refb.org Open in urlscan Pro
52.5.5.85 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://refb.org/
Effective URL:
https://refb.org/
Submission Tags: tranco_l324
Submission: On May 27 via api (May 27th 2024, 10:04:10 am UTC) from DE — Scanned from DE

Summary HTTP 78 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 25 IPs in 3 countries across 16 domains to perform 78 HTTP transactions. The main IP is 52.5.5.85, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is refb.org.
TLS certificate: Issued by R3 on May 7th 2024. Valid for: 3 months.

This is the only time refb.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	52.5.5.85 52.5.5.85	14618 (AMAZON-AES) (AMAZON-AES)
23	18.244.18.5 18.244.18.5	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:44cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:2680	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.54.99.181 52.54.99.181	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:272... 2600:9000:2724:da00:b:c006:c80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	104.16.224.240 104.16.224.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6812:992	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 8	2606:4700:20:... 2606:4700:20::681a:b13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:20:... 2606:4700:20::681a:e61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:272... 2600:9000:2724:ca00:b:c006:c80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
5	142.250.186.163 142.250.186.163	15169 (GOOGLE) (GOOGLE)
1	52.216.114.19 52.216.114.19	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.170 142.250.186.170	15169 (GOOGLE) (GOOGLE)
6	2606:4700:20:... 2606:4700:20::ac43:4adc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
78	25

3 52.5.5.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-5-85.compute-1.amazonaws.com

refb.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 18.244.18.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-5.fra56.r.cloudfront.net

cdn.firespring.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:44cc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.gtranslate.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:2680 (United States)

ASN13335 (CLOUDFLARENET, US)

redwood-empire-food-bank.givecloud.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.54.99.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-99-181.compute-1.amazonaws.com

signup.e2ma.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2724:da00:b:c006:c80:93a1 (United States)

ASN16509 (AMAZON-02, US)

embed.e2ma.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.224.240 (None, )

ASN13335 (CLOUDFLARENET, US)

analytics.firespring.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:992 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.sitesearch360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insights.sitesearch360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::681a:b13 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

loader.wisepops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.wisepops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracking.wisepops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:e61 (United States)

ASN13335 (CLOUDFLARENET, US)

wisepops.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2724:ca00:b:c006:c80:93a1 (United States)

ASN16509 (AMAZON-02, US)

dk98ddgl0znzm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.114.19 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

emma-content-aggregates-prd.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::ac43:4adc (United States)

ASN13335 (CLOUDFLARENET, US)

activity.wisepops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	firespring.com cdn.firespring.com — Cisco Umbrella Rank: 109867 analytics.firespring.com — Cisco Umbrella Rank: 137184	2 MB
14	wisepops.com 1 redirects loader.wisepops.com — Cisco Umbrella Rank: 17725 cdn.wisepops.com — Cisco Umbrella Rank: 41600 activity.wisepops.com — Cisco Umbrella Rank: 17926 tracking.wisepops.com — Cisco Umbrella Rank: 44923	2 MB
10	gstatic.com fonts.gstatic.com www.gstatic.com	99 KB
5	sitesearch360.com cdn.sitesearch360.com — Cisco Umbrella Rank: 33170 insights.sitesearch360.com — Cisco Umbrella Rank: 32164	90 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33 translate.googleapis.com — Cisco Umbrella Rank: 866	75 KB
3	wisepops.net wisepops.net — Cisco Umbrella Rank: 13588	31 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	257 KB
3	refb.org refb.org	16 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2533	303 B
2	e2ma.net signup.e2ma.net — Cisco Umbrella Rank: 99577 embed.e2ma.net — Cisco Umbrella Rank: 284363	9 KB
2	gtranslate.net cdn.gtranslate.net — Cisco Umbrella Rank: 20847	8 KB
1	amazonaws.com emma-content-aggregates-prd.s3.amazonaws.com — Cisco Umbrella Rank: 90337	527 B
1	cloudfront.net dk98ddgl0znzm.cloudfront.net	5 KB
1	youtube.com www.youtube.com — Cisco Umbrella Rank: 64
1	google.com translate.google.com — Cisco Umbrella Rank: 1182	32 KB
1	givecloud.co redwood-empire-food-bank.givecloud.co	578 KB
78	16

	Domain	Requested by
23	cdn.firespring.com	refb.org cdn.firespring.com
7	fonts.gstatic.com	fonts.googleapis.com refb.org
6	activity.wisepops.com	loader.wisepops.com
5	cdn.wisepops.com	loader.wisepops.com refb.org cdn.wisepops.com
4	fonts.googleapis.com	cdn.firespring.com redwood-empire-food-bank.givecloud.co cdn.wisepops.com
3	wisepops.net	refb.org loader.wisepops.com
3	cdn.sitesearch360.com	refb.org cdn.sitesearch360.com
3	www.gstatic.com	refb.org www.gstatic.com
3	www.googletagmanager.com	refb.org www.googletagmanager.com
3	refb.org	signup.e2ma.net cdn.firespring.com
2	tracking.wisepops.com	loader.wisepops.com
2	insights.sitesearch360.com	cdn.sitesearch360.com
2	region1.google-analytics.com	www.googletagmanager.com
2	analytics.firespring.com	refb.org analytics.firespring.com
2	cdn.gtranslate.net	refb.org
1	emma-content-aggregates-prd.s3.amazonaws.com	embed.e2ma.net
1	dk98ddgl0znzm.cloudfront.net	embed.e2ma.net
1	www.youtube.com	refb.org
1	loader.wisepops.com	1 redirects
1	translate.googleapis.com
1	embed.e2ma.net	refb.org
1	translate.google.com	refb.org
1	signup.e2ma.net	refb.org
1	redwood-empire-food-bank.givecloud.co	refb.org
78	24

This site contains links to these domains. Also see Links.

