114%3A1%2C115%3A1%2C116%3A1%2C117%3A1%2C118%3A1%2C119%3A1%2C120%3A1%2C121%3A1%2C122%3A1%2C123%3A1%2C124%3A1%2C125%3A1%2C126%3A1%2C127%3A1%2C128%3A1%2C129%3A1%2C130%3A1%2C131%3A1%2C132%3A1%2C133%3A1%2C134%3A1%2C135%3A1%2C136%3A1%2C137%3A1%2C138%3A1%2C139%3A1%2C140%3A1%2C141%3A1%2C142%3A1%2C143%3A1%2C144%3A1%2C145%3A1%2C146%3A1%2C147%3A1%2C148%3A1%2C149%3A1%2C150%3A1%2C151%3A1%2C152%3A1%2C153%3A1%2C154%3A1%2C155%3A1%2C156%3A1%2C157%3A1%2C158%3A1%2C159%3A1%2C160%3A1%2C161%3A1%2C162%3A1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.googletagmanager.com/gtm.js?id=%REACT_GTM_ID% Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

31791c57abdf2cfd3457cbea44eea327.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
analytics.formstack.com
analytics.twitter.com
apisegment.td.org
astd.org
atd-api.td.org
bat.bing.com
cdn.segment.com
connect.facebook.net
d19d5sz0wkl0lu.cloudfront.net
d22bbllmj4tvv8.cloudfront.net
d2suo6y6ick5ug.cloudfront.net
emailprofile.td.org
geolocation.onetrust.com
googleads.g.doubleclick.net
in.hotjar.com
js.appboycdn.com
optanon.blob.core.windows.net
pagead2.googlesyndication.com
polyfill.io
px.ads.linkedin.com
px4.ads.linkedin.com
s3.amazonaws.com
script.hotjar.com
sdk.iad-03.braze.com
securepubads.g.doubleclick.net
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
tpc.googlesyndication.com
unpkg.com
vars.hotjar.com
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.td.org
104.244.42.131
104.244.42.133
108.174.10.14
142.250.185.194
142.250.186.66
143.204.101.35
143.204.98.123
143.204.98.33
143.204.98.62
143.204.98.93
143.204.98.96
143.204.99.83
151.101.65.208
199.232.136.157
2600:9000:2156:5e00:1c:69b2:9480:21
2600:9000:2156:6600:6:4f98:bc40:93a1
2606:4700:10::6814:b944
2606:4700:10::6816:4e93
2606:4700:10::6816:4f93
2606:4700:10::6816:94f
2606:4700::6810:7aaf
2620:119:50e5:101::9002:c05
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:808::2001
2a00:1450:4001:808::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:400c:c03::9a
2a02:26f0:6c00::210:ba11
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a03:b0c0:3:d0::d23:4001
2a04:4e42:600::282
52.210.84.221
52.216.138.149
52.239.137.4
66.227.71.166
0302bd2949754f823cbd89f3108b14fdfd0f053c02e7af6b6fe35258bbf0b261
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05de8a83425a80584b4913271db2c62266572ff14914c439939aae2355e1ff12
06f66f419a7bd47d642fe40cee02fea6e5d10023f2b7ba696e4695888c5190b4
0915fb8fdb9fdb4aba717bb0112ddd88196770320825c5c05e115e99ad4ff29b
09d71848005e2a44102e11442fccc6b1429039cbd02c66cce4d96db18132d68f
0bd0bc4edd5e4b256b9c40ce082680ad16a78ac5faf4d3337d39cf9605518bfe
100ee80fed6ae64ba04a7067d73e92b4d9988d07f25dc311220572ddb26a4a2a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12ae01d498fd998263b555e99880c6838ef6acca33fcd2e1cb12367a99e928f4
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1564be87420b33b11c47cf2b30d816bfc5735397b5f82a3d0916b05ea17a6e1c
19156f4d87766f7222b1958a41aae4a3a148ea509bf5da7213651650d633b210
1f93261e6db2c54e59dd3384dbb44d59a47c0118c3526bec3a3e5f52925e5243
