andareincentives.com Open in urlscan Pro
2620:12a:8000::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://d10dt004.na1.hubspotlinksstarter.com/Ctc/W2%20113/d10dt004/VVsBKN3T-sgvW3c1PLc76gZBSW93kvSZ4TC7W9N7xs-wc3l0fcV1-WJV7CgTpkVTRjSv1VFK8j...
Effective URL:
https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8...
Submission: On December 21 via api (December 21st 2022, 4:13:58 pm UTC) from US — Scanned from DE

Summary HTTP 110 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 27 IPs in 4 countries across 21 domains to perform 110 HTTP transactions. The main IP is 2620:12a:8000::3, located in United States and belongs to FASTLY, US. The main domain is andareincentives.com.
TLS certificate: Issued by R3 on November 20th 2022. Valid for: 3 months.

This is the only time andareincentives.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700:440... 2606:4700:4400::ac40:9615	13335 (CLOUDFLAR...) (CLOUDFLARENET)
43	2620:12a:8000::3 2620:12a:8000::3	54113 (FASTLY) (FASTLY)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
8	151.101.0.176 151.101.0.176	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:80d::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80c::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:45b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:21ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:803::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:804::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2016	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
13	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:223... 2600:9000:223e:5400:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	44.239.165.78 44.239.165.78	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:80d::2004	15169 (GOOGLE) (GOOGLE)
5	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
110	27

2 2606:4700:4400::ac40:9615 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

d10dt004.na1.hubspotlinksstarter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2620:12a:8000::3 (United States)

ASN54113 (FASTLY, US)

andareincentives.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.0.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:45b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:21ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:802::2002 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:803::2006 (Ireland)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::200e (Ireland)

ASN15169 (GOOGLE, US)

redirector.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:804::2001 (Ireland)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223e:5400:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.239.165.78 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-165-78.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (Lake Oswego, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	andareincentives.com andareincentives.com	5 MB
22	stripe.com js.stripe.com — Cisco Umbrella Rank: 982 q.stripe.com — Cisco Umbrella Rank: 6290 r.stripe.com — Cisco Umbrella Rank: 4101 m.stripe.com — Cisco Umbrella Rank: 976	282 KB
10	youtube.com www.youtube.com — Cisco Umbrella Rank: 73	828 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	113 KB
5	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 336	15 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37 jnn-pa.googleapis.com — Cisco Umbrella Rank: 182	32 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 static.doubleclick.net — Cisco Umbrella Rank: 202	1 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1099	16 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 686	97 KB
2	hubspotlinksstarter.com 1 redirects d10dt004.na1.hubspotlinksstarter.com	3 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 221	523 B
1	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2327	890 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	14 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 82	22 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 213	2 KB
1	googlevideo.com redirector.googlevideo.com — Cisco Umbrella Rank: 855	970 B
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2228	63 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2217	20 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2271	837 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	43 KB
110	21

	Domain	Requested by
43	andareincentives.com	d10dt004.na1.hubspotlinksstarter.com andareincentives.com
10	www.youtube.com	andareincentives.com www.youtube.com
9	r.stripe.com	js.stripe.com
8	js.stripe.com	andareincentives.com js.stripe.com
5	js-agent.newrelic.com	andareincentives.com
4	q.stripe.com	d10dt004.na1.hubspotlinksstarter.com
4	jnn-pa.googleapis.com	www.youtube.com
4	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	code.jquery.com	andareincentives.com
2	d10dt004.na1.hubspotlinksstarter.com	1 redirects
1	bam.nr-data.net	js-agent.newrelic.com
1	track.hubspot.com
1	www.google.com	www.youtube.com
1	m.stripe.com	m.stripe.network
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	redirector.googlevideo.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	fonts.googleapis.com	andareincentives.com
1	js.hs-scripts.com	andareincentives.com
1	www.googletagmanager.com	andareincentives.com
110	27

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
www.facebook.com
www.instagram.com

Subject Issuer	Validity	Valid
hubspotlinksstarter.com Cloudflare Inc ECC CA-3	`2022-05-17` - `2023-05-17`	a year	crt.sh
andareincentives.com R3	`2022-11-20` - `2023-02-18`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-12-15` - `2024-01-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-12` - `2023-03-09`	4 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-15` - `2023-01-26`	4 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
Frame ID: 3C9367D3EC9DB21463ECD9731C429E5A
Requests: 64 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ZcQSzhTBKXQ
Frame ID: 2A83C96E054AE4482F96B8625106B368
Requests: 23 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: CB1A4BA683CABC03A0E4C466EAC92E69
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-6f1454e4b56b1802d6355e856265f8b9.html
Frame ID: 2CF3C1B4311CA76977345CE3C1B30008
Requests: 14 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 5F8C8B24E9BC8028DB52E4854861B756
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Incentive Travel Destinations • Andaré

Page URL History Show full URLs

https://d10dt004.na1.hubspotlinksstarter.com/Ctc/W2%20113/d10dt004/VVsBKN3T-sgvW3c1PLc76gZBSW93kvSZ4TC7W9N7xs-wc3l0fcV1-W... Page URL
https://d10dt004.na1.hubspotlinksstarter.com/events/public/v1/encoded/track/tc/W2%20113/d10dt004/VVsBKN3T-sgvW3c1PLc76gZB... HTTP 307
https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

110
Requests

99 %
HTTPS

81 %
IPv6

21
Domains

27
Subdomains

27
IPs

4
Countries

7163 kB
Transfer

11257 kB
Size

13
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.linkedin.com/company/andareincentives/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/andareincentives

Search URL Search Domain Scan URL

URL: https://www.instagram.com/andareincentives/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://d10dt004.na1.hubspotlinksstarter.com/Ctc/W2%20113/d10dt004/VVsBKN3T-sgvW3c1PLc76gZBSW93kvSZ4TC7W9N7xs-wc3l0fcV1-WJV7CgTpkVTRjSv1VFK8jW4ZKjMX8Y3b6WW7M6b9w6_FG-NVLKHN_2rlHnJW8GsLTX5mrJzgW6HMgs47x5bjzW2hhjLp8G2xvqN788mBltQThpW7q774l22GMjCW1bGNSk810jBnW5NLvKY3fpwxfW3lJTw_5wM5Y8N4_mFQ1rTzXbW8xSs3h2yzDj3W1ncZqQ3HX1BLW9gWmZs3CQsghW1BSHz-1j4NJVW5M1ZD24n6s_NW3GKxyf1vCZBJW5tD6dY7trmyx34681 Page URL
https://d10dt004.na1.hubspotlinksstarter.com/events/public/v1/encoded/track/tc/W2%20113/d10dt004/VVsBKN3T-sgvW3c1PLc76gZBSW93kvSZ4TC7W9N7xs-wc3l0fcV1-WJV7CgTpkVTRjSv1VFK8jW4ZKjMX8Y3b6WW7M6b9w6_FG-NVLKHN_2rlHnJW8GsLTX5mrJzgW6HMgs47x5bjzW2hhjLp8G2xvqN788mBltQThpW7q774l22GMjCW1bGNSk810jBnW5NLvKY3fpwxfW3lJTw_5wM5Y8N4_mFQ1rTzXbW8xSs3h2yzDj3W1ncZqQ3HX1BLW9gWmZs3CQsghW1BSHz-1j4NJVW5M1ZD24n6s_NW3GKxyf1vCZBJW5tD6dY7trmyx34681?_ud=79f09219-885c-4545-8230-e8decc7d3e2b&_jss=1&_fl=8&_pl=3&_hc=4&_lg=en-US,en&_plt=Win32&_scr=1600,1200 HTTP 307
https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

110 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VVsBKN3T-sgvW3c1PLc76gZBSW93kvSZ4TC7W9N7xs-wc3l0fcV1-WJV7CgTpkVTRjSv1VFK8jW4ZKjMX8Y3b6WW7M6b9w6_FG-NVLKHN_2rlHnJW8GsLTX5mrJzgW6HMgs47x5bjzW2hhjLp8G2xvqN788mBltQThpW7q774l22GMjCW1bGNSk810jBnW5NLvKY3...
d10dt004.na1.hubspotlinksstarter.com/Ctc/W2%20113/d10dt004/ 10 KB
3 KB 467ms
430ms Document
text/html 2606:4700:4400::ac40:9615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d10dt004.na1.hubspotlinksstarter.com/Ctc/W2%20113/d10dt004/VVsBKN3T-sgvW3c1PLc76gZBSW93kvSZ4TC7W9N7xs-wc3l0fcV1-WJV7CgTpkVTRjSv1VFK8jW4ZKjMX8Y3b6WW7M6b9w6_FG-NVLKHN_2rlHnJW8GsLTX5mrJzgW6HMgs47x5bjzW2hhjLp8G2xvqN788mBltQThpW7q774l22GMjCW1bGNSk810jBnW5NLvKY3fpwxfW3lJTw_5wM5Y8N4_mFQ1rTzXbW8xSs3h2yzDj3W1ncZqQ3HX1BLW9gWmZs3CQsghW1BSHz-1j4NJVW5M1ZD24n6s_NW3GKxyf1vCZBJW5tD6dY7trmyx34681
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
cf-cache-status: DYNAMIC
cf-ray: 77d1e82fff27900c-FRA
content-encoding: br
content-type: text/html;charset=utf-8
date: Wed, 21 Dec 2022 16:13:47 GMT
referrer-policy: no-referrer
server: cloudflare
vary: origin
x-hubspot-correlation-id: f166f7e4-dfe0-4918-83dc-07b2e423f352
x-robots-tag: none

GET
H2

200

Primary Request / Show response
andareincentives.com/
Redirect Chain

https://d10dt004.na1.hubspotlinksstarter.com/events/public/v1/encoded/track/tc/W2%20113/d10dt004/VVsBKN3T-sgvW3c1PLc76gZBSW93kvSZ4TC7W9N7xs-wc3l0fcV1-WJV7CgTpkVTRjSv1VFK8jW4ZKjMX8Y3b6WW7M6b9w6_FG-N...
https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_...

158 KB
55 KB

1644ms
1065ms

Document
text/html

2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email

Requested by

Host: d10dt004.na1.hubspotlinksstarter.com
URL: https://d10dt004.na1.hubspotlinksstarter.com/Ctc/W2%20113/d10dt004/VVsBKN3T-sgvW3c1PLc76gZBSW93kvSZ4TC7W9N7xs-wc3l0fcV1-WJV7CgTpkVTRjSv1VFK8jW4ZKjMX8Y3b6WW7M6b9w6_FG-NVLKHN_2rlHnJW8GsLTX5mrJzgW6HMgs47x5bjzW2hhjLp8G2xvqN788mBltQThpW7q774l22GMjCW1bGNSk810jBnW5NLvKY3fpwxfW3lJTw_5wM5Y8N4_mFQ1rTzXbW8xSs3h2yzDj3W1ncZqQ3HX1BLW9gWmZs3CQsghW1BSHz-1j4NJVW5M1ZD24n6s_NW3GKxyf1vCZBJW5tD6dY7trmyx34681

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

2622843dcd4e80e82792aee39dd55c0a5c4d5d2a89ca8a72b14f10620a688d01

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://d10dt004.na1.hubspotlinksstarter.com/Ctc/W2%20113/d10dt004/VVsBKN3T-sgvW3c1PLc76gZBSW93kvSZ4TC7W9N7xs-wc3l0fcV1-WJV7CgTpkVTRjSv1VFK8jW4ZKjMX8Y3b6WW7M6b9w6_FG-NVLKHN_2rlHnJW8GsLTX5mrJzgW6HMgs47x5bjzW2hhjLp8G2xvqN788mBltQThpW7q774l22GMjCW1bGNSk810jBnW5NLvKY3fpwxfW3lJTw_5wM5Y8N4_mFQ1rTzXbW8xSs3h2yzDj3W1ncZqQ3HX1BLW9gWmZs3CQsghW1BSHz-1j4NJVW5M1ZD24n6s_NW3GKxyf1vCZBJW5tD6dY7trmyx34681
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: public, max-age=600
content-encoding: gzip
content-length: 56125
content-type: text/html; charset=UTF-8
date: Wed, 21 Dec 2022 16:13:49 GMT
link: <https://andareincentives.com/wp-json/>; rel="https://api.w.org/" <https://andareincentives.com/>; rel=shortlink
server: nginx
strict-transport-security: max-age=300
vary: Accept-Encoding, Cookie, Cookie
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-pantheon-styx-hostname: styx-fe3-a-6c8ff8b94-pphg6
x-served-by: cache-chi-kigq8000048-CHI, cache-maa10223-MAA
x-styx-req-id: 73801f84-814a-11ed-9311-32f8adc057bc
x-timer: S1671639228.241915,VS0,VE807