Domain
interland3.donorperfect.net
getfood.refb.org
simplebooklet.com
signup.e2ma.net
twitter.com
www.facebook.com
www.instagram.com
www.linkedin.com
www.youtube.com
www.211bayarea.org
www.feedingamerica.org
www.mealsonwheelsamerica.org
translate.google.com

Subject Issuer	Validity	Valid
refb.org R3	`2024-05-07` - `2024-08-05`	3 months	crt.sh
cdn.firespring.com Amazon RSA 2048 M02	`2023-11-01` - `2024-11-29`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
gtranslate.net E1	`2024-05-19` - `2024-08-17`	3 months	crt.sh
givecloud.co GTS CA 1P5	`2024-05-03` - `2024-08-01`	3 months	crt.sh
*.e2ma.net Amazon RSA 2048 M02	`2024-03-05` - `2025-04-02`	a year	crt.sh
*.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
analytics.firespring.com E1	`2024-04-01` - `2024-06-30`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
sitesearch360.com GTS CA 1P5	`2024-05-17` - `2024-08-15`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
wisepops.net GTS CA 1P5	`2024-05-22` - `2024-08-20`	3 months	crt.sh
wisepops.com E1	`2024-04-25` - `2024-07-24`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://refb.org/
Frame ID: 2EB6357BAC94FBFE0FDD51AED58AB17F
Requests: 75 HTTP requests in this frame

Frame: https://www.youtube.com/embed/N8z5u5rGwlw?wmode=opaque&rel=0&autoplay=0&controls=1
Frame ID: 31530034D7FFDBC863176F3F3CB24858
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 8E85488A083940B8A0D4CBC727FA47E5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Redwood Empire Food Bank

Page URL History Show full URLs

http://refb.org/ HTTP 307
https://refb.org/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

78
Requests

99 %
HTTPS

70 %
IPv6

16
Domains

24
Subdomains

25
IPs

3
Countries

5439 kB
Transfer

9518 kB
Size

16
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://interland3.donorperfect.net/weblink/WebLink.aspx?name=redempire&id=134
Title: DONATE

Search URL Search Domain Scan URL

URL: https://getfood.refb.org/
Title: GET FOOD

Search URL Search Domain Scan URL

URL: https://simplebooklet.com/2023communityimpactreport
Title: Our 2023 Impact Report is now available. Over 142,000 people across Sonoma County relied on your support in 2023. View the Report

Search URL Search Domain Scan URL

URL: https://signup.e2ma.net/signup/1931774/1922935
Title: Sign up here

Search URL Search Domain Scan URL

URL: https://twitter.com/refb

Search URL Search Domain Scan URL

URL: https://www.facebook.com/redwoodempirefoodbank/?v=wall

Search URL Search Domain Scan URL

URL: https://www.instagram.com/redwoodempirefoodbank/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/the-redwood-empire-food-bank/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCysGlYfTIOIT6f9BHazij7Q?view_as=subscriber

Search URL Search Domain Scan URL

URL: https://www.211bayarea.org/

Search URL Search Domain Scan URL

URL: https://www.feedingamerica.org/

Search URL Search Domain Scan URL

URL: https://www.mealsonwheelsamerica.org/

Search URL Search Domain Scan URL

URL: https://translate.google.com/
Title: Google Übersetzer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://refb.org/ HTTP 307
https://refb.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://loader.wisepops.com/get-loader.js?v=1&site=xmBqhzvX8f HTTP 301
https://wisepops.net/loader.js?v=1&site=xmBqhzvX8f

78 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
refb.org/
Redirect Chain

http://refb.org/
https://refb.org/

63 KB
13 KB

3210ms
1228ms

Document
text/html

52.5.5.85
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.5.5.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-5-85.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b0da03ac2a2b5029ae50162a26a8d59377efe03cc05f7d68025f28ef8bbcf2ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 12068
content-security-policy-report-only: default-src https:;script-src https: 'strict-dynamic' 'nonce-bfb16d743b9142a667a2bd46f8ab949ff53bf05fec25baa7dc5a89ea81c8079e' 'unsafe-inline' 'unsafe-eval' 'report-sample';style-src https: 'unsafe-inline';img-src https: data:;connect-src https: wss:;font-src https: data:;object-src 'none';media-src https: blob: data:;frame-src https: null data: blob:;child-src 'self' https:;form-action 'self';frame-ancestors https://my.firespring.com;base-uri 'self' https://insights.sitesearch360.com;worker-src 'self' blob:;manifest-src 'self' https://cdn.firespring.com;report-uri /csp_log
content-type: text/html; charset=UTF-8
date: Mon, 27 May 2024 10:04:01 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
firespring-website-id: 10788
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains; preload;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://refb.org/
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK stylesheet.1716799245.css
cdn.firespring.com/core/v2/css/ 255 KB
45 KB 149ms
54ms Stylesheet
text/css 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.firespring.com/core/v2/css/stylesheet.1716799245.css

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

b1c80bca1fc3479af5baa28a7e391a0bb7dc99e98cfa64d659c7306cb2bc28c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 27 May 2024 08:40:47 GMT
Content-Encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
Via: 1.1 6f1a8e219f50f958f5a2fbc9c84af776.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P11
Age: 4994
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 45688
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
Last-Modified: Thu, 23 May 2024 15:02:00 GMT
Server: Apache
x-frame-options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Amz-Cf-Id: yKsBGk2vsCkTheQs0m0riRPZhkpdrFOA9MxTh4pzFKCifNBNeh2zFg==
Expires: Wed, 26 Jun 2024 08:40:47 GMT

GET
H/1.1 200
OK design.1716799245.css
cdn.firespring.com/designs/013063_10788/css/ 418 KB
63 KB 165ms
70ms Stylesheet
text/css 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.firespring.com/designs/013063_10788/css/design.1716799245.css

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d216b122e85aaa922b1e9c2340a16e13592afae5c10b7c0cb123bb6280cbb104

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 27 May 2024 08:42:39 GMT
x-amz-version-id: 7KetjbWHYLrQF8lM8zbRWczXmwv7WKzp
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Via: 1.1 49c384ab63de091c5f4d1534f8845d0c.cloudfront.net (CloudFront)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
x-amz-request-id: 4JVRMXTJ49BV8NMN
X-Amz-Cf-Pop: FRA56-P11
x-amz-server-side-encryption: AES256
Age: 4883
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-id-2: Zoy/KtSpY6hDQvFNetwu9zdFVeIpfti0Vt1eAfxUXPxLLtAHcMzAuc5Q41I3QmDgslhkXcjxU1k=
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Last-Modified: Wed, 17 Jan 2024 19:37:35 GMT
Server: AmazonS3
ETag: W/"01286db13cf74bafb3467786f6ec0248"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=86400
X-Amz-Cf-Id: KUsOJ8w11d6nUEbDVqbhq99-ht1w-yuvq-WX4i9zgUgMWqw7shGH9g==

GET
H/1.1 200
OK jquery.1716799245.js Show response
cdn.firespring.com/core/v2/js/ 85 KB
30 KB 156ms
62ms Script
application/javascript 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.firespring.com/core/v2/js/jquery.1716799245.js

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 27 May 2024 08:40:47 GMT
Content-Encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
Via: 1.1 74ca1b9f17cb4adcfc54f8b84ccc7d82.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P11
Age: 4994
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 30305
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
Last-Modified: Thu, 23 May 2024 15:02:00 GMT
Server: Apache
x-frame-options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Amz-Cf-Id: rkFV560RrP9davLMHcsiUVAiV3nHl2Rl1S-mxIXXauzJZ4zEbJCdTQ==
Expires: Wed, 26 Jun 2024 08:40:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
80 KB 157ms
68ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-341889012