24dcc4d51a509e8e7ab69e6e0dcbcf2134123c135badaa5fa6ddc2c2287f9b80
290cb5d09439fb608eeeb01483d09a76d15f0056e3ff581a1a3d645f5ce9fb21
29b0455cafe4c2011761c4b873006f612b67a74a536cb0fce0dc7c8c9734b7ef
2bd6628e4b4023608f91392be7d69fbe287d178db35745fe031adedf8d85f877
2c69543e28c40655b92c15bbb299fb01df84baa23ab3f42bff34e1280aeced76
31d82c559174131618f95648c26d1b5e6095ae5fa5f6b984eba8cd76fe765259
322bd1dee56f5d22b27f5567d1d2ee25bb6c1a29b2f597e3648363c6e44e131b
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3f0fe70eb26ccf28f6887a192e29d38dd7ef7c2f079a73304ad42ddc7bed37de
3fd9f160495e13ca8b9261831a698e2195ee4dc67c92253b6353af84511431f4
3feda6c090f3b4e272c47e180e5b69a02e5913bc56b2b06f6060c9df2bf8fb07
42e6969db849f0abdf6106a23ca98c32f1bddb2608b03538ce2dc726c86d957a
4397a57f8357b3b0371c6df32a62b87eaa43218c42fa538fb34980bfb0b20a78
453ceca4cb76352b2bb70f1fe11d9d56e2c0ffd75e10b350f8c59d7955ba3e16
4736a9f0dc07755d17719c58453b8d01c6dd4fa1efaf6e718fe15135cfe8794c
4cb2c4a73e816ed4cc66bd87a862b7240c5dc6f790039d31a1129dd9144a5c8c
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
51f0fcf2f2562dc8ab3e58a0ca388bc4b033adc36f2a7efcb51f0b25e5ba5b6c
528d1ff7a7d47780f4bf0ab28b55aa1f0dca82343a2b45fe4aead20af63f7499
53682d5e13eeda49ac7d909151825a7ace02687f08e670d8d92e4b24f338f74f
56ed64ba1a0f1af7b481c5ae8ea4124175048757a70b7e2defa1038edf0c8cf1
5ad7b91941f455bd1260b2d44ab9de7b3cfc1fff40fb56c4798afef02d8d012e
5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266
5c156222ef3eb1228001f6746c78136377d6f4f5387af85ee1ddf147d7e4263b
5f045a02ac49edc45abbfaf1b3c260c7ac7e0193456be4f1dc81b345c0d7a507
601837441752c96e0ce16346aa1dd61f984c6854cfafc2928355f8bb8c35c31c
6255e08ec3283e0c5d5320814ae89fef9dc907528a56a914f5737bbd3c480bb9
65b71260aaf2902a4bedc0408a564fd6ebb5bbde78a9867b38bfa709dcc2c24e
66681843d2dddef898a0e614bc668cab30aceecd7a0d89965b7b0447bfcf14c4
6808606f67ead23715cb9cb39b526193616113b8e5728b7ee36eb659bfc4f81a
6eda1593a088e77f6f338561b24051361c702f9046c8d3154450619fbacc925e
74c26e537842a63c8b131702b446c6c5f0f4bc022703a4df1494113812b73335
74fb6fd562fa0fbbd20a46d709187a3bf572b52fa071c2a4f8482f864bc1a0d7
777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b
78da1701130cff315a738309e9a1636114a0261cdc64f8ee6785575457110a85
7b5e884ac6bca471440d62a21038e1b0342c4bc6e840388256b5f4137c2e666e
7f0690cc7aa3e0a4f7ad0894766c1db5c291fb1d4840bfe4ab91cb393b77a608
810e25ccf5444427aeaf905afc9fc0ad24eeccbb4bc22de7c3572a978a772a77
84ca83097977463be96eb6ee5ee4fd8208864ef04abae57fe837c656154d2793
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8b975e3e6910f571ee21a21922394a133e7cfd1ae1207bab6d5a629c142321aa
8c7787c3a784efd64314202ef49eb5a274825d80cfa8b0fcfe2039ca8f311e49
92c863d2d2c6231dd341c4ad2977cb86fce24a8c5e460009f35488c8b7a92ea1
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93a9d9d5a4ab5dcdb27f996468a6d5f09b7d4a4d784aadbf95ffd69809740566
98cfbc4941d976520dde0a548b87b499e1c0454f9bc38aeb581b9e13b1e219a7
9bfb5242b9e81314450cf0e737906cc5fd97c54dbc8f024daabe64bc310b8b2e
9cd37aa027c8539bd71677e5c17400c240e5563a65a114ecbbd561e72be28c15