Redirect headers

access-control-allow-credentials: false
cf-cache-status: DYNAMIC
cf-ray: 77d1e832cc2e900c-FRA
date: Wed, 21 Dec 2022 16:13:47 GMT
link: <https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email>; rel="canonical"
location: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
referrer-policy: no-referrer
server: cloudflare
vary: origin
x-hubspot-correlation-id: 878d8c19-b9ed-46f6-85a1-e8d231f6d09f
x-robots-tag: none

GET
H2 200 wp-emoji-release.min.js Show response
andareincentives.com/wp-includes/js/ 14 KB
5 KB 258ms
258ms Script
application/x-javascript 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://andareincentives.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.2

Requested by

Host: andareincentives.com
URL: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 16 Dec 2023 08:08:17 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 21 Dec 2022 16:13:49 GMT
age: 547531
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-b-85b85cd7b6-4x2h5
content-length: 5247
x-served-by: cache-chi-klot8100040-CHI, cache-maa10223-MAA
last-modified: Thu, 15 Dec 2022 08:07:17 GMT
server: nginx
x-timer: S1671639229.357693,VS0,VE1
etag: W/"639ad5b5-364d"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: a1ef87ee-7c4f-11ed-a6ae-2ebce7380c33
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 60, 1

GET
H2 200 andare-public.css
andareincentives.com/wp-content/plugins/andare/public/css/ 98 B
292 B 338ms
336ms Stylesheet
text/css 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://andareincentives.com/wp-content/plugins/andare/public/css/andare-public.css?ver=1.0.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 16 Dec 2023 08:08:17 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 21 Dec 2022 16:13:49 GMT
age: 547531
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-b-85b85cd7b6-c8nvj
content-length: 106
x-served-by: cache-chi-klot8100156-CHI, cache-maa10223-MAA
last-modified: Thu, 15 Dec 2022 08:07:16 GMT
server: nginx
x-timer: S1671639229.358828,VS0,VE9
etag: W/"639ad5b4-62"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: a1f2994c-7c4f-11ed-b4dc-3e1779448cd7
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 front.min.css
andareincentives.com/wp-content/plugins/cookie-notice/css/ 5 KB
1 KB 269ms
268ms Stylesheet
text/css 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://andareincentives.com/wp-content/plugins/cookie-notice/css/front.min.css?ver=5.4.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

52f668d0c674f4029e8e4ff528bcc1e51307e6568c03c9c6a4d3ba6c9ac1302e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 16 Dec 2023 08:08:17 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 21 Dec 2022 16:13:49 GMT
age: 547531
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-a-554f6c46b4-zcmm7
content-length: 1289
x-served-by: cache-chi-kigq8000179-CHI, cache-maa10223-MAA
last-modified: Thu, 15 Dec 2022 08:07:16 GMT
server: nginx
x-timer: S1671639229.359244,VS0,VE1
etag: W/"639ad5b4-1555"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: a1ef8a58-7c4f-11ed-a453-52216e101c18
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 jquery.lazyloadxt.spinner.css
andareincentives.com/wp-content/plugins/a3-lazy-load/assets/css/ 311 B
394 B 275ms
273ms Stylesheet
text/css 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://andareincentives.com/wp-content/plugins/a3-lazy-load/assets/css/jquery.lazyloadxt.spinner.css?ver=5.4.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

d982c4fff78c63ed84481eb36845e3b9e2753bfe996a3ba45835f75c6af1dc55

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 16 Dec 2023 08:08:17 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 21 Dec 2022 16:13:49 GMT
age: 547531
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-b-85b85cd7b6-4x2h5
content-length: 213
x-served-by: cache-chi-klot8100059-CHI, cache-maa10223-MAA
last-modified: Thu, 15 Dec 2022 08:07:16 GMT
server: nginx
x-timer: S1671639229.359651,VS0,VE1
etag: W/"639ad5b4-137"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: a1ef7874-7c4f-11ed-a6ae-2ebce7380c33
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 a3_lazy_load.min.css
andareincentives.com/wp-content/uploads/sass/ 127 B
387 B 269ms
268ms Stylesheet
text/css 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://andareincentives.com/wp-content/uploads/sass/a3_lazy_load.min.css?ver=1564437088

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

a2f1b190e5d5a3063c35b75b1a00c039b13e171eb7b099299dcb67e9e4fe65cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Fri, 27 Oct 2023 15:42:12 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 21 Dec 2022 16:13:49 GMT
age: 547531
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-b-7b599b5964-jzs4c
content-length: 112
x-served-by: cache-chi-kigq8000071-CHI, cache-maa10223-MAA
last-modified: Tue, 11 Feb 2020 15:47:48 GMT
server: nginx
x-timer: S1671639229.359616,VS0,VE1
etag: W/"5e42cca4-7f"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: c20ea1a3-5544-11ed-b519-56cd16530d68
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 style.css
andareincentives.com/wp-content/themes/andare/ 162 KB
34 KB 275ms
274ms Stylesheet
text/css 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://andareincentives.com/wp-content/themes/andare/style.css?ver=4.1.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

7b5eab3530601730aeeb92088210c53ffffbdce53f0fd70c8a188243a4519c7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 16 Dec 2023 08:08:17 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 21 Dec 2022 16:13:49 GMT
age: 547531
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-a-554f6c46b4-zcmm7
content-length: 34593
x-served-by: cache-chi-klot8100096-CHI, cache-maa10223-MAA
last-modified: Thu, 15 Dec 2022 08:07:18 GMT
server: nginx
x-timer: S1671639229.359612,VS0,VE2
etag: W/"639ad5b6-2873e"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: a1ef842f-7c4f-11ed-a453-52216e101c18
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 print.css
andareincentives.com/wp-content/themes/andare/ 1 KB
812 B 274ms
272ms Stylesheet
text/css 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://andareincentives.com/wp-content/themes/andare/print.css?ver=4.1.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c91074d9eec7957eb6cf4b1289a8f6689af575754d5f876cf3714feae7068d38

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 16 Dec 2023 08:08:17 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 21 Dec 2022 16:13:49 GMT
age: 547531
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-a-554f6c46b4-rffwg
content-length: 575
x-served-by: cache-chi-kigq8000118-CHI, cache-maa10223-MAA
last-modified: Thu, 15 Dec 2022 08:07:17 GMT
server: nginx
x-timer: S1671639229.359557,VS0,VE1
etag: W/"639ad5b5-5ae"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: a1ef7fa3-7c4f-11ed-9064-eefd1ef4bead
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 jquery-3.4.0.min.js Show response
code.jquery.com/ 86 KB
30 KB 2018ms
1280ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.0.min.js
Requested by: Host: andareincentives.com
URL: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 16:13:49 GMT
content-encoding: gzip
x-sp-metadata: HS256.CM39jJ0GEp8BCiQ5YzdmZTAzZi0zN2Y2LTQyYTgtYjJmNS0xMjg0MTRmNDFjOTIQ+OiCoKvU+wIaBgi94YydBiIkMjAwMTphYzg6MjA6M2EwMDoxMDExOjJmZjY6ZGI5NDo4YTMzKOraAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkZmE5NTE3ZGMtYjcyNS00MzlkLTljNjgtMTM2ZTJjNWM4MzQ4GKjvASIYCAISFGNkczIxNS5mcjguaHdjZG4ubmV0.84l0hS84qCMxzHkS/WVFQ8Id0pDEr3RrKXJNFiWf5/k=
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-15857"
vary: Accept-Encoding
x-hw: 1671639229.dop133.fr8.t,1671639229.cds016.fr8.hn,1671639229.cds215.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30632

GET
H2 200 front.min.js Show response
andareincentives.com/wp-content/plugins/cookie-notice/js/ 9 KB
3 KB 336ms
335ms Script
application/x-javascript 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://andareincentives.com/wp-content/plugins/cookie-notice/js/front.min.js?ver=1.3.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

dc51ed5137587b9033d06b65d9456d6d69dc52a4005cc51b2d23f85e69d4f8c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 16 Dec 2023 08:08:17 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 21 Dec 2022 16:13:49 GMT
age: 547531
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-b-85b85cd7b6-nqsbk
content-length: 2503
x-served-by: cache-chi-klot8100044-CHI, cache-maa10223-MAA
last-modified: Thu, 15 Dec 2022 08:07:16 GMT
server: nginx
x-timer: S1671639229.360041,VS0,VE3
etag: W/"639ad5b4-2474"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: a1f05f6a-7c4f-11ed-9d5b-96dd7c75e493
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 rfp.js Show response
andareincentives.com/wp-content/plugins/andare/public/js/ 1018 B
658 B 336ms
335ms Script
application/x-javascript 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://andareincentives.com/wp-content/plugins/andare/public/js/rfp.js?ver=1.0.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

71ff99066d74da4f8f3a8c9fbbbe84bf9b910748765309557c152b340a350490

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 16 Dec 2023 08:08:17 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 21 Dec 2022 16:13:49 GMT
age: 547531
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-a-554f6c46b4-rffwg
content-length: 476
x-served-by: cache-chi-kigq8000077-CHI, cache-maa10223-MAA
last-modified: Thu, 15 Dec 2022 08:07:16 GMT
server: nginx
x-timer: S1671639229.360250,VS0,VE4
etag: W/"639ad5b4-3fa"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: a1ef811e-7c4f-11ed-9064-eefd1ef4bead
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 / Show response
js.stripe.com/v3/ 408 KB
98 KB 38ms
9ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/?ver=3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

22ff6d1b7484ac9419147f4d03ef30e5a0f4a5bb4f98ef4c053fbe2008db3876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 21 Dec 2022 16:13:49 GMT
via: 1.1 varnish
age: 35
x-cache: HIT
content-length: 100370
x-request-id: caeffb73-475a-4a84-9eda-6edf0054f10a
x-served-by: cache-hhn-etou8220076-HHN
last-modified: Tue, 20 Dec 2022 22:06:18 GMT
server: Fastly
etag: "3da65f0a6b997182954653756071ec76"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 11

GET
H2 200 stripe.min.js Show response
andareincentives.com/wp-content/plugins/restrict-content-pro/includes/gateways/stripe/js/ 3 KB
1 KB 335ms
334ms Script
application/x-javascript 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://andareincentives.com/wp-content/plugins/restrict-content-pro/includes/gateways/stripe/js/stripe.min.js?ver=3.3.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

a806401e3fb66c7702de2e602f1da862d7a0120df8a1c76e5592fa03f2195f84

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 16 Dec 2023 08:08:17 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 21 Dec 2022 16:13:49 GMT
age: 547531
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-a-554f6c46b4-rffwg
content-length: 992
x-served-by: cache-chi-kigq8000082-CHI, cache-maa10223-MAA
last-modified: Thu, 15 Dec 2022 08:07:16 GMT
server: nginx
x-timer: S1671639229.360228,VS0,VE1
etag: W/"639ad5b4-c34"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: a1f19b21-7c4f-11ed-9064-eefd1ef4bead
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 register.min.js Show response
andareincentives.com/wp-content/plugins/restrict-content-pro/includes/gateways/stripe/js/ 4 KB
2 KB 514ms
514ms Script
application/x-javascript 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://andareincentives.com/wp-content/plugins/restrict-content-pro/includes/gateways/stripe/js/register.min.js?ver=3.3.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

de53b132680c6d47b477dc059b01330332c5427deb867bbad05c559618ac18db

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sun, 17 Dec 2023 05:44:22 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 21 Dec 2022 16:13:49 GMT
age: 469767
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-b-85b85cd7b6-g869j
content-length: 1584
x-served-by: cache-chi-klot8100136-CHI, cache-maa10223-MAA
last-modified: Thu, 15 Dec 2022 08:07:16 GMT
server: nginx
x-timer: S1671639230.615766,VS0,VE1
etag: W/"639ad5b4-116b"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: b134a4a7-7d04-11ed-b8e1-42366567dba7
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 42ms
18ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-156497543-1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ad23609197845c2941c0b152c925118d03248799352a13ff83c38f9e2805942c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 16:13:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43579
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Dec 2022 16:13:51 GMT