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fa807c82b27c52eb36c1588bd7232979ebe9dee6479a26e81ff469b392a9cdfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 10:04:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81876
x-xss-protection: 0
last-modified: Mon, 27 May 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 27 May 2024 10:04:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
80 KB 167ms
78ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-346109100

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

15c6451016aa4cca0bc0dfd2b6108655fbe4e2d90794265e36abc8bff832e85b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 10:04:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81942
x-xss-protection: 0
last-modified: Mon, 27 May 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 27 May 2024 10:04:02 GMT

GET
H2 200 float.js Show response
cdn.gtranslate.net/widgets/latest/ 20 KB
7 KB 149ms
53ms Script
application/javascript 2606:4700:20::ac43:44cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gtranslate.net/widgets/latest/float.js
Requested by: Host: refb.org
URL: https://refb.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e68cb17420501844a1a7c32cc2786f40c12813c22514e36fd684c0a022ca58e0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 10:04:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5395169
cf-polished: origSize=22915
cf-bgj: minify
last-modified: Sun, 30 Apr 2023 23:11:58 GMT
server: cloudflare
etag: W/"644ef5be-5983"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8xXQn79IT%2B%2B2fHSr%2FECrZUmwcFRENtwwJ6ZLckXCCVviUTvR%2FAAN13aBGYqh%2BuvsQzrDM9AoaBukAm7I%2FayNmFxv2e%2FPoBCqr668kOSM8Yqcw7FwulZdUshlV6pnp8EH93LfMNSEmfTzi8IQxDeBog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 88a52db24ebc085b-FRA
expires: Tue, 25 Mar 2025 23:24:33 GMT

GET
H2 200 widgets.js Show response
redwood-empire-food-bank.givecloud.co/v1/ 2 MB
578 KB 477ms
372ms Script
application/javascript 2606:4700:10::6816:2680
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redwood-empire-food-bank.givecloud.co/v1/widgets.js
Requested by: Host: refb.org
URL: https://refb.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80d2145dc47e5cdcad01d0ede4d7d454f43ed32c41b2017b01bfcd5b733bcb2f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 10:04:02 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Wed, 22 May 2024 13:52:09 GMT
server: cloudflare
etag: W/"664df889-213d4a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 88a52db259774d32-FRA
expires: Mon, 27 May 2024 10:09:02 GMT

GET
H/1.1 200
OK 11719a96-da8b-47a6-be40-31bc79bbe284.png
cdn.firespring.com/images/ 38 KB
39 KB 840ms
748ms Image
image/png 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.firespring.com/images/11719a96-da8b-47a6-be40-31bc79bbe284.png

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

ba379f3cae03800268ab7bbdde16c23561decb44a05174be07548680b7e54d59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 27 May 2024 10:04:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
Via: 1.1 094f3889138382e35e0daededad0ca5e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P11
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
content-transfer-encoding: binary
Content-Disposition: inline; filename="redwood-logo.png"
Connection: keep-alive
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
Server: Apache
x-frame-options: SAMEORIGIN
Vary: Accept
Content-Type: image/png
Cache-Control: must-revalidate, max-age=86400
X-Amz-Cf-Id: bSDU2sr_jrdaAOhFazS740ywZ7UecaYVgh_DzpgcVH8QupEAEi_d3Q==
Expires: Tue, 28 May 2024 10:04:02 GMT

GET
H/1.1 200
OK 2f51b900-1a2b-4af5-9531-bbe8525a475f.png
cdn.firespring.com/images/ 8 KB
8 KB 137ms
45ms Image
image/png 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.firespring.com/images/2f51b900-1a2b-4af5-9531-bbe8525a475f.png

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

21982516c2709d6f0efe58184804044aa685925ae4d550d3d3d1b3a5a49ac390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 27 May 2024 06:24:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
Via: 1.1 553c17cdbfc8c5ba81390077b0e5d2d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P11
Age: 13167
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
content-transfer-encoding: binary
Content-Disposition: inline; filename="logo-2-white.png"
Connection: keep-alive
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
Server: Apache
x-frame-options: SAMEORIGIN
Vary: Accept
Content-Type: image/png
Cache-Control: must-revalidate, max-age=86400
X-Amz-Cf-Id: sX_YINzaOz7K6dw0TGD7QEbWP8upp4L6zQVNlxoU4FKIfv9u_bsA1Q==
Expires: Tue, 28 May 2024 06:24:34 GMT

GET
H2 200 / Show response
signup.e2ma.net/tts_signup/1931774/764e855f5f7be3b5cc0ab5da69852621/1922935/ 7 KB
7 KB 463ms
203ms Script
text/javascript 52.54.99.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://signup.e2ma.net/tts_signup/1931774/764e855f5f7be3b5cc0ab5da69852621/1922935/?v=a

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.54.99.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-99-181.compute-1.amazonaws.com

Software

gunicorn /

Resource Hash

e8b518d89f64243cf8edeb4d1468b5e44af082a370d0c2007562ad01bf7e2092

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 10:04:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
server: gunicorn
content-length: 7447
content-type: text/javascript

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 90 KB
32 KB 175ms
59ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0f49f69a5105e16564e48fb4e34614434ed8b8e82ab32fade546765f861df846

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 27 May 2024 10:04:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK footer_scripts.1716799245.js Show response
cdn.firespring.com/core/v2/js/ 475 KB
140 KB 62ms
59ms Script
application/javascript 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.firespring.com/core/v2/js/footer_scripts.1716799245.js

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

86d096364d7297f1ba37d8b8a5446bf858684df828c4eee06215d67a364a768d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 27 May 2024 08:40:47 GMT
Content-Encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
Via: 1.1 49c384ab63de091c5f4d1534f8845d0c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P11
Age: 4995
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
Last-Modified: Thu, 23 May 2024 15:02:03 GMT
Server: Apache
x-frame-options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Amz-Cf-Id: ulq40nUY4GJgY0MVTkpccbbCbRRT5HqDX1P6GTKbnOHSP3JdGqaMoQ==
Expires: Wed, 26 Jun 2024 08:40:47 GMT

GET
H2 200 e2ma.js Show response
embed.e2ma.net/ 2 KB
2 KB 132ms
39ms Script
application/javascript 2600:9000:2724:da00:b:c006:c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.e2ma.net/e2ma.js
Requested by: Host: refb.org
URL: https://refb.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:da00:b:c006:c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aab005e1e9c3d72739f90a0599a16112cd7713958aa506a36fadfc3030e90083