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4cd72a2bc2315d2eb1236c9357592514a63cc29b355dea5ccfdea477de6c8f1
a4ddb19a724fe9ddb3ef72c31d2eea21840f495220dc653909340b8cd70692c6
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a62a195b293cb64d2210b9ff1b3eb5bf4c0a3b93df529a53fa44f0c90561d082
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a80f59974c5ccd387deec03610ed74dca814b0b9b42154efc24b763baf41ab25
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf
b1d2559162fd73cd23bc46ba1447216b6de912a5663f67eb379117e72d42fd22
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b41e379eb63cf215a52ae159f210dbe58ab9e6d9b3e84f6c908d3e80da7a3c14
b46c99b0ab99ea411bb99b8b17ed07ed74c5e40ba005b886c614b5a536652917
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b8a7e9f048c30e7f75c75176225123a60adaa05afa3587de2726ca8013a8a005
c29a52c564bef2d326c8723396c01258f2d4ed22b85af4c5de81de5ee18180ae
c4d1097235e3d62bdc801199ce2e2a78d72c8ec112952e9b7ccb348f2f3015fb
c4f1509b81c2ab3166dcced2dc804fd62fd6339679715bb93788f2d2a4a34215
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
d068af5c09c1417e301e13b2c90fa877e0a24e0baae8160b6b77f1650486eb13
d14d183511e8d8ac1bf94246195e7ccd3ca0c4ae4e9bff44e8c22c2474ed0077
d6d0cbbd4b98e42144157dfca58e735ed256ea70f70483c26b2b5c365717a3b2
d9ebe24a565a41a87adc5de5b4c0e8ca3d478af54d64d315c32ad0425ce991ce
dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfcafe8127682bc5180f7d62f7bc3cb4195474302106bd7b29fb9751db44b0de
e09406c4489f5b31f50d9e94da0b254121bf0bdb9e079c82d53a8734ac7cc321
e1ccde1698c49dad6c2cbae7d1c8187a42268ccb80387a5bf3561f90f0bba488
e37896d7e638b343bee86fc2e3cf3b746d884b6e02cda06ad4ff115b103b0f9d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4702fbb2e7f984de5f3668eb9bdcb08b2031694022045034084ea552b7950ee
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e8258025a52d6a39d0e785515c413aaff00fccf50630654e0545907c28992530
e9b03aa892e17dfd9c64bd6c8cff4bda900a8e041764e25e7c23121e3bfc9ad4
ea13469d1830c2857900e907446c214d67166e3377285f52439665d47aa9a12e
ee9b8e4e2413a5b123288999d4a6d302afe31e08df6015b5a8efb4b127b23d4a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7980c585421d1ea00766e57b4ee23676823bebf4c5619e8779d8e5ad481987
f02c316d98e7c14bcbc6f6a72d31f4f1644818a6771f14535cb1676812bda947
f3932e62b4ca1e14d91eaeff13bc9b5c8519b08083bd2f6748fd44877693f526
f395875eb5d58c5128c434812cd0a53d438b11536f7fd1577077d8a5c612e1fd
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

www.td.org Open in urlscan Pro 2606:4700:10::6816:4f93 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

133 Requests

96 %HTTPS

60 %IPv6

30 Domains

46 Subdomains

43 IPs

4 Countries

6956 kBTransfer

10177 kBSize

31 Cookies

47 Outgoing links

Page URL History

Redirected requests

133 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.td.org Open in urlscan Pro
2606:4700:10::6816:4f93 Public Scan

Screenshot
Live screenshot

Full Image

133
Requests

96 %
HTTPS

60 %
IPv6

30
Domains

46
Subdomains

43
IPs

4
Countries

6956 kB
Transfer

10177 kB
Size

31
Cookies

133 HTTP transactions
4 data transactions