GET
H2 200 Andare-Logo-RGB-Smoke.png
andareincentives.com/wp-content/uploads/2019/05/ 19 KB
19 KB 665ms
663ms Image
image/png 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://andareincentives.com/wp-content/uploads/2019/05/Andare-Logo-RGB-Smoke.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

af5bce79d299ff355872e8a6898f67f62e19d0e552bc822608ed25d71a60c045

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe3-a-d9f8897dc-xl9j5
strict-transport-security: max-age=300
date: Wed, 21 Dec 2022 16:13:51 GMT
via: 1.1 varnish, 1.1 varnish
expires: Thu, 09 Nov 2023 08:48:06 GMT
age: 547533
x-cache: HIT, MISS
content-length: 19272
x-served-by: cache-chi-klot8100024-CHI, cache-maa10223-MAA
last-modified: Tue, 11 Feb 2020 15:47:52 GMT
server: nginx
x-timer: S1671639231.428504,VS0,VE243
etag: "5e42cca8-4b48"
content-type: image/png
x-styx-req-id: 10963d14-5f42-11ed-8473-c22246630c74
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 3, 0

GET
H2 200 intro-video.png
andareincentives.com/wp-content/uploads/2021/06/ 3 MB
3 MB 283ms
280ms Image
image/png 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://andareincentives.com/wp-content/uploads/2021/06/intro-video.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

73cb72b4f2673f0806a8b28718c9ce02f3600b396c3de248c3fc8d00731d503a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sun, 09 Jul 2023 21:27:22 GMT
strict-transport-security: max-age=300
date: Wed, 21 Dec 2022 16:13:51 GMT
via: 1.1 varnish, 1.1 varnish
x-pantheon-styx-hostname: styx-fe3-a-85fdd6db88-kknn8
age: 547533
x-cache: HIT, HIT
content-length: 3042678
x-served-by: cache-chi-klot8100094-CHI, cache-maa10223-MAA
last-modified: Mon, 07 Jun 2021 13:33:06 GMT
server: nginx
traceparent: 00-385682f05821440c8153ca02520e8d06-742fb0f89f1c59ba-00
x-timer: S1671639231.428480,VS0,VE8
etag: "60be2012-2e6d76"
content-type: image/png
x-styx-req-id: c0c1a402-ff04-11ec-90d3-7ae799d76340
x-cloud-trace-context: 385682f05821440c8153ca02520e8d06/8372104814172854714;o=0
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 93, 1

GET
H2 200 andare-public.js Show response
andareincentives.com/wp-content/plugins/andare/public/js/ 838 B
741 B 259ms
259ms Script
application/x-javascript 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://andareincentives.com/wp-content/plugins/andare/public/js/andare-public.js?ver=1.0.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 16 Dec 2023 08:08:18 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 21 Dec 2022 16:13:50 GMT
age: 547532
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-b-85b85cd7b6-rmpqf
content-length: 486
x-served-by: cache-chi-klot8100030-CHI, cache-maa10223-MAA
last-modified: Thu, 15 Dec 2022 08:07:16 GMT
server: nginx
x-timer: S1671639230.142207,VS0,VE2
etag: W/"639ad5b4-346"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: a2203416-7c4f-11ed-859d-325db0282c22
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 register.js Show response
andareincentives.com/wp-content/plugins/andare/public/js/ 18 KB
6 KB 262ms
262ms Script
application/x-javascript 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://andareincentives.com/wp-content/plugins/andare/public/js/register.js?ver=1.0.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

7a78c3ae5b520d8ff4628c3fc35957ae8c99a5baf27979623a5e10249c648f5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 16 Dec 2023 08:08:18 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 21 Dec 2022 16:13:50 GMT
age: 547531
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-b-85b85cd7b6-rmpqf
content-length: 5784
x-served-by: cache-chi-klot8100154-CHI, cache-maa10223-MAA
last-modified: Thu, 15 Dec 2022 08:07:16 GMT
server: nginx
x-timer: S1671639230.402398,VS0,VE1
etag: W/"639ad5b4-48f1"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: a22d5d87-7c4f-11ed-859d-325db0282c22
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 8539398.js Show response
js.hs-scripts.com/ 974 B
837 B 157ms
139ms Script
application/javascript 2606:4700::6811:d6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/8539398.js?integration=WordPress
Requested by: Host: andareincentives.com
URL: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85250185e4fde34c9c1859729f3a25be2ab808cd373bde2169fb0043774fd679

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 16:13:51 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 21 Dec 2022 16:02:22 GMT
server: cloudflare
x-hubspot-correlation-id: 02487dd0-8b8e-4bef-a486-d06ddfd14c14
x-trace: 2BB666A557E74419D4CE513860D70251A27B15026EF01DDAE5E806A8B101
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://andareincentives.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 77d1e84b5dbe9207-FRA
expires: Wed, 21 Dec 2022 16:14:51 GMT

GET
H2 200 jquery.lazyloadxt.extra.min.js Show response
andareincentives.com/wp-content/plugins/a3-lazy-load/assets/js/ 3 KB
2 KB 264ms
264ms Script
application/x-javascript 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://andareincentives.com/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extra.min.js?ver=2.4.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

b8cf531ef85346abed1d97d7526e8033ed4712b6d51bd007e0a75ebbdc69882e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 16 Dec 2023 08:08:18 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 21 Dec 2022 16:13:50 GMT
age: 547532
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-a-554f6c46b4-7rfvg
content-length: 1587
x-served-by: cache-chi-klot8100114-CHI, cache-maa10223-MAA
last-modified: Thu, 15 Dec 2022 08:07:16 GMT
server: nginx
x-timer: S1671639231.672207,VS0,VE1
etag: W/"639ad5b4-bc6"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: a2319ed7-7c4f-11ed-bd93-f6613aa7272f
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 jquery.lazyloadxt.srcset.min.js Show response
andareincentives.com/wp-content/plugins/a3-lazy-load/assets/js/ 2 KB
1 KB 258ms
258ms Script
application/x-javascript 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://andareincentives.com/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.srcset.min.js?ver=2.4.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

21dc21cf1cc77b458d114634e3775e70f229dc0c215b0c8958920e2079cb5a16

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 16 Dec 2023 08:08:18 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 21 Dec 2022 16:13:50 GMT
age: 547532
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-b-85b85cd7b6-4x2h5
content-length: 782
x-served-by: cache-chi-klot8100111-CHI, cache-maa10223-MAA
last-modified: Thu, 15 Dec 2022 08:07:16 GMT
server: nginx
x-timer: S1671639231.931771,VS0,VE1
etag: W/"639ad5b4-625"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: a232bf4b-7c4f-11ed-a6ae-2ebce7380c33
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 jquery.lazyloadxt.extend.js Show response
andareincentives.com/wp-content/plugins/a3-lazy-load/assets/js/ 1 KB
688 B 258ms
258ms Script
application/x-javascript 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://andareincentives.com/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extend.js?ver=2.4.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

dca6dbc693e602af7d214ac98b0a069096f398efe0e3bf11a86b12ee08e40fcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 16 Dec 2023 08:08:18 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 21 Dec 2022 16:13:51 GMT
age: 547533
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-a-554f6c46b4-rffwg
content-length: 433
x-served-by: cache-chi-klot8100079-CHI, cache-maa10223-MAA
last-modified: Thu, 15 Dec 2022 08:07:16 GMT
server: nginx
x-timer: S1671639231.191273,VS0,VE1
etag: W/"639ad5b4-418"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: a23238a9-7c4f-11ed-9064-eefd1ef4bead
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.12.0/ 247 KB
67 KB 367ms
367ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.0/jquery-ui.min.js
Requested by: Host: andareincentives.com
URL: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 78613a6e5bab939b078feae691fb0661e2b2671dcce1b1be66517203b2a7b3b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 16:13:51 GMT
content-encoding: gzip
x-sp-metadata: HS256.CM/9jJ0GEp8BCiQ4MjQ4YTAzYS01MTgyLTRkNjgtYjkxYi0wNDZmNzU0MTViMDgQ+OiCoKvU+wIaBgi/4YydBiIkMjAwMTphYzg6MjA6M2EwMDoxMDExOjJmZjY6ZGI5NDo4YTMzKOraAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkMmJkODU5NmQtMTNiNi00OGNhLTgwNWItNzk5YzA0MDFkNDM1GOSQBCIYCAISFGNkczE1NC5mcjguaHdjZG4ubmV0.kS3eG+dIBVgYcVYPbjO0C8HwRvinRoZ5ziYrwBRUwHk=
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-3ddc9"
vary: Accept-Encoding
x-hw: 1671639231.dop133.fr8.t,1671639231.cds016.fr8.hn,1671639231.cds154.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 67684

GET
H2 200 navigation.min.js Show response
andareincentives.com/wp-content/themes/andare/js/ 1 KB
802 B 266ms
263ms Script
application/x-javascript 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://andareincentives.com/wp-content/themes/andare/js/navigation.min.js?ver=4.1.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

9a99d2bb4a206485fe70e80d65b5fb32a07a477849029d3d99a551103e85e395

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 16 Dec 2023 08:08:18 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 21 Dec 2022 16:13:51 GMT
age: 547533
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-a-554f6c46b4-rffwg
content-length: 637
x-served-by: cache-chi-klot8100021-CHI, cache-maa10223-MAA
last-modified: Thu, 15 Dec 2022 08:07:17 GMT
server: nginx
x-timer: S1671639231.425558,VS0,VE1
etag: W/"639ad5b5-58d"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: a231f2f6-7c4f-11ed-9064-eefd1ef4bead
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 skip-link-focus-fix.min.js Show response
andareincentives.com/wp-content/themes/andare/js/ 325 B
420 B 267ms
264ms Script
application/x-javascript 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://andareincentives.com/wp-content/themes/andare/js/skip-link-focus-fix.min.js?ver=4.1.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

53f829ae556bf7011727483015d83a98bcdb4b5796eecb728827c1282c971536

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 16 Dec 2023 08:08:18 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 21 Dec 2022 16:13:51 GMT
age: 547533
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-b-85b85cd7b6-c8nvj
content-length: 241
x-served-by: cache-chi-klot8100075-CHI, cache-maa10223-MAA
last-modified: Thu, 15 Dec 2022 08:07:17 GMT
server: nginx
x-timer: S1671639231.427919,VS0,VE1
etag: W/"639ad5b5-145"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: a23382b3-7c4f-11ed-b4dc-3e1779448cd7
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 slick.min.js Show response
andareincentives.com/wp-content/themes/andare/js/vendor/ 42 KB
13 KB 268ms
264ms Script
application/x-javascript 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://andareincentives.com/wp-content/themes/andare/js/vendor/slick.min.js?ver=1.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

0dd8f8a961047225564d517825814b79d7e55c95a5b584987aeadb2bcafe39ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 16 Dec 2023 08:08:18 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 21 Dec 2022 16:13:51 GMT
age: 547533
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-a-554f6c46b4-qqcf6
content-length: 12897
x-served-by: cache-chi-kigq8000177-CHI, cache-maa10223-MAA
last-modified: Thu, 15 Dec 2022 08:07:17 GMT
server: nginx
x-timer: S1671639231.428165,VS0,VE1
etag: W/"639ad5b5-a74d"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: a2322980-7c4f-11ed-9258-86e78ab30be0
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 modal.min.js Show response
andareincentives.com/wp-content/themes/andare/js/ 2 KB
784 B 281ms
278ms Script
application/x-javascript 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://andareincentives.com/wp-content/themes/andare/js/modal.min.js?ver=4.1.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