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: EVTdvh.cjMfGyK99DUWIUQF28TpmAa95
content-encoding: gzip
via: 1.1 8576ee57c8a84a61190d4c1b31b69a90.cloudfront.net (CloudFront)
date: Mon, 27 May 2024 05:25:43 GMT
x-amz-cf-pop: FRA56-P12
age: 16700
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 07 Feb 2020 16:09:43 GMT
server: AmazonS3
etag: W/"5f4361bbb5893a069002b83b10be287f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
x-amz-cf-id: mpk2qYBlQlCb7MNeNtsrfCgJx-q12XvZMTlxa35gCdGxsgliTRpetQ==

GET
H/1.1 200
OK 8247b22743a1ed8d863be45f83512742ead5361f.1716799245.js Show response
cdn.firespring.com/designs/013063_10788/js/ 57 KB
11 KB 58ms
55ms Script
application/javascript 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.firespring.com/designs/013063_10788/js/8247b22743a1ed8d863be45f83512742ead5361f.1716799245.js

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

370689c31d406bd9a0544097dda11a275247cb914335562692142e98826cf9d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 27 May 2024 08:42:39 GMT
x-amz-version-id: VdnTfD7xfJIxh7qwO2BkGz0iri8Z.w8y
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Via: 1.1 6f1a8e219f50f958f5a2fbc9c84af776.cloudfront.net (CloudFront)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
x-amz-request-id: 4JVVEGV7BBHR6R3P
X-Amz-Cf-Pop: FRA56-P11
x-amz-server-side-encryption: AES256
Age: 4884
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-id-2: rZ1dwLo2BD0LjHoj6+HJVqW2m4TCmCzPjQchBxHlImR3PNjNqN5PZirgz1Y5/PUCC+hYMtpISCxGI0hHPJfcTQ8hboHpsuKtxK8PIPsTeGo=
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Last-Modified: Wed, 17 Jan 2024 19:37:36 GMT
Server: AmazonS3
ETag: W/"f4a474b36ff4062f6b679665f80383b4"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=86400
X-Amz-Cf-Id: CNJIz49TLo1qE-qt3KsH13XWr32TwFOt7zFQ45C-kiQ6WCGEqn3PyA==

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
1 KB 138ms
51ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,500&display=swap

Requested by

Host: cdn.firespring.com
URL: https://cdn.firespring.com/designs/013063_10788/css/design.1716799245.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

74b20f6bc9778385468ee059054c8ab79da2d8c85e0d9829a49ad13e9b043a20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 May 2024 10:04:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 May 2024 10:04:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 May 2024 10:04:02 GMT

GET
H3 200 js Show response
analytics.firespring.com/ 15 KB
6 KB 140ms
57ms Script
text/javascript 104.16.224.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.firespring.com/js
Requested by: Host: refb.org
URL: https://refb.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.224.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88016f3e375f96ff36202e84fb998d0d224202a8139b02a1d61612c317e4c6a9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 10:04:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 22 May 2024 00:23:23 GMT
server: cloudflare
age: 466352
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 88a52db25eb19972-FRA
alt-svc: h3=":443"; ma=86400
x-proxy-cache: MISS

GET
H/1.1 200
OK pattern-light.png
cdn.firespring.com/designs/013063_10788/images/ 31 KB
32 KB 56ms
56ms Image
image/png 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.firespring.com/designs/013063_10788/images/pattern-light.png

Requested by

Host: cdn.firespring.com
URL: https://cdn.firespring.com/designs/013063_10788/css/design.1716799245.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a4506784688eef9181af1d00b31ea717e6386eafb55e5efa597f445a5a11485b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 22 May 2024 08:52:32 GMT
x-amz-version-id: WyBAeS73Bp.m2D.JzRfviedyFov4l5Hl
Via: 1.1 74ca1b9f17cb4adcfc54f8b84ccc7d82.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
x-amz-request-id: C719KWKRQJE5A219
X-Amz-Cf-Pop: FRA56-P11
x-amz-server-side-encryption: AES256
Age: 436291
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 31739
x-amz-id-2: RpYFsT5+Cncz4u9seHpMt/MzyKbBKHnIhKIcyQVt7+5PuuLyIf9KsRHsw/7a7Edrd+RwNfwVPJM=
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Last-Modified: Wed, 17 Jan 2024 19:37:36 GMT
Server: AmazonS3
ETag: "8effed640b5b634f1dd0e6a824e0bd75"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=86400
Accept-Ranges: bytes
X-Amz-Cf-Id: 2dDJYkTgDcuDkyfkktdUd0dOst7oxizc_sYSv8oSb7H_jLVoDRTH0A==

GET
H/1.1 200
OK pattern.png
cdn.firespring.com/designs/013063_10788/images/ 102 KB
103 KB 58ms
58ms Image
image/png 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.firespring.com/designs/013063_10788/images/pattern.png

Requested by

Host: cdn.firespring.com
URL: https://cdn.firespring.com/designs/013063_10788/css/design.1716799245.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

9b777f388466ed45f703dc3b008a3120717fd280ce1a558622dde56e5056d01f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 20 May 2024 15:37:07 GMT
x-amz-version-id: VGlTkwt4TGs7XHovYHa527xDElMF.lqG
Via: 1.1 74ca1b9f17cb4adcfc54f8b84ccc7d82.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
x-amz-request-id: 2FXVQ1KZ1D8ZR3W7
X-Amz-Cf-Pop: FRA56-P11
x-amz-server-side-encryption: AES256
Age: 584816
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 104895
x-amz-id-2: +mZKu+lhd1JguWKHZyMBKwYRtJhcemlPOLRyuAryDNBzY4BD4nXsVxGw3ukXi3HiKDBvzzRKMug=
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Last-Modified: Wed, 17 Jan 2024 19:37:36 GMT
Server: AmazonS3
ETag: "e9cbefe7d083b13e97001ba6a5d8fefd"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=86400
Accept-Ranges: bytes
X-Amz-Cf-Id: G60VcY6Ao3fRLXtHCYN_MjxPNQhPeMHGubdddXu1fUGcPB7rV0PEeg==

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 127ms
39ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://refb.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 06:41:12 GMT
x-content-type-options: nosniff
age: 530570
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 May 2025 06:41:12 GMT

GET
H/1.1 200
OK fa-brands-400.woff2
cdn.firespring.com/core/v2/fonts/font-awesome/ 115 KB
116 KB 136ms
57ms Font
application/font-woff2 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.firespring.com/core/v2/fonts/font-awesome/fa-brands-400.woff2

Requested by

Host: cdn.firespring.com
URL: https://cdn.firespring.com/core/v2/css/stylesheet.1716799245.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

232c6f6a7678304f9efaa26f30b1610debc2ba9f4cd636b5e6751c8d73761b92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://refb.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 22 May 2024 14:36:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
Via: 1.1 0b761d2a74b283528cf840bf9ce44b20.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P11
Age: 415640
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 117852
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
Last-Modified: Mon, 20 May 2024 19:37:34 GMT
Server: Apache
x-frame-options: SAMEORIGIN
Content-Type: application/font-woff2
access-control-allow-origin: *
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Amz-Cf-Id: ZyVxYg6P3PthWuHmUZkB5RjVW6E_0QIGALwzYpFrYy_hyk2KLbpsDQ==
Expires: Fri, 21 Jun 2024 14:36:41 GMT

GET
H/1.1 200
OK fa-solid-900.woff2
cdn.firespring.com/core/v2/fonts/font-awesome/ 153 KB
153 KB 132ms
53ms Font
application/font-woff2 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.firespring.com/core/v2/fonts/font-awesome/fa-solid-900.woff2

Requested by

Host: cdn.firespring.com
URL: https://cdn.firespring.com/core/v2/css/stylesheet.1716799245.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

ae17c16afbea216707b2203ea1cf9bdb45b9bfe47d0f4ae3258ddbc6294dd02f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://refb.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 22 May 2024 14:36:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
Via: 1.1 b166ca183629eada7c88ffe6bf8562a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P11
Age: 415648
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 156400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
Last-Modified: Mon, 20 May 2024 19:37:34 GMT
Server: Apache
x-frame-options: SAMEORIGIN
Content-Type: application/font-woff2
access-control-allow-origin: *
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Amz-Cf-Id: XC9q0m_AyMp-O2j4XbDDC8rHVAJUQkbytFuoWAIdQb_zmqVvK5lAqQ==
Expires: Fri, 21 Jun 2024 14:36:34 GMT

GET
H/1.1 200
OK 5ef92f3c-9685-40ff-9ea7-1a6a4bd0d76e.jpg
cdn.firespring.com/images/ 111 KB
112 KB 764ms
763ms Image
image/webp 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.firespring.com/images/5ef92f3c-9685-40ff-9ea7-1a6a4bd0d76e.jpg

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

7d6edefa17ea1e92ff0e5db57919136ffc52725c1b6239d7fa11245abfabbdad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 27 May 2024 10:04:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
Via: 1.1 553c17cdbfc8c5ba81390077b0e5d2d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P11
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
content-transfer-encoding: binary
Content-Disposition: inline; filename="Child with apple.jpg.webp"
Connection: keep-alive
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
Server: Apache
x-frame-options: SAMEORIGIN
Vary: Accept
Content-Type: image/webp
Cache-Control: must-revalidate, max-age=86400
X-Amz-Cf-Id: KZQIlRhcOxyAirpC9vB7X3kZA1GlyyOfbpWr3l80-p-616MHXNAFrQ==
Expires: Tue, 28 May 2024 10:04:02 GMT

GET
H/1.1 200
OK c522cbca-6c12-4e67-9251-075d10422666.jpg
cdn.firespring.com/images/ 187 KB
188 KB 732ms
731ms Image
image/webp 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.firespring.com/images/c522cbca-6c12-4e67-9251-075d10422666.jpg

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

851a0682418739b70ab9369b71a17c060a9a79f438a63fcfaf2e3e1ae9f59cb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 27 May 2024 10:04:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
Via: 1.1 49c384ab63de091c5f4d1534f8845d0c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P11
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
content-transfer-encoding: binary
Content-Disposition: inline; filename="AWWE 3 5.31.22.jpg.webp"
Connection: keep-alive
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
Server: Apache
x-frame-options: SAMEORIGIN
Vary: Accept
Content-Type: image/webp
Cache-Control: must-revalidate, max-age=86400
X-Amz-Cf-Id: DQ3hzVdTARDWih63zrJmsxqj2gsOStLY59kpNKtozgty2-ziPaQIDw==
Expires: Tue, 28 May 2024 10:04:02 GMT

POST
H/1.1 200
OK csp_log
refb.org/ 0
1 KB 230ms
229ms Other
text/html 52.5.5.85
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://refb.org/csp_log

Requested by

Host: signup.e2ma.net
URL: https://signup.e2ma.net/tts_signup/1931774/764e855f5f7be3b5cc0ab5da69852621/1922935/?v=a

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.5.5.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-5-85.compute-1.amazonaws.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 27 May 2024 10:04:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: Apache
content-security-policy-report-only: default-src https:;script-src https: 'strict-dynamic' 'nonce-6d5436acaee9d9c831fcdd7d5e1002dfa7c03f0fc8e6b2c9cd9478ed11f88f6d' 'unsafe-inline' 'unsafe-eval' 'report-sample';style-src https: 'unsafe-inline';img-src https: data:;connect-src https: wss:;font-src https: data:;object-src 'none';media-src https: blob: data:;frame-src https: null data: blob:;child-src 'self' https:;form-action 'self';frame-ancestors https://my.firespring.com;base-uri 'self' https://insights.sitesearch360.com;worker-src 'self' blob:;manifest-src 'self' https://cdn.firespring.com;report-uri /csp_log?n=1
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=AgM/d=0/rs=AN8SPfrixlL1amy8r1f0UQHcZ2HL9amUjg/ 22 KB
5 KB 135ms
39ms Stylesheet
text/css 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=AgM/d=0/rs=AN8SPfrixlL1amy8r1f0UQHcZ2HL9amUjg/m=el_main_css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.Caodc0HRTy0.O/am=AgM/d=1/rs=AN8SPfp1JojJcpOAtDenFtx4aoM5GxMMBw/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 16:04:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4144
x-xss-protection: 0
last-modified: Thu, 04 Apr 2024 07:26:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 25 May 2025 16:04:34 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.Caodc0HRTy0.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfpeGWUk_wru4DzE18Ybl_zvJN1Ojg/ 206 KB
72 KB 134ms
40ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.Caodc0HRTy0.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfpeGWUk_wru4DzE18Ybl_zvJN1Ojg/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.Caodc0HRTy0.O/am=AgM/d=1/rs=AN8SPfp1JojJcpOAtDenFtx4aoM5GxMMBw/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c16c6f2d4164c9297edbc4e2693996b7890631977bacf14041f13f35f54ab44c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 16:04:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72807
x-xss-protection: 0
last-modified: Wed, 22 May 2024 21:10:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 25 May 2025 16:04:34 GMT

GET
H2 200 sitesearch360-v13.min.js Show response
cdn.sitesearch360.com/v13/ 222 KB
68 KB 151ms
52ms Script
application/javascript 2606:4700::6812:992
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sitesearch360.com/v13/sitesearch360-v13.min.js
Requested by: Host: refb.org
URL: https://refb.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:992 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd7f8bfdffe5f7fcab8a0658f2f64a42aee60a884094bd373a530f1a437d1400