5b39b755213b90cccb823d221638472fef43a5d34ccded0ddbbff3b1e68f4fa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 16 Dec 2023 08:08:18 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 21 Dec 2022 16:13:51 GMT
age: 547533
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-b-85b85cd7b6-c8nvj
content-length: 618
x-served-by: cache-chi-kigq8000069-CHI, cache-maa10223-MAA
last-modified: Thu, 15 Dec 2022 08:07:17 GMT
server: nginx
x-timer: S1671639231.428551,VS0,VE1
etag: W/"639ad5b5-693"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: a2332580-7c4f-11ed-b4dc-3e1779448cd7
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 global.min.js Show response
andareincentives.com/wp-content/themes/andare/js/ 7 KB
2 KB 283ms
280ms Script
application/x-javascript 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://andareincentives.com/wp-content/themes/andare/js/global.min.js?ver=4.1.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

6a2bdf4967e9191b9c16acddc93a44b8075c3c8be19a2bb32adc262add1647e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 16 Dec 2023 08:08:18 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 21 Dec 2022 16:13:51 GMT
age: 547533
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-a-554f6c46b4-rffwg
content-length: 1835
x-served-by: cache-chi-klot8100146-CHI, cache-maa10223-MAA
last-modified: Thu, 15 Dec 2022 08:07:17 GMT
server: nginx
x-timer: S1671639231.428546,VS0,VE2
etag: W/"639ad5b5-1b83"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: a2323e17-7c4f-11ed-9064-eefd1ef4bead
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 wp-embed.min.js Show response
andareincentives.com/wp-includes/js/ 1 KB
1 KB 280ms
277ms Script
application/x-javascript 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://andareincentives.com/wp-includes/js/wp-embed.min.js?ver=5.4.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sat, 16 Dec 2023 08:08:18 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 21 Dec 2022 16:13:51 GMT
age: 547533
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-a-554f6c46b4-7rfvg
content-length: 784
x-served-by: cache-chi-klot8100057-CHI, cache-maa10223-MAA
last-modified: Thu, 15 Dec 2022 08:07:17 GMT
server: nginx
x-timer: S1671639231.428519,VS0,VE1
etag: W/"639ad5b5-59a"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: a2337d7c-7c4f-11ed-bd93-f6613aa7272f
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 322ms
44ms Stylesheet
text/css 2a00:1450:400d:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Playfair+Display:400,400i|Raleway:300,600,800

Requested by

Host: andareincentives.com
URL: https://andareincentives.com/wp-content/themes/andare/style.css?ver=4.1.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

de605c6aa66689dda819a5f88e532577890afecb84018abc2e552d6dd9e6c197

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Dec 2022 16:13:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 16:13:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Dec 2022 16:13:49 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ 45 KB
46 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:400,400i|Raleway:300,600,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://andareincentives.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 22:05:34 GMT
x-content-type-options: nosniff
age: 497297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46524
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:05:34 GMT

GET
H2 200 AdobeStock_230257189.jpg
andareincentives.com/wp-content/uploads/2020/08/ 152 KB
152 KB 653ms
652ms Image
image/jpeg 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://andareincentives.com/wp-content/uploads/2020/08/AdobeStock_230257189.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

01e6bfbd7468f878beadbed790ceb75eaf143c9ae45e8858b2bd0b472df0aa73

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe3-b-cf89c899f-lt2dq
strict-transport-security: max-age=300
date: Wed, 21 Dec 2022 16:13:51 GMT
via: 1.1 varnish, 1.1 varnish
expires: Sun, 05 Nov 2023 07:28:57 GMT
age: 547533
x-cache: HIT, HIT
content-length: 155259
x-served-by: cache-chi-kigq8000138-CHI, cache-maa10223-MAA
last-modified: Mon, 10 Aug 2020 18:35:23 GMT
server: nginx
x-timer: S1671639231.443661,VS0,VE238
etag: "5f31936b-25e7b"
content-type: image/jpeg
x-styx-req-id: 580a192b-5c12-11ed-b173-56316baa722d
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 AdobeStock_321910200-e1602873843216.jpg
andareincentives.com/wp-content/uploads/2020/08/ 240 KB
241 KB 653ms
652ms Image
image/jpeg 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://andareincentives.com/wp-content/uploads/2020/08/AdobeStock_321910200-e1602873843216.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

6bde0029508025e049f5414cb86bf217f05e16414a92b92c18b821cd774337ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe3-b-5c8dbccd65-5gsb5
strict-transport-security: max-age=300
date: Wed, 21 Dec 2022 16:13:51 GMT
via: 1.1 varnish, 1.1 varnish
expires: Thu, 02 Nov 2023 19:28:58 GMT
age: 547533
x-cache: HIT, HIT
content-length: 246014
x-served-by: cache-chi-klot8100105-CHI, cache-maa10223-MAA
last-modified: Fri, 16 Oct 2020 18:44:03 GMT
server: nginx
x-timer: S1671639231.443639,VS0,VE242
etag: "5f89e9f3-3c0fe"
content-type: image/jpeg
x-styx-req-id: 6e896830-5a1b-11ed-bb52-0efde9d17ab1
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 AdobeStock_289010147-e1598560005429.jpg
andareincentives.com/wp-content/uploads/2020/08/ 248 KB
248 KB 653ms
653ms Image
image/jpeg 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://andareincentives.com/wp-content/uploads/2020/08/AdobeStock_289010147-e1598560005429.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cc32a50039e29f209eae1374c48b332a726722a1f642cc12aa4b4c9f3e576ea2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe3-a-d9f8897dc-xl9j5
strict-transport-security: max-age=300
date: Wed, 21 Dec 2022 16:13:51 GMT
via: 1.1 varnish, 1.1 varnish
expires: Thu, 09 Nov 2023 06:31:09 GMT
age: 547533
x-cache: HIT, HIT
content-length: 253664
x-served-by: cache-chi-kigq8000044-CHI, cache-maa10223-MAA
last-modified: Thu, 27 Aug 2020 20:26:46 GMT
server: nginx
x-timer: S1671639231.443625,VS0,VE259
etag: "5f481706-3dee0"
content-type: image/jpeg
x-styx-req-id: eee87273-5f2e-11ed-8473-c22246630c74
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 AdobeStock_313810469.jpg
andareincentives.com/wp-content/uploads/2020/08/ 188 KB
188 KB 653ms
652ms Image
image/jpeg 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://andareincentives.com/wp-content/uploads/2020/08/AdobeStock_313810469.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

189f7252b612d8a109de74f6b2ce51468babcf2f3600b92e5ff7d90d4b0564b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe3-b-7d97bdd874-wqw8q
strict-transport-security: max-age=300
date: Wed, 21 Dec 2022 16:13:51 GMT
via: 1.1 varnish, 1.1 varnish
expires: Thu, 12 Oct 2023 05:00:38 GMT
age: 547533
x-cache: HIT, HIT
content-length: 192387
x-served-by: cache-chi-kigq8000072-CHI, cache-maa10223-MAA
last-modified: Mon, 10 Aug 2020 18:44:02 GMT
server: nginx
x-timer: S1671639231.443570,VS0,VE253
etag: "5f319572-2ef83"
content-type: image/jpeg
x-styx-req-id: a629086a-4921-11ed-9bcc-4e9ae89062cd
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 AdobeStock_234112827.jpg
andareincentives.com/wp-content/uploads/2020/08/ 265 KB
266 KB 654ms
653ms Image
image/jpeg 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://andareincentives.com/wp-content/uploads/2020/08/AdobeStock_234112827.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3e74fac68df0b383623e0463b25398514cc891796a79c2c544269000b3db88e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe3-b-77b587f5fd-6w7r2
strict-transport-security: max-age=300
date: Wed, 21 Dec 2022 16:13:51 GMT
via: 1.1 varnish, 1.1 varnish
expires: Thu, 16 Nov 2023 21:10:52 GMT
age: 547533
x-cache: HIT, HIT
content-length: 271615
x-served-by: cache-chi-kigq8000030-CHI, cache-maa10223-MAA
last-modified: Mon, 10 Aug 2020 18:20:02 GMT
server: nginx
x-timer: S1671639231.443520,VS0,VE271
etag: "5f318fd2-424ff"
content-type: image/jpeg
x-styx-req-id: fc650eb9-6529-11ed-b88b-3ef81bae84e3
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 AdobeStock_132008025-1024x410.jpg
andareincentives.com/wp-content/uploads/2020/08/ 67 KB
67 KB 650ms
649ms Image
image/jpeg 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://andareincentives.com/wp-content/uploads/2020/08/AdobeStock_132008025-1024x410.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

0f5b96176b58de445ba4e11385135d392e57eb6e12b942d3d09f54c45f4879ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe3-b-f545f84c8-j6jlg
strict-transport-security: max-age=300
date: Wed, 21 Dec 2022 16:13:51 GMT
via: 1.1 varnish, 1.1 varnish
expires: Fri, 20 Oct 2023 06:45:19 GMT
age: 547533
x-cache: HIT, HIT
content-length: 68709
x-served-by: cache-chi-klot8100169-CHI, cache-maa10223-MAA
last-modified: Tue, 04 Aug 2020 02:10:09 GMT
server: nginx
x-timer: S1671639231.445313,VS0,VE243
etag: "5f28c381-10c65"
content-type: image/jpeg
x-styx-req-id: 98f910cb-4f79-11ed-a1f8-aaf5cbb38471
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 AdobeStock_223517544-1024x316.jpg
andareincentives.com/wp-content/uploads/2020/08/ 56 KB
57 KB 651ms
650ms Image
image/jpeg 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://andareincentives.com/wp-content/uploads/2020/08/AdobeStock_223517544-1024x316.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

422d54bb870d6dd8b835cbe38bc7460ccc78a020483e9e785cc1cf2c9ac8691a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe3-a-85d4f54d6b-jlbhq
strict-transport-security: max-age=300
date: Wed, 21 Dec 2022 16:13:51 GMT
via: 1.1 varnish, 1.1 varnish
expires: Wed, 08 Nov 2023 16:32:17 GMT
age: 284277
x-cache: HIT, HIT
content-length: 57827
x-served-by: cache-chi-kigq8000101-CHI, cache-maa10223-MAA
last-modified: Tue, 04 Aug 2020 02:11:04 GMT
server: nginx
x-timer: S1671639231.445283,VS0,VE257
etag: "5f28c3b8-e1e3"
content-type: image/jpeg
x-styx-req-id: beb04927-5eb9-11ed-bb8a-a2f62aaeec58
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 AdobeStock_199198354-1024x575.jpg
andareincentives.com/wp-content/uploads/2020/08/ 197 KB
197 KB 649ms
649ms Image
image/jpeg 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://andareincentives.com/wp-content/uploads/2020/08/AdobeStock_199198354-1024x575.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

7551c3d9d90e52f35c650b1dff3fd232d444a59c79ce05db5037c5e4f9912a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe3-b-7b599b5964-qgkfg
strict-transport-security: max-age=300
date: Wed, 21 Dec 2022 16:13:51 GMT
via: 1.1 varnish, 1.1 varnish
expires: Thu, 26 Oct 2023 12:17:21 GMT
age: 547533
x-cache: HIT, HIT
content-length: 201505
x-served-by: cache-chi-klot8100113-CHI, cache-maa10223-MAA
last-modified: Tue, 04 Aug 2020 02:11:56 GMT
server: nginx
x-timer: S1671639231.445254,VS0,VE245
etag: "5f28c3ec-31321"
content-type: image/jpeg
x-styx-req-id: f9adc4b2-545e-11ed-a0b3-96e0d6462d44
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2
fonts.gstatic.com/s/playfairdisplay/v30/ 19 KB
20 KB 27ms
15ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v30/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:400,400i|Raleway:300,600,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa3d5a0422c9b413abb4c78f8ff80de8a8ed58766f7110c82febf5296e899b47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://andareincentives.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 21:28:36 GMT
x-content-type-options: nosniff
age: 499515
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19860
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:06:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2023 21:28:36 GMT

GET
H2 200 ZcQSzhTBKXQ Show response
www.youtube.com/embed/ Frame 2A83 71 KB
31 KB 81ms
59ms Document
text/html 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/ZcQSzhTBKXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b0b1ab4e90ca6515e211b04eb0da10d992956b629d8452a36a217de9ac572720

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://andareincentives.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 16:13:51 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AdobeStock_99063381-1024x768.jpg
andareincentives.com/wp-content/uploads/2020/08/ 182 KB
182 KB 633ms
630ms Image
image/jpeg 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://andareincentives.com/wp-content/uploads/2020/08/AdobeStock_99063381-1024x768.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

5cd9ef4234ee0fccbf1656d0227b8f8c3fed39fe79ffbf7f00e57eba39f61071

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe3-a-554f6c46b4-hlxl7
strict-transport-security: max-age=300
date: Wed, 21 Dec 2022 16:13:51 GMT
via: 1.1 varnish, 1.1 varnish
expires: Sat, 02 Dec 2023 13:57:14 GMT
age: 547533
x-cache: HIT, HIT
content-length: 186320
x-served-by: cache-chi-klot8100077-CHI, cache-maa10223-MAA
last-modified: Tue, 04 Aug 2020 02:12:48 GMT
server: nginx
x-timer: S1671639231.465037,VS0,VE242
etag: "5f28c420-2d7d0"
content-type: image/jpeg
x-styx-req-id: 0f506fcb-7180-11ed-9c64-56509290035a
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 flourish-pattern.png
andareincentives.com/wp-content/themes/andare/images/ 120 KB
121 KB 1116ms
1113ms Image
image/png 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://andareincentives.com/wp-content/themes/andare/images/flourish-pattern.png

Requested by

Host: andareincentives.com
URL: https://andareincentives.com/wp-content/themes/andare/style.css?ver=4.1.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

ca332a03d71a831045e844c71a5e350a73c2e5b4f17a2501a1336261a791df06

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/wp-content/themes/andare/style.css?ver=4.1.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe3-b-85b85cd7b6-nqsbk
strict-transport-security: max-age=300
date: Wed, 21 Dec 2022 16:13:52 GMT
via: 1.1 varnish, 1.1 varnish
expires: Sat, 16 Dec 2023 08:08:18 GMT
age: 547534
x-cache: HIT, MISS
content-length: 123285
x-served-by: cache-chi-kigq8000115-CHI, cache-maa10223-MAA
last-modified: Thu, 15 Dec 2022 08:07:17 GMT
server: nginx
x-timer: S1671639232.692934,VS0,VE417
etag: "639ad5b5-1e195"
content-type: image/png
x-styx-req-id: a2458213-7c4f-11ed-9d5b-96dd7c75e493
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 4, 0

GET
H2 200 AdobeStock_182530897-1024x324.jpg
andareincentives.com/wp-content/uploads/2020/08/ 22 KB
22 KB 874ms
871ms Image
image/jpeg 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://andareincentives.com/wp-content/uploads/2020/08/AdobeStock_182530897-1024x324.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

ce1aa47055e2b335d138a29b86bb646c936a673c9d182fb84b1c94bfd606e4a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe3-a-7c46558dd5-2vxwk
strict-transport-security: max-age=300
date: Wed, 21 Dec 2022 16:13:51 GMT
via: 1.1 varnish, 1.1 varnish
expires: Sat, 11 Nov 2023 06:39:01 GMT
age: 547534
x-cache: HIT, HIT
content-length: 22279
x-served-by: cache-chi-kigq8000077-CHI, cache-maa10223-MAA
last-modified: Tue, 04 Aug 2020 02:13:39 GMT
server: nginx
x-timer: S1671639232.692916,VS0,VE260
etag: "5f28c453-5707"
content-type: image/jpeg
x-styx-req-id: 5cc9ea94-60c2-11ed-8a44-324aede0989c
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 AdobeStock_235274956-1024x682.jpg
andareincentives.com/wp-content/uploads/2020/08/ 129 KB
130 KB 873ms
871ms Image
image/jpeg 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://andareincentives.com/wp-content/uploads/2020/08/AdobeStock_235274956-1024x682.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

f3062b47dc327b131adbc67979640c36f710ac701da4a64d39267bfc6dc3bf74

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe3-b-85b85cd7b6-trdmm
strict-transport-security: max-age=300
date: Wed, 21 Dec 2022 16:13:51 GMT
via: 1.1 varnish, 1.1 varnish
expires: Sat, 02 Dec 2023 13:57:14 GMT
age: 547533
x-cache: HIT, HIT
content-length: 132319
x-served-by: cache-chi-kigq8000110-CHI, cache-maa10223-MAA
last-modified: Tue, 04 Aug 2020 02:14:30 GMT
server: nginx
x-timer: S1671639232.692889,VS0,VE260
etag: "5f28c486-204df"
content-type: image/jpeg
x-styx-req-id: 0f5a0d30-7180-11ed-90a4-3ede5d7aef68
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 4, 1

GET
H2 200 AdobeStock_312433849-e1597153159911-1024x430.jpg
andareincentives.com/wp-content/uploads/2020/08/ 128 KB
129 KB 872ms
870ms Image
image/jpeg 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://andareincentives.com/wp-content/uploads/2020/08/AdobeStock_312433849-e1597153159911-1024x430.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

6a5555b770a9693b4ed77aeb930afa9a1df64bd67e8b95315a8fc98308502064

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe3-b-85b85cd7b6-d4bdb
strict-transport-security: max-age=300
date: Wed, 21 Dec 2022 16:13:51 GMT
via: 1.1 varnish, 1.1 varnish
expires: Sat, 02 Dec 2023 13:57:14 GMT
age: 547533
x-cache: HIT, HIT
content-length: 131556
x-served-by: cache-chi-kigq8000125-CHI, cache-maa10223-MAA
last-modified: Tue, 11 Aug 2020 13:39:20 GMT
server: nginx
x-timer: S1671639232.692874,VS0,VE246
etag: "5f329f88-201e4"
content-type: image/jpeg
x-styx-req-id: 0f5a3c0d-7180-11ed-a2f3-5ee6f775b52d
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 AdobeStock_114023010-1024x341.jpg
andareincentives.com/wp-content/uploads/2020/08/ 88 KB
89 KB 870ms
869ms Image
image/jpeg 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://andareincentives.com/wp-content/uploads/2020/08/AdobeStock_114023010-1024x341.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

08e8114a8b4540d7086299e1886753a8f24bc5d7aec4c38f64f139be5557a447

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe3-a-85d4f54d6b-cvgq9
strict-transport-security: max-age=300
date: Wed, 21 Dec 2022 16:13:51 GMT
via: 1.1 varnish, 1.1 varnish
expires: Wed, 08 Nov 2023 01:05:35 GMT
age: 547534
x-cache: HIT, HIT
content-length: 90533
x-served-by: cache-chi-klot8100084-CHI, cache-maa10223-MAA
last-modified: Tue, 04 Aug 2020 02:16:05 GMT
server: nginx
x-timer: S1671639232.692846,VS0,VE238
etag: "5f28c4e5-161a5"
content-type: image/jpeg
x-styx-req-id: 48f8a062-5e38-11ed-97ea-562d7e590eba
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 AdobeStock_165093450-e1597153190499-1024x402.jpg
andareincentives.com/wp-content/uploads/2020/08/ 95 KB
95 KB 872ms
870ms Image
image/jpeg 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://andareincentives.com/wp-content/uploads/2020/08/AdobeStock_165093450-e1597153190499-1024x402.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

632d17d46da52a4dd4aa467ff5f826d1ba32cc42c202dbe14cc2e1b54452a62e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe3-a-5f89dfc8b4-9zvfw
strict-transport-security: max-age=300
date: Wed, 21 Dec 2022 16:13:51 GMT
via: 1.1 varnish, 1.1 varnish
expires: Thu, 19 Oct 2023 19:59:35 GMT
age: 547534
x-cache: HIT, HIT
content-length: 96941
x-served-by: cache-chi-kigq8000040-CHI, cache-maa10223-MAA
last-modified: Tue, 11 Aug 2020 13:39:51 GMT
server: nginx
x-timer: S1671639232.692825,VS0,VE254
etag: "5f329fa7-17aad"
content-type: image/jpeg
x-styx-req-id: 638198c7-4f1f-11ed-ba9f-a649361b6858
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 AdobeStock_161910883-e1598582045418.jpg
andareincentives.com/wp-content/uploads/2020/08/ 94 KB
94 KB 870ms
869ms Image
image/jpeg 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://andareincentives.com/wp-content/uploads/2020/08/AdobeStock_161910883-e1598582045418.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

21f68b4158e9ff4fa7937c033a36638fa9e9f51643e46d242d50bce7f852927c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe3-a-85d4f54d6b-fvmql
strict-transport-security: max-age=300
date: Wed, 21 Dec 2022 16:13:51 GMT
via: 1.1 varnish, 1.1 varnish
expires: Tue, 07 Nov 2023 21:15:36 GMT
age: 547534
x-cache: HIT, HIT
content-length: 95846
x-served-by: cache-chi-klot8100061-CHI, cache-maa10223-MAA
last-modified: Fri, 28 Aug 2020 19:55:05 GMT
server: nginx
x-timer: S1671639232.692810,VS0,VE238
etag: "5f496119-17666"
content-type: image/jpeg
x-styx-req-id: 2853c6b4-5e18-11ed-8418-f6637d554d16
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 AdobeStock_256679383-cropped-508x1024.jpg
andareincentives.com/wp-content/uploads/2020/08/ 108 KB
108 KB 871ms
870ms Image
image/jpeg 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://andareincentives.com/wp-content/uploads/2020/08/AdobeStock_256679383-cropped-508x1024.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

4f2b668b3ba9a8199da275a7e2986cfe75472226fa17298080c71b590994b1a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe3-a-586884d754-6kjqj
strict-transport-security: max-age=300
date: Wed, 21 Dec 2022 16:13:51 GMT
via: 1.1 varnish, 1.1 varnish
expires: Thu, 26 Oct 2023 17:30:10 GMT
age: 547533
x-cache: HIT, HIT
content-length: 110525
x-served-by: cache-chi-kigq8000104-CHI, cache-maa10223-MAA
last-modified: Tue, 04 Aug 2020 02:22:31 GMT
server: nginx
x-timer: S1671639232.692776,VS0,VE253
etag: "5f28c667-1afbd"
content-type: image/jpeg
x-styx-req-id: ace4ecaf-548a-11ed-9e88-f2fd26f5f29e
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 AdobeStock_329035602-e1597153241818-1024x376.jpg
andareincentives.com/wp-content/uploads/2020/08/ 80 KB
80 KB 872ms
871ms Image
image/jpeg 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://andareincentives.com/wp-content/uploads/2020/08/AdobeStock_329035602-e1597153241818-1024x376.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

aee3e1bef3c2428322274ce4a3cf2578d43bd59730ddb6fe2d5fb95da90c4bf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe3-a-5f89dfc8b4-4ffb8
strict-transport-security: max-age=300
date: Wed, 21 Dec 2022 16:13:51 GMT
via: 1.1 varnish, 1.1 varnish
expires: Thu, 19 Oct 2023 16:56:44 GMT
age: 547533
x-cache: HIT, HIT
content-length: 81823
x-served-by: cache-chi-kigq8000155-CHI, cache-maa10223-MAA
last-modified: Tue, 11 Aug 2020 13:40:42 GMT
server: nginx
x-timer: S1671639232.692753,VS0,VE258
etag: "5f329fda-13f9f"
content-type: image/jpeg
x-styx-req-id: d861a3bb-4f05-11ed-a4cd-fe9282cb8eab
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 86ms
21ms Script
text/javascript 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-156497543-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 21 Dec 2022 14:27:21 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6390
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 21 Dec 2022 16:27:21 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/34f9b71c/ Frame 2A83 360 KB
49 KB 8ms
6ms Stylesheet
text/css 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/34f9b71c/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZcQSzhTBKXQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b12df28928ae6402d9d672b356057877a9829fb5701e913e162c03774ab4cec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ZcQSzhTBKXQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 07:53:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 116443
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49901
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 01:14:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 20 Dec 2023 07:53:08 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/34f9b71c/www-embed-player.vflset/ Frame 2A83 316 KB
98 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/34f9b71c/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZcQSzhTBKXQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1bc98f188a5797fcbe67ffd72028347b81fb7cafca30994789f953694e81c9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ZcQSzhTBKXQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 04:02:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43852
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100066
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 01:14:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 21 Dec 2023 04:02:59 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/34f9b71c/player_ias.vflset/de_DE/ Frame 2A83 2 MB
587 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/34f9b71c/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZcQSzhTBKXQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cc630686190c6b0588372183c91c0981c79bfdbe03d7e019f581da24c48cedf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ZcQSzhTBKXQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 19:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 506242
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600672
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 01:14:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 15 Dec 2023 19:36:29 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/34f9b71c/fetch-polyfill.vflset/ Frame 2A83 9 KB
3 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/34f9b71c/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZcQSzhTBKXQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ZcQSzhTBKXQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 13:46:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 95255
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 01:14:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 20 Dec 2023 13:46:16 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2A83 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZcQSzhTBKXQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 12:17:50 GMT
x-content-type-options: nosniff
age: 359761
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Dec 2023 12:17:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2A83 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZcQSzhTBKXQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 150752
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 22:21:19 GMT