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 10:04:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 13:49:06 GMT
server: cloudflare
age: 408061
etag: "3788c-5ee9c406b53b4-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 88a52db3cb033821-FRA
expires: Thu, 27 Jun 2024 10:04:02 GMT

GET
H2

200

loader.js Show response
wisepops.net/
Redirect Chain

https://loader.wisepops.com/get-loader.js?v=1&site=xmBqhzvX8f
https://wisepops.net/loader.js?v=1&site=xmBqhzvX8f

88 KB
30 KB

696ms
594ms

Script
text/javascript

2606:4700:20::681a:e61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wisepops.net/loader.js?v=1&site=xmBqhzvX8f
Requested by: Host: refb.org
URL: https://refb.org/
Protocol: H2
Server: 2606:4700:20::681a:e61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3ed8be8ecdd4e83c01208624e1197b428bdbd14cd4ad2b0b30745a43088404d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://refb.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Mon, 27 May 2024 10:04:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 27 May 2024 10:04:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=twugU2m2LYKNIj9I4WrXp71vmTAMDzonYKKu4ik%2BBZyxbcQwZ556HDdQGhGkE5CVLm8xEZCG5ofeolOnHTBkAwKQUoAD72AUJrb71eRdM6QYRvfoZZLn9MCFTgMoF18bB%2FwjxiO0X9imsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=1800, s-maxage=3600
cf-ray: 88a52db4f9660472-FRA

Redirect headers

date: Mon, 27 May 2024 10:04:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lg3%2B5r3eDyqmALyj3DKtsr9bNdHKWEgd5UD7G%2FvL%2BRqJqqCOweg7PVTAQgeoXQwKArLsZD3HP0UlOgh2Ruq22pqsqC7EiEV0VsFWl0IuPl7oWUmgkGSqr5UB7joUON44M%2FrG0S7XkB8YiwvmR2H0KZ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://wisepops.net/loader.js?v=1&site=xmBqhzvX8f
cache-control: max-age=3600
cf-ray: 88a52db3dbff65a9-FRA
content-length: 167
expires: Mon, 27 May 2024 11:04:02 GMT

GET
H2 200 N8z5u5rGwlw
www.youtube.com/embed/ Frame 3153 0
0 224ms
137ms Document
text/html 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/N8z5u5rGwlw?wmode=opaque&rel=0&autoplay=0&controls=1

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://refb.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Mon, 27 May 2024 10:04:02 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK 49aed7f2-ea6e-41cd-8ae2-0cc044e8e0c1.jpg
cdn.firespring.com/images/ 58 KB
59 KB 688ms
687ms Image
image/webp 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.firespring.com/images/49aed7f2-ea6e-41cd-8ae2-0cc044e8e0c1.jpg

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

cf5b6042462efb5af6e84aa58f5d1216b8fcc4041151f1ecb18e3babd4ea6080

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 27 May 2024 10:04:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
Via: 1.1 74ca1b9f17cb4adcfc54f8b84ccc7d82.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P11
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
content-transfer-encoding: binary
Content-Disposition: inline; filename="sweater-boy-celery-1000.jpg.webp"
Connection: keep-alive
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
Server: Apache
x-frame-options: SAMEORIGIN
Vary: Accept
Content-Type: image/webp
Cache-Control: must-revalidate, max-age=86400
X-Amz-Cf-Id: z4Eiequ1wofBwXpjEU3klqMDZqtfAf8M6KVJAkbqDF3Spu3ISuNYkg==
Expires: Tue, 28 May 2024 10:04:03 GMT

GET
H/1.1 200
OK 2be2f7ff-ef6b-4f06-8909-42bfb38c2954.jpg
cdn.firespring.com/images/ 170 KB
171 KB 758ms
757ms Image
image/webp 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.firespring.com/images/2be2f7ff-ef6b-4f06-8909-42bfb38c2954.jpg

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

93a24598aa20095b884a75ad052a4e17d4ec5bb917dd709d6ce3357fa2bcde14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 27 May 2024 10:04:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
Via: 1.1 6f1a8e219f50f958f5a2fbc9c84af776.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P11
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
content-transfer-encoding: binary
Content-Disposition: inline; filename="2023 Impact Report Hero.jpg.webp"
Connection: keep-alive
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
Server: Apache
x-frame-options: SAMEORIGIN
Vary: Accept
Content-Type: image/webp
Cache-Control: must-revalidate, max-age=86400
X-Amz-Cf-Id: h45Ff05qKbbUiQ9dSB50FMsFnWI3ZVMAZArJuexKZs7cCYVSvZnSKw==
Expires: Tue, 28 May 2024 10:04:03 GMT

GET
H2 200 form-af8d1ecde2947c2491fbb744e17f6653.js Show response
dk98ddgl0znzm.cloudfront.net/ 13 KB
5 KB 135ms
40ms Script
application/javascript 2600:9000:2724:ca00:b:c006:c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk98ddgl0znzm.cloudfront.net/form-af8d1ecde2947c2491fbb744e17f6653.js
Requested by: Host: embed.e2ma.net
URL: https://embed.e2ma.net/e2ma.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:ca00:b:c006:c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1932da1682d444e6101f31f7e54079b63b5d4821eddf7acff9326b614b245332

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 04:51:10 GMT
x-amz-version-id: ShAWl5PeBAzoGuGvN6LktpYK5OAGXjv3
content-encoding: gzip
via: 1.1 f0b5999c895f4b29c49c485a0a825d0c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
age: 4770773
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 07 Feb 2020 16:09:43 GMT
server: AmazonS3
etag: W/"af8d1ecde2947c2491fbb744e17f6653"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=63072000
x-amz-cf-id: UaxoEQhOwnlCTFxh6UU1qIozMENIleaXxLWMqCdOdXJkjecYeMBo-A==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
249 B 134ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-341889012&gtm=45je45m0za200&_p=1716804242170&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=755298933.1716804243&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1716804242&sct=1&seg=0&dl=https%3A%2F%2Frefb.org%2F&dt=Redwood%20Empire%20Food%20Bank&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3968
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-341889012
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 27 May 2024 10:04:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://refb.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 285 KB
97 KB 72ms
71ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3MXD5JNQ3T&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-341889012

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9dd515ced04202e6327ddc828e549d178dec174ee83c00e26cfac5105b98ca9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 10:04:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 98805
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 27 May 2024 10:04:02 GMT

GET
H2 200 en-us.svg
cdn.gtranslate.net/flags/svg/ 6 KB
1 KB 48ms
48ms Image
image/svg+xml 2606:4700:20::ac43:44cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gtranslate.net/flags/svg/en-us.svg
Requested by: Host: refb.org
URL: https://refb.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c64c14fa68916dba409ddf0e38ca5dc8bd262b959a5814ecb6667096b35efa5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 10:04:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Dec 2022 23:34:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5395073
etag: W/"639d0089-17c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BnYHMp1JfG%2B9ZM8zOC7RhbUj7kMd75IO%2FDY%2F0XW5Qsgcfi%2Bd%2F5%2FBwLQi2opGYrh36mS7b9qPgl%2FxctEr6RE%2FGgp4%2B1zEjpQ8wz8DGQgGJz9auZaMMmfw78vtaoBZhIfN3pDiPeBC2eVXoaJQNAALQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 88a52db4087b085b-FRA
expires: Tue, 25 Mar 2025 23:26:09 GMT

GET
DATA 200
OK truncated
/ 270 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f0e74ef11fded5b721296335b5fe6eb516cfee12091deb90bfd4f35fec3f1c1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 in.php Show response
analytics.firespring.com/ 131 B
339 B 244ms
243ms Script
text/javascript 104.16.224.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.firespring.com/in.php?site_id=101299712&href=%2F&title=Redwood%20Empire%20Food%20Bank&res=1600x1200&lang=de-DE&tz=Europe%2FBerlin&tc=&ck=1&x=andx2e
Requested by: Host: analytics.firespring.com
URL: https://analytics.firespring.com/js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.224.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d6c2aa0a446364169fba9251e31da41e2f618a09e3cceae2fccd617508e372f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 10:04:02 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, no-cache, no-store, private
cf-ray: 88a52db438a59972-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK content_image_gallery_items Show response
refb.org/ajax/ 3 KB
2 KB 253ms
253ms XHR
application/json 52.5.5.85
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://refb.org/ajax/content_image_gallery_items?token=ITJ3V2Dg4K14AfxRdNLZnlTxKhn3BgWb5oGdkhwQvq6lpntbCNZaUG4%252B3di67tAFRvwPXPxTxTVI4kMrjaKeDGE6NTp7czo5OiJ3ZWJzaXRlSWQiO2k6MTA3ODg7czoxNjoid2Vic2l0ZUNvbnRlbnRJZCI7aTozNTExMTA5NztzOjk6ImFqYXhfdHlwZSI7czoyNzoiY29udGVudF9pbWFnZV9nYWxsZXJ5X2l0ZW1zIjtzOjQ6ImRhdGUiO3M6MTQ6IjIwMjQwNTI3MTAwNDAxIjtzOjc6ImV4cGlyZXMiO2k6MDt9

Requested by

Host: cdn.firespring.com
URL: https://cdn.firespring.com/core/v2/js/jquery.1716799245.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.5.5.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-5-85.compute-1.amazonaws.com

Software

Apache /

Resource Hash

316c5fa4b045e20e79ae7d2ce447f7076a7201174466e45ce82641600bc24494

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: https://refb.org/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 27 May 2024 10:04:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains; preload;
vary: Accept-Encoding
content-type: application/json
cache-control: no-store, no-cache, must-revalidate
content-length: 1091
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK ac0088ca-5dcc-48c4-9915-77035073de2b.jpg
cdn.firespring.com/images/ 213 KB
214 KB 784ms
721ms Image
image/webp 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.firespring.com/images/ac0088ca-5dcc-48c4-9915-77035073de2b.jpg

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

0f522619f4e6a9910a4ebeea654f5bd051c7f02dd91ce4898d6332539bcf5c6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 27 May 2024 10:04:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
Via: 1.1 094f3889138382e35e0daededad0ca5e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P11
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
content-transfer-encoding: binary
Content-Disposition: inline; filename="2023 Impact Report Hero.jpg.webp"
Connection: keep-alive
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
Server: Apache
x-frame-options: SAMEORIGIN
Vary: Accept
Content-Type: image/webp
Cache-Control: must-revalidate, max-age=86400
X-Amz-Cf-Id: 2cAIpYCIhulaykqSPPNNH7PF_02i9YvIYrOww-OPBp0YoBkgTu5o2w==
Expires: Tue, 28 May 2024 10:04:03 GMT

GET
H/1.1 200
OK 0ea2f230-1cb4-49df-b695-37e670e9aa12.jpg
cdn.firespring.com/images/ 345 KB
346 KB 357ms
341ms Image
image/webp 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.firespring.com/images/0ea2f230-1cb4-49df-b695-37e670e9aa12.jpg

Requested by

Host: cdn.firespring.com
URL: https://cdn.firespring.com/core/v2/js/jquery.1716799245.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

08d204103ce29a0c1becbf57c9ca86eae48a2d075088a1fcbee93002953235d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 27 May 2024 10:04:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
Via: 1.1 5c21b2b6b5e8901cc7633407000764f0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P11
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
content-transfer-encoding: binary
Content-Disposition: inline; filename="programs-map.jpg.webp"
Connection: keep-alive
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
Server: Apache
x-frame-options: SAMEORIGIN
Vary: Accept
Content-Type: image/webp
Cache-Control: must-revalidate, max-age=86400
X-Amz-Cf-Id: Z0l8E9GBVHi3ua5mK0Re-QqZq3uR0LqeMMEVHbcg24qKTAztthP6cg==
Expires: Tue, 28 May 2024 10:04:02 GMT

GET
H/1.1 200
OK 05660165-3f79-4d81-a021-551f236e21bb.jpg
cdn.firespring.com/images/ 263 KB
264 KB 334ms
333ms Image
image/webp 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.firespring.com/images/05660165-3f79-4d81-a021-551f236e21bb.jpg

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

fe662c7af89b86d5286d5240689ce8845d7931e1a800e229183beb580863113d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 27 May 2024 10:04:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
Via: 1.1 553c17cdbfc8c5ba81390077b0e5d2d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P11
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
content-transfer-encoding: binary
Content-Disposition: inline; filename="engine one.jpg.webp"
Connection: keep-alive
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
Server: Apache
x-frame-options: SAMEORIGIN
Vary: Accept
Content-Type: image/webp
Cache-Control: must-revalidate, max-age=86400
X-Amz-Cf-Id: QUwOMHUs6xPe-4pjjUvJFKNL5PJFiXfZ5oURcBaBm--sK0KtAVY_4g==
Expires: Tue, 28 May 2024 10:04:03 GMT

GET
H/1.1 200
OK b846cd4a-f37b-48a7-a7fb-f65f2475c34c.jpg
cdn.firespring.com/images/ 121 KB
122 KB 765ms
765ms Image
image/webp 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.firespring.com/images/b846cd4a-f37b-48a7-a7fb-f65f2475c34c.jpg