GET
H2 200 8539398.js Show response
js.hs-analytics.net/analytics/1671639000000/ 64 KB
20 KB 222ms
189ms Script
text/javascript 2606:4700::6811:45b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1671639000000/8539398.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8539398.js?integration=WordPress
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef882dec5480d3e0eaa9fb95351664ac38bbaaa1931d2f1375e1ec98a5a08c80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 16:13:51 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: SYNN61JT24XSA1GV
x-amz-server-side-encryption: AES256
x-amz-id-2: JHfrd8SYUd74e6LEPNatJXjTS9LCRef2YEDVBs0k+3mI10gOdtydLFSnhY5eOBmCnXg3Z+W8Q04PLk1HY076iA==
last-modified: Thu, 01 Dec 2022 14:38:35 GMT
server: cloudflare
etag: W/"732781c9789cd93949b411850f05e93a"
vary: origin, Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 77d1e84c7f485b2c-FRA
expires: Wed, 21 Dec 2022 16:18:51 GMT

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/8539398/ 202 KB
63 KB 273ms
244ms Script
text/javascript 2606:4700:4400::6812:21ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/8539398/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8539398.js?integration=WordPress
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3ba2a8d8471885c260c54332e080987ab4995a2fd72ddb3fcb4792672761d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 16:13:51 GMT
x-amz-version-id: e1nThibPPds_TPNukE2WjRQUw2Sp3ZM8
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: M16YP53NRQ7FCH69
x-amz-server-side-encryption: AES256
x-amz-id-2: NfKNWBhgzN/5An79Mle5C2ZL0gFxwS0a8bS+rxPMGN1V38FFh7GwfSAjfJQZiw9BVg6JXOUQgtg=
last-modified: Thu, 08 Dec 2022 22:33:10 GMT
server: cloudflare
etag: W/"21ad30d9332e866bdfc2713a78f50541"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://andareincentives.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 77d1e84c7e0b905b-FRA
expires: Wed, 21 Dec 2022 16:18:51 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 83ms
41ms XHR
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2147403722&t=pageview&_s=1&dl=https%3A%2F%2Fandareincentives.com%2F%3Futm_medium%3Demail%26_hsmi%3D238108283%26_hsenc%3Dp2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA%26utm_content%3D238108283%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Incentive%20Travel%20Destinations%20%E2%80%A2%20Andar%C3%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1614683880&gjid=1364764061&cid=1979296167.1671639231&tid=UA-156497543-1&_gid=1870012200.1671639231&_r=1&gtm=2oubu0&z=1272248789

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://andareincentives.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 16:13:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://andareincentives.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 2A83
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

83ms
41ms

XHR
application/json

2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZcQSzhTBKXQ

Protocol

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de90f16b05e71d4a04f1b09c09a723989156805d9c3e9afd5572db4b9ed53051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 16:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 21 Dec 2022 16:13:51 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 2A83 29 B
587 B 81ms
20ms Script
text/javascript 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/34f9b71c/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 16:09:31 GMT
x-content-type-options: nosniff
age: 260
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Dec 2022 16:24:31 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 34ms
13ms Preflight
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 21 Dec 2022 16:13:51 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 initplayback Show response
redirector.googlevideo.com/ Frame 2A83 333 B
970 B 102ms
40ms XHR
text/plain 2a00:1450:400d:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://redirector.googlevideo.com/initplayback?source=youtube&oeis=1&ip=2001%3Aac8%3A20%3A3a00%3A1011%3A2ff6%3Adb94%3A8a33&c=WEB_EMBEDDED_PLAYER&oad=3200&ovd=3200&oaad=3200&oavd=3200&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odepv=1&alr=yes&id=77984

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/34f9b71c/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ClientMapServer /

Resource Hash

f713debb74a1065fdf400328f4060aaf9ced1c05a0b811d4bd4225e97d9162cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 16:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 257
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 2A83 66 KB
30 KB 34ms
19ms XHR
application/json+protobuf 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/34f9b71c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47653a9f7018becce411a759f283d85760fc921b1aec897a2386d5506d0d0b3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 21 Dec 2022 16:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30944
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/34f9b71c/player_ias.vflset/de_DE/ Frame 2A83 119 KB
37 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/34f9b71c/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/34f9b71c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c8e8e9a0287e699e1c4192f000a0ac325684974d4047f5c3c9f0420298b9fa2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ZcQSzhTBKXQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 19:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 506242
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37385
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 01:14:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 15 Dec 2023 19:36:29 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/34f9b71c/player_ias.vflset/de_DE/ Frame 2A83 26 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/34f9b71c/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/34f9b71c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

022f474afc5749850b98dd19ed71a3ef48a8ac19a0bed7dff972fd611d6b23fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ZcQSzhTBKXQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 05:12:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 298880
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8313
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 01:14:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 18 Dec 2023 05:12:31 GMT

GET
DATA 200
OK truncated
/ Frame 2A83 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu9t9FBPSgX0Lo_UYcXCIBhxK7ijoZgLr9TthSFP=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 2A83 1 KB
2 KB 83ms
22ms Image
image/jpeg 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu9t9FBPSgX0Lo_UYcXCIBhxK7ijoZgLr9TthSFP=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZcQSzhTBKXQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f1e97ceeb117b85e8a6e0d2de5b519512b7c985cadbcd2bfbce67a9dc90160b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 15:58:05 GMT
x-content-type-options: nosniff
age: 946
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1467
x-xss-protection: 0
server: fife
etag: "v5"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 22 Dec 2022 15:58:05 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/ZcQSzhTBKXQ/ Frame 2A83 21 KB
22 KB 29ms
7ms Image
image/jpeg 2a00:1450:4001:802::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/ZcQSzhTBKXQ/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AHUBoAC4AOKAgwIABABGEkgUChlMA8=&rs=AOn4CLBK2frHSX_MWUIhnvIIzGyEzK1snQ

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZcQSzhTBKXQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd33502eaf639cbe8a9a79da517a0daa919a4533fd747ecbdee592cfa0b6bbf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 16:02:29 GMT
x-content-type-options: nosniff
age: 682
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21926
x-xss-protection: 0
server: sffe
etag: "1619465531"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 21 Dec 2022 18:02:29 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 2A83 90 B
134 B 17ms
16ms XHR
application/json+protobuf 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/34f9b71c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7184cfaf7c4c8bcff763199419aafaa5e91a79a784144ba518fc61bfc3f60b60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 21 Dec 2022 16:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 15ms
15ms Preflight
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 21 Dec 2022 16:13:51 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame CB1A 200 B
809 B 7ms
6ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://andareincentives.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1174128
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 21 Dec 2022 16:13:51 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Wed, 07 Dec 2022 23:30:12 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 619901
x-content-type-options: nosniff
x-request-id: 436f3f85-03e7-4e32-8688-dce18e100d38
x-served-by: cache-hhn-etou8220076-HHN

GET
H2 200 controller-6f1454e4b56b1802d6355e856265f8b9.html Show response
js.stripe.com/v3/ Frame 2CF3 325 B
655 B 6ms
6ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-6f1454e4b56b1802d6355e856265f8b9.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

82d68ba82db254a2595995b873d65ed9b8e09f3772e6ea3898515a26e5df5660

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://andareincentives.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 20
cache-control: max-age=60
content-encoding: br
content-length: 151
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 21 Dec 2022 16:13:51 GMT
etag: "6f1454e4b56b1802d6355e856265f8b9"
last-modified: Tue, 20 Dec 2022 21:38:21 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 8
x-content-type-options: nosniff
x-request-id: 9c3a765b-8512-4107-8d89-bfdfe0e9421d
x-served-by: cache-hhn-etou8220076-HHN

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 2A83 4 KB
3 KB 42ms
15ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/34f9b71c/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 16:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Dec 2022 16:13:51 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame CB1A 0
571 B 508ms
165ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 21 Dec 2022 16:13:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame CB1A 0
570 B 510ms
167ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 21 Dec 2022 16:13:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame CB1A 631 B
640 B 7ms
6ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 21 Dec 2022 16:13:51 GMT
via: 1.1 varnish
age: 1174127
x-cache: HIT
content-length: 332
x-request-id: 8d3e67ff-50ed-489f-8998-4b987c62e780
x-served-by: cache-hhn-etou8220076-HHN
last-modified: Wed, 07 Dec 2022 23:30:11 GMT
server: Fastly
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 557571

POST
H2 200 csp-report
q.stripe.com/ Frame 2CF3 0
570 B 510ms
171ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 21 Dec 2022 16:13:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-369d01c0443af0992881b897ee26ef92.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2CF3 294 KB
66 KB 7ms
6ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-369d01c0443af0992881b897ee26ef92.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-6f1454e4b56b1802d6355e856265f8b9.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

027bb427cfad18362ea262b368d2231df61739dd8b720198b5225d82d779fda3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-6f1454e4b56b1802d6355e856265f8b9.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 21 Dec 2022 16:13:51 GMT
via: 1.1 varnish
age: 66832
x-cache: HIT
content-length: 67350
x-request-id: 76fa2d9c-0549-4fa2-ac63-071c2cf2d4cb
x-served-by: cache-hhn-etou8220076-HHN
last-modified: Tue, 20 Dec 2022 21:38:32 GMT
server: Fastly
etag: "a8469b2de9fe65538c03ace60dafff73"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 9206

GET
H2 200 controller-e0b925ad24ea05f9619bc2d84838e487.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2CF3 456 KB
111 KB 10ms
9ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-e0b925ad24ea05f9619bc2d84838e487.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-6f1454e4b56b1802d6355e856265f8b9.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f47853b57fe6a5a6d4c6273d65059bbab91059d0eec6b6cc75db9ed49e1da6f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-6f1454e4b56b1802d6355e856265f8b9.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 21 Dec 2022 16:13:51 GMT
via: 1.1 varnish
age: 66831
x-cache: HIT
content-length: 113301
x-request-id: 221e1044-5715-42cb-b9ce-72fa9c5e63ca
x-served-by: cache-hhn-etou8220076-HHN
last-modified: Tue, 20 Dec 2022 21:38:30 GMT
server: Fastly
etag: "28ac061b68c94d40308f80281561689c"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8364

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 5F8C 930 B
2 KB 24ms
8ms Document
text/html 2600:9000:223e:5400:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:5400:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 150
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 21 Dec 2022 16:11:22 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 3431ec594cac61983aae2d9ffaf23980.cloudfront.net (CloudFront)
x-amz-cf-id: okA40TqQik4tfxs4rcGQTeTUhwx_rPyAksb2DVF-NR1wahN_T1l1aQ==
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 2CF3 474 B
609 B 20ms
6ms Fetch
application/json 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-369d01c0443af0992881b897ee26ef92.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ec8b39c18165351ae1ef050cee92204eec85d699cd3e960fb06e6d6bc0bb6e1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-6f1454e4b56b1802d6355e856265f8b9.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 21 Dec 2022 16:13:51 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 20
x-cache: HIT
content-length: 294
x-request-id: c67c7aef-4b41-4e66-a05d-75bbc7a8cd8a
x-served-by: cache-hhn-etou8220078-HHN
last-modified: Tue, 20 Dec 2022 22:07:06 GMT
server: Fastly
etag: "d65442a3015883d94bf08a957d9d4662"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4

POST
H2 200 csp-report
q.stripe.com/ Frame 5F8C 0
344 B 430ms
169ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 16:13:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
x-robots-tag: none
content-length: 0
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 5F8C 86 KB
14 KB 8ms
7ms Script
text/javascript 2600:9000:223e:5400:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:5400:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 21 Dec 2022 16:10:54 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
via: 1.1 3431ec594cac61983aae2d9ffaf23980.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
age: 178
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: AXedEefrhsbiqTM_KFpkbB-_B4hhwjb5v48H0A8MrBG8xNOblBYwSA==

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/108/ Frame 2A83 52 KB
15 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/108/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a174ce3d0e66cfea95ba4288c928291b37bd679f3044ac1a7f4dc3958036be11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 11:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18580
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15164
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 00:45:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 22 Dec 2022 11:04:11 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF3 0
128 B 676ms
311ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-369d01c0443af0992881b897ee26ef92.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 21 Dec 2022 16:13:52 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF3 0
127 B 678ms
314ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-369d01c0443af0992881b897ee26ef92.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 21 Dec 2022 16:13:52 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF3 0
127 B 678ms
314ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-369d01c0443af0992881b897ee26ef92.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 21 Dec 2022 16:13:52 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF3 0
127 B 686ms
323ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-369d01c0443af0992881b897ee26ef92.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 21 Dec 2022 16:13:52 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF3 0
127 B 677ms
315ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-369d01c0443af0992881b897ee26ef92.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 21 Dec 2022 16:13:52 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF3 0
127 B 691ms
328ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-369d01c0443af0992881b897ee26ef92.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 21 Dec 2022 16:13:52 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF3 0
127 B 690ms
328ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-369d01c0443af0992881b897ee26ef92.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 21 Dec 2022 16:13:52 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 6 Show response
m.stripe.com/ Frame 5F8C 156 B
523 B 531ms
172ms XHR
application/json 44.239.165.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.239.165.78 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-165-78.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

642213f0924beec3e74bb21b8b17173f9e0c50c8ddb642c212ba06d1b58f8cd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 21 Dec 2022 16:13:52 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H3 200 get Show response
www.youtube.com/youtubei/v1/att/ Frame 2A83 22 KB
16 KB 27ms
26ms XHR
application/json 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/att/get?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/34f9b71c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

1235f66dcedf2b0b1227e9ebeb66deb2f60267f1f122839593c5771ae3c95bdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/ZcQSzhTBKXQ
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20221214.01.00
X-Goog-Visitor-Id: CgtIM1NuaWtVeFc4USi_4YydBg%3D%3D

Response headers

date: Wed, 21 Dec 2022 16:13:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15972
x-xss-protection: 0
expires: Wed, 21 Dec 2022 16:13:52 GMT

GET
H2 200 G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js Show response
www.google.com/js/th/ Frame 2A83 36 KB
14 KB 82ms
19ms Script
text/javascript 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/34f9b71c/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bec22d0a46b2239935880ce9f8e0015532f67f68a2ced5cf7a0dfc001377783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 05:56:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 209823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14211
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Dec 2023 05:56:49 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 2A83 0
10 B 8ms
7ms Image
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?jKMxjg
Requested by: Host: andareincentives.com
URL: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ZcQSzhTBKXQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 16:13:52 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 552.2d6a2503-1220.js Show response
js-agent.newrelic.com/ 21 KB
6 KB 29ms
7ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/552.2d6a2503-1220.js
Requested by: Host: andareincentives.com
URL: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b2f88606e0e67ca512cb458ab89f1c48a1ea9109e28c7be9f925b59e478bafc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 7EjqUQ3uiXAFqO0VnIOp2ymSTJq3JZwD
content-encoding: gzip
via: 1.1 varnish
date: Wed, 21 Dec 2022 16:13:52 GMT
x-amz-request-id: 0VBX1BWD3S1A6V8P
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 5890
x-amz-id-2: pQ+jrNPUFKPfQ/gTJNpVZPsTUUUaoqSYT/RmuqthVo7lBwjCJux4bnlWYYDOD5Amd//bd70XbV0=
x-served-by: cache-hhn-etou8220021-HHN
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
server: AmazonS3
x-timer: S1671639233.897060,VS0,VE0
etag: "777ac0df4dba632ad1b2955c88dd51ac"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 10056

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
890 B 199ms
178ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3792703849&v=1.1&a=8539398&ct=standard-page&rcu=https%3A%2F%2Fandareincentives.com%2F&pu=https%3A%2F%2Fandareincentives.com%2F%3Futm_medium%3Demail%26_hsmi%3D238108283%26_hsenc%3Dp2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA%26utm_content%3D238108283%26utm_source%3Dhs_email&t=Incentive+Travel+Destinations+%E2%80%A2+Andar%C3%A9&cts=1671639232884&vi=ea7a40ae02cb330692a46a099c323032&nc=true&u=37885180.ea7a40ae02cb330692a46a099c323032.1671639232881.1671639232881.1671639232881.1&b=37885180.1.1671639232881&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 16:13:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 81565a60-efe4-406f-af3a-1e310a355558
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hkcViokT5gGQbTZ7Zg1XhaDiz3SsVP67WdETgx6BNGFA3c74iJRdFeA%2FFudRR0jxo3cmAhrsGKbecpzjxVn0CkjuEBEwbrcwW4jRs6sJOprDG0BUZC9lNplFjPuuPbAcftlqAqRKV4Wfh1YyNZNc"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 77d1e855ae396973-FRA
x-robots-tag: none

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF3 0
127 B 168ms
168ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-369d01c0443af0992881b897ee26ef92.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 21 Dec 2022 16:13:52 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 290.2d6a2503-1220.js Show response
js-agent.newrelic.com/ 8 KB
4 KB 8ms
7ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/290.2d6a2503-1220.js
Requested by: Host: andareincentives.com
URL: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e0a26a1ea9be40cca40ba8fa9085fc9114e14171022777b7e9010638cbde935b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: C4hj6k9j4I7xXuTBZvcbX78Bf.Ep8KMk
content-encoding: gzip
via: 1.1 varnish
date: Wed, 21 Dec 2022 16:13:53 GMT
x-amz-request-id: RRKTSGB1GZCRV89T
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3424
x-amz-id-2: 4l8iY1Ay2BHNb7bAAyZxHOGToVbGcN6NeFSHhghIiVqS7k6LFqaFdOqdUnsrfIawKvLFJTqoZdc=
x-served-by: cache-hhn-etou8220021-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1671639233.010705,VS0,VE0
etag: "13898fbb4d7a1f83fc6722c4c12faf40"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 10074

GET
H2 200 368.2d6a2503-1220.js Show response
js-agent.newrelic.com/ 3 KB
2 KB 9ms
9ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/368.2d6a2503-1220.js
Requested by: Host: andareincentives.com
URL: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b82a7e3de0f28545976b6ea127ed6d815e1e675322e869f21532184a7244fc56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: zC.KoTaM7bjdFj.W4KQMilxtjXXSNPks
content-encoding: gzip
via: 1.1 varnish
date: Wed, 21 Dec 2022 16:13:53 GMT
x-amz-request-id: RRKWZFQQ82P9RYZP
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1443
x-amz-id-2: uHhi53JMteirXrk4bE2zQ2rfInN8pgMnDTKzRkPSovJM5y5AVhKYCmSakQr/ADpTIHYCwno/iPU=
x-served-by: cache-hhn-etou8220021-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1671639233.011238,VS0,VE0
etag: "16b4f3676c3859e1378a2ccdebbad675"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 10061

GET
H2 200 768.2d6a2503-1220.js Show response
js-agent.newrelic.com/ 5 KB
2 KB 8ms
8ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/768.2d6a2503-1220.js
Requested by: Host: andareincentives.com
URL: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e0409a5c07795fdd2e472e5fc8a723cf7076de849d5050966b5e2cc58741df5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 0CJw6LdyBdZcjhOiVrtC0pLcOFtA3d5G
content-encoding: gzip
via: 1.1 varnish
date: Wed, 21 Dec 2022 16:13:53 GMT
x-amz-request-id: RRKJK0718AC26354
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2225
x-amz-id-2: l8ESbNTyyn/P6dzRQLIojLa2rg4VwhS8fdNMFOt9gg/d/4/Kp0bjEjLMX+zdfv6F8ScooaaycLs=
x-served-by: cache-hhn-etou8220021-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1671639233.010910,VS0,VE0
etag: "d6cc8b42eda6fd7734014b03b87b5787"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 10065

GET
H2 200 775.2d6a2503-1220.js Show response
js-agent.newrelic.com/ 1 KB
837 B 8ms
8ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/775.2d6a2503-1220.js
Requested by: Host: andareincentives.com
URL: https://andareincentives.com/?utm_medium=email&_hsmi=238108283&_hsenc=p2ANqtz-9qBQc9psf5BSD3Qzb0i3M94oOX_-hgqHnzBmJoFLSXN3Tn8LbEfavsgBR8-d48cZ2QTP0HUM9wGRLNaNW3XcLs1TTjwA&utm_content=238108283&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 321caf3b5deae5f4be6261374b509b793eacc09762074aa1ae7471f7ad6369a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: y1AQ2bnjUbwuFOuSS5MP1vew1dGw.1iz
content-encoding: gzip
via: 1.1 varnish
date: Wed, 21 Dec 2022 16:13:53 GMT
x-amz-request-id: RRKZW6YW5QXSXTC9
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 632
x-amz-id-2: 2hx6bADpueBAuZxvc4FgrJAgB75cBAbWtyO/2W1dg52zl/c4Dh4x5VSG4Lno06GEGXD2M/AJ6wU=
x-served-by: cache-hhn-etou8220021-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1671639233.010869,VS0,VE0
etag: "1dfdb74c0491489bf04c6deadb56add2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 10078

GET
H/1.1 200
OK 90cb4d9363 Show response
bam.nr-data.net/1/ 49 B
523 B 320ms
286ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/90cb4d9363?a=426632421&v=1220.PROD&to=bwQHN0ZZCxJVBUwIC1ZOJABAUQoPGwBKDgpMTBUCU10%3D&rst=5695&ck=0&s=78816814a6161187&ref=https://andareincentives.com/&ap=434&be=1838&fe=3708&dc=2610&perf=%7B%22timing%22:%7B%22of%22:1671639227328,%22n%22:0,%22f%22:156,%22dn%22:158,%22dne%22:210,%22c%22:210,%22s%22:468,%22ce%22:736,%22rq%22:736,%22rp%22:1801,%22rpe%22:2099,%22dl%22:1803,%22di%22:4448,%22ds%22:4448,%22de%22:4454,%22dc%22:5546,%22l%22:5546,%22le%22:5558%7D,%22navigation%22:%7B%7D%7D&fp=3954&fcp=3954&at=Q0MEQQ5DGBw%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/552.2d6a2503-1220.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 21 Dec 2022 16:13:53 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
CF-Ray: 77d1e856a8ca5c56-FRA

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 2A83 28 B
54 B 29ms
29ms XHR
application/json 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/34f9b71c/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
X-Goog-Request-Time: 1671639233851
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/ZcQSzhTBKXQ
X-YouTube-Client-Version: 1.20221214.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtIM1NuaWtVeFc4USi_4YydBg%3D%3D
X-YouTube-Ad-Signals: dt=1671639231429&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C948%2C533&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 21 Dec 2022 16:13:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Wed, 21 Dec 2022 16:13:53 GMT

GET
H2 200 trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js Show response
js.stripe.com/v3/fingerprinted/js/ 295 B
343 B 7ms
7ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://andareincentives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 21 Dec 2022 16:13:57 GMT
via: 1.1 varnish
age: 1172301
x-cache: HIT
content-length: 209
x-request-id: eb5735a6-92ac-4a8a-9c8b-5b1a665fb36d
x-served-by: cache-hhn-etou8220076-HHN
last-modified: Wed, 07 Dec 2022 23:30:11 GMT
server: Fastly
etag: "477956b204dfd45e10334fc060914d4b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 54602

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF3 0
127 B 173ms
173ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-369d01c0443af0992881b897ee26ef92.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 21 Dec 2022 16:13:57 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: R-SR-7w-qDA
.youtube.com/	1970-01-20 12:39:51	Name: VISITOR_INFO1_LIVE Value: H3SnikUxW8Q
.andareincentives.com/	1970-01-20 17:56:39	Name: _ga Value: GA1.2.1979296167.1671639231
.andareincentives.com/	1970-01-20 08:22:05	Name: _gid Value: GA1.2.1870012200.1671639231
.andareincentives.com/	1970-01-20 08:20:39	Name: _gat_gtag_UA_156497543_1 Value: 1
m.stripe.com/	1970-01-20 17:56:39	Name: m Value: 4f3b3717-d757-4cd0-851c-ad67a09801cbc5cd3d
.andareincentives.com/	1970-01-20 17:06:15	Name: __stripe_mid Value: cce376be-9e3f-4e4e-820b-98bbe6f1c2fca7374e
.andareincentives.com/	1970-01-20 08:20:41	Name: __stripe_sid Value: 7482423b-cdcc-4ec0-88b1-c9758d3e33340da7ab
.andareincentives.com/	1970-01-20 12:39:51	Name: __hstc Value: 37885180.ea7a40ae02cb330692a46a099c323032.1671639232881.1671639232881.1671639232881.1
.andareincentives.com/	1970-01-20 12:39:51	Name: hubspotutk Value: ea7a40ae02cb330692a46a099c323032
.andareincentives.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.andareincentives.com/	1970-01-20 08:20:41	Name: __hssc Value: 37885180.1.1671639232881
.hubspot.com/	1970-01-20 08:20:41	Name: __cf_bm Value: G2hZQtIc01n7xd1fcscOfO9WABwuko8aVoqwnpMnCAQ-1671639233-0-AWf/SzVfWa8X3bINMFn/eIgmOG2WSn2PwSFhAeKerdJjdehQM9RWSMzQMM8umrv8VwPX5Gesxf+X2w5UIDEPAJI=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

andareincentives.com
bam.nr-data.net
code.jquery.com
d10dt004.na1.hubspotlinksstarter.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
js-agent.newrelic.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
r.stripe.com
redirector.googlevideo.com
static.doubleclick.net
track.hubspot.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
151.101.0.176
151.101.66.137
162.247.241.14
2001:4de0:ac18::1:a:1a
2600:9000:223e:5400:19:7d10:bd80:93a1
2606:4700:4400::6812:21ab
2606:4700:4400::ac40:9615
2606:4700::6811:45b0
2606:4700::6811:d6cc
2606:4700::6813:9b53
2620:12a:8000::3
2a00:1450:4001:800::200e
2a00:1450:4001:802::2016
2a00:1450:4001:808::2003
2a00:1450:4001:827::2003
2a00:1450:4001:827::2008
2a00:1450:4001:82f::200a
2a00:1450:400d:802::2002
2a00:1450:400d:803::2006
2a00:1450:400d:804::2001
2a00:1450:400d:808::200e
2a00:1450:400d:80c::200e
2a00:1450:400d:80d::2004
2a00:1450:400d:80d::200a
44.239.165.78
54.187.159.182
01e6bfbd7468f878beadbed790ceb75eaf143c9ae45e8858b2bd0b472df0aa73
022f474afc5749850b98dd19ed71a3ef48a8ac19a0bed7dff972fd611d6b23fe
027bb427cfad18362ea262b368d2231df61739dd8b720198b5225d82d779fda3
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
08e8114a8b4540d7086299e1886753a8f24bc5d7aec4c38f64f139be5557a447
0dd8f8a961047225564d517825814b79d7e55c95a5b584987aeadb2bcafe39ff
0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849
0f5b96176b58de445ba4e11385135d392e57eb6e12b942d3d09f54c45f4879ee
1235f66dcedf2b0b1227e9ebeb66deb2f60267f1f122839593c5771ae3c95bdd
189f7252b612d8a109de74f6b2ce51468babcf2f3600b92e5ff7d90d4b0564b3
1bec22d0a46b2239935880ce9f8e0015532f67f68a2ced5cf7a0dfc001377783
21dc21cf1cc77b458d114634e3775e70f229dc0c215b0c8958920e2079cb5a16
21f68b4158e9ff4fa7937c033a36638fa9e9f51643e46d242d50bce7f852927c
22ff6d1b7484ac9419147f4d03ef30e5a0f4a5bb4f98ef4c053fbe2008db3876
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
2622843dcd4e80e82792aee39dd55c0a5c4d5d2a89ca8a72b14f10620a688d01
2b2f88606e0e67ca512cb458ab89f1c48a1ea9109e28c7be9f925b59e478bafc
2c8e8e9a0287e699e1c4192f000a0ac325684974d4047f5c3c9f0420298b9fa2
2e0409a5c07795fdd2e472e5fc8a723cf7076de849d5050966b5e2cc58741df5
321caf3b5deae5f4be6261374b509b793eacc09762074aa1ae7471f7ad6369a3
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e74fac68df0b383623e0463b25398514cc891796a79c2c544269000b3db88e1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
422d54bb870d6dd8b835cbe38bc7460ccc78a020483e9e785cc1cf2c9ac8691a
47653a9f7018becce411a759f283d85760fc921b1aec897a2386d5506d0d0b3f
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4f2b668b3ba9a8199da275a7e2986cfe75472226fa17298080c71b590994b1a8
52f668d0c674f4029e8e4ff528bcc1e51307e6568c03c9c6a4d3ba6c9ac1302e
53f829ae556bf7011727483015d83a98bcdb4b5796eecb728827c1282c971536
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b39b755213b90cccb823d221638472fef43a5d34ccded0ddbbff3b1e68f4fa1
5cc630686190c6b0588372183c91c0981c79bfdbe03d7e019f581da24c48cedf
5cd9ef4234ee0fccbf1656d0227b8f8c3fed39fe79ffbf7f00e57eba39f61071
632d17d46da52a4dd4aa467ff5f826d1ba32cc42c202dbe14cc2e1b54452a62e
642213f0924beec3e74bb21b8b17173f9e0c50c8ddb642c212ba06d1b58f8cd2
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a2bdf4967e9191b9c16acddc93a44b8075c3c8be19a2bb32adc262add1647e9
6a5555b770a9693b4ed77aeb930afa9a1df64bd67e8b95315a8fc98308502064
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bde0029508025e049f5414cb86bf217f05e16414a92b92c18b821cd774337ba
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
7184cfaf7c4c8bcff763199419aafaa5e91a79a784144ba518fc61bfc3f60b60
71ff99066d74da4f8f3a8c9fbbbe84bf9b910748765309557c152b340a350490
73cb72b4f2673f0806a8b28718c9ce02f3600b396c3de248c3fc8d00731d503a
7551c3d9d90e52f35c650b1dff3fd232d444a59c79ce05db5037c5e4f9912a87
78613a6e5bab939b078feae691fb0661e2b2671dcce1b1be66517203b2a7b3b1
7a78c3ae5b520d8ff4628c3fc35957ae8c99a5baf27979623a5e10249c648f5d
7b5eab3530601730aeeb92088210c53ffffbdce53f0fd70c8a188243a4519c7c
82d68ba82db254a2595995b873d65ed9b8e09f3772e6ea3898515a26e5df5660
85250185e4fde34c9c1859729f3a25be2ab808cd373bde2169fb0043774fd679
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
9a99d2bb4a206485fe70e80d65b5fb32a07a477849029d3d99a551103e85e395
a174ce3d0e66cfea95ba4288c928291b37bd679f3044ac1a7f4dc3958036be11
a2f1b190e5d5a3063c35b75b1a00c039b13e171eb7b099299dcb67e9e4fe65cd
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a806401e3fb66c7702de2e602f1da862d7a0120df8a1c76e5592fa03f2195f84
ad23609197845c2941c0b152c925118d03248799352a13ff83c38f9e2805942c
aee3e1bef3c2428322274ce4a3cf2578d43bd59730ddb6fe2d5fb95da90c4bf3
af5bce79d299ff355872e8a6898f67f62e19d0e552bc822608ed25d71a60c045
b0b1ab4e90ca6515e211b04eb0da10d992956b629d8452a36a217de9ac572720
b12df28928ae6402d9d672b356057877a9829fb5701e913e162c03774ab4cec7
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b82a7e3de0f28545976b6ea127ed6d815e1e675322e869f21532184a7244fc56
b8cf531ef85346abed1d97d7526e8033ed4712b6d51bd007e0a75ebbdc69882e
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
c1bc98f188a5797fcbe67ffd72028347b81fb7cafca30994789f953694e81c9e
c91074d9eec7957eb6cf4b1289a8f6689af575754d5f876cf3714feae7068d38
ca332a03d71a831045e844c71a5e350a73c2e5b4f17a2501a1336261a791df06
cc32a50039e29f209eae1374c48b332a726722a1f642cc12aa4b4c9f3e576ea2
ce1aa47055e2b335d138a29b86bb646c936a673c9d182fb84b1c94bfd606e4a5
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d982c4fff78c63ed84481eb36845e3b9e2753bfe996a3ba45835f75c6af1dc55
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc51ed5137587b9033d06b65d9456d6d69dc52a4005cc51b2d23f85e69d4f8c8
dca6dbc693e602af7d214ac98b0a069096f398efe0e3bf11a86b12ee08e40fcc
de53b132680c6d47b477dc059b01330332c5427deb867bbad05c559618ac18db
de605c6aa66689dda819a5f88e532577890afecb84018abc2e552d6dd9e6c197
de90f16b05e71d4a04f1b09c09a723989156805d9c3e9afd5572db4b9ed53051
e0a26a1ea9be40cca40ba8fa9085fc9114e14171022777b7e9010638cbde935b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec8b39c18165351ae1ef050cee92204eec85d699cd3e960fb06e6d6bc0bb6e1d
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef882dec5480d3e0eaa9fb95351664ac38bbaaa1931d2f1375e1ec98a5a08c80
f1e97ceeb117b85e8a6e0d2de5b519512b7c985cadbcd2bfbce67a9dc90160b5
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f3062b47dc327b131adbc67979640c36f710ac701da4a64d39267bfc6dc3bf74
f3ba2a8d8471885c260c54332e080987ab4995a2fd72ddb3fcb4792672761d96
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f47853b57fe6a5a6d4c6273d65059bbab91059d0eec6b6cc75db9ed49e1da6f6
f713debb74a1065fdf400328f4060aaf9ced1c05a0b811d4bd4225e97d9162cb
fa3d5a0422c9b413abb4c78f8ff80de8a8ed58766f7110c82febf5296e899b47
fd33502eaf639cbe8a9a79da517a0daa919a4533fd747ecbdee592cfa0b6bbf0

andareincentives.com Open in urlscan Pro 2620:12a:8000::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

110 Requests

99 %HTTPS

81 %IPv6

21 Domains

27 Subdomains

27 IPs

4 Countries

7163 kBTransfer

11257 kBSize

13 Cookies

3 Outgoing links

Page URL History

Redirected requests

110 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

andareincentives.com Open in urlscan Pro
2620:12a:8000::3 Public Scan

Screenshot
Live screenshot

Full Image

110
Requests

99 %
HTTPS

81 %
IPv6

21
Domains

27
Subdomains

27
IPs

4
Countries

7163 kB
Transfer

11257 kB
Size

13
Cookies

110 HTTP transactions
1 data transactions