Requested by

Host: cdn.firespring.com
URL: https://cdn.firespring.com/core/v2/js/jquery.1716799245.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

43ff665b98ca93cc9dc6fafde6c375f9d6a6413c142dce02f0a3b0582a7629d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 27 May 2024 10:04:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
Via: 1.1 49c384ab63de091c5f4d1534f8845d0c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P11
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
content-transfer-encoding: binary
Content-Disposition: inline; filename="Vegetables-1000.jpg.webp"
Connection: keep-alive
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
Server: Apache
x-frame-options: SAMEORIGIN
Vary: Accept
Content-Type: image/webp
Cache-Control: must-revalidate, max-age=86400
X-Amz-Cf-Id: dJrsMzHvgrAtKK8nU5shchlRq_GZM10--euUc8eFeOzDT7UoVdZdsQ==
Expires: Tue, 28 May 2024 10:04:03 GMT

POST
H2 204 session Show response
insights.sitesearch360.com/insights/ 0
239 B 174ms
76ms XHR
text/plain 2606:4700::6812:992
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insights.sitesearch360.com/insights/session?version=13.3
Requested by: Host: cdn.sitesearch360.com
URL: https://cdn.sitesearch360.com/v13/sitesearch360-v13.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:992 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 27 May 2024 10:04:02 GMT
cf-cache-status: DYNAMIC
server: cloudflare
allow-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-origin: *
allow-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cf-ray: 88a52db51976975f-FRA
access-control-allow-headers: *

GET
H2 200 ss360-unibox-v13.chunk.27665f6cc18723c8c279.js Show response
cdn.sitesearch360.com/v13/ 49 KB
14 KB 141ms
54ms Script
application/javascript 2606:4700::6812:992
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sitesearch360.com/v13/ss360-unibox-v13.chunk.27665f6cc18723c8c279.js
Requested by: Host: cdn.sitesearch360.com
URL: https://cdn.sitesearch360.com/v13/sitesearch360-v13.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:992 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62db744adb365b3f34dc423c5a427500b77ecf056b541a87706dad1392e0bf35

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Origin: https://refb.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 10:04:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 13:49:06 GMT
server: cloudflare
age: 290628
etag: "c25d-5ee9c406ba1d4-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 88a52db50ed930ee-FRA
content-length: 13773
expires: Thu, 27 Jun 2024 10:04:02 GMT

GET
H2 200 ss360-styles-v13.chunk.6ae25745a22b6f76ba5b.js Show response
cdn.sitesearch360.com/v13/ 35 KB
8 KB 140ms
55ms Script
application/javascript 2606:4700::6812:992
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sitesearch360.com/v13/ss360-styles-v13.chunk.6ae25745a22b6f76ba5b.js
Requested by: Host: cdn.sitesearch360.com
URL: https://cdn.sitesearch360.com/v13/sitesearch360-v13.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:992 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1e4a4968e02c18d03ac98083e3fdfee6a5a2514a59d3e8474b3c5fccdb72313

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Origin: https://refb.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 10:04:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 13:49:06 GMT
server: cloudflare
age: 97277
etag: "8df4-5ee9c406b8294-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 88a52db50edc30ee-FRA
content-length: 8394
expires: Thu, 27 Jun 2024 10:04:02 GMT

POST
H2 204 session Show response
insights.sitesearch360.com/insights/ 0
35 B 168ms
77ms XHR
text/plain 2606:4700::6812:992
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insights.sitesearch360.com/insights/session?version=13.3
Requested by: Host: cdn.sitesearch360.com
URL: https://cdn.sitesearch360.com/v13/sitesearch360-v13.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:992 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 27 May 2024 10:04:02 GMT
cf-cache-status: DYNAMIC
server: cloudflare
allow-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-origin: *
allow-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cf-ray: 88a52db51978975f-FRA
access-control-allow-headers: *

GET
DATA 200
OK truncated Show response
/ Frame 8E85 1 KB
1 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56cc37d2c71c5296c62523b610801d6340542144fbc2a056750a208b2ffdfbb4

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: text/html;charset=UTF-8

GET
H3 200 24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 6 KB
3 KB 91ms
42ms Image
image/svg+xml 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 16:04:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3340
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 25 May 2025 16:04:35 GMT

GET
H2 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
1 KB 42ms
40ms Image
image/png 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 02:45:05 GMT
x-content-type-options: nosniff
age: 112737
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 910
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 26 May 2025 02:45:05 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 44ms
44ms Image
image/png 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=AgM/d=0/rs=AN8SPfrixlL1amy8r1f0UQHcZ2HL9amUjg/m=el_main_css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=AgM/d=0/rs=AN8SPfrixlL1amy8r1f0UQHcZ2HL9amUjg/m=el_main_css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:59:42 GMT
x-content-type-options: nosniff
age: 3860
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 27 May 2025 08:59:42 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 48ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3MXD5JNQ3T&gtm=45je45m0v868642540za200&_p=1716804242170&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=755298933.1716804243&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1716804242&sct=1&seg=0&dl=https%3A%2F%2Frefb.org%2F&dt=Redwood%20Empire%20Food%20Bank&en=page_view&_fv=1&_ss=1&_ee=1&tfd=4173
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3MXD5JNQ3T&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 27 May 2024 10:04:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://refb.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK forms.js Show response
emma-content-aggregates-prd.s3.amazonaws.com/account/1922935/ 126 B
527 B 454ms
173ms Script
application/json 52.216.114.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://emma-content-aggregates-prd.s3.amazonaws.com/account/1922935/forms.js
Requested by: Host: embed.e2ma.net
URL: https://embed.e2ma.net/e2ma.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.216.114.19 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 35cd9d8f8d50cce54b63dd0ae6f929f690bc81e8b618952706b1bf12e8e13713

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 27 May 2024 10:04:04 GMT
Last-Modified: Wed, 30 Jun 2021 14:28:36 GMT
Server: AmazonS3
x-amz-request-id: 8506JTPK2KRHQQP5
ETag: "4e53359f5dd0ae3ddb95ce9028178395"
x-amz-server-side-encryption: AES256
Content-Type: application/json
Accept-Ranges: bytes
Content-Length: 126
x-amz-id-2: PHCox7fGmAaKkBvLyz5kFOWoosK0U+8pOT9KvjFIaL/sq5wxWGydD2PNMbsbIIWjQakLDkdBI7c=

GET
H/1.1 200
OK c985164b-9db7-4c95-8136-5919f0f260ad.jpg
cdn.firespring.com/images/ 59 KB
60 KB 719ms
718ms Image
image/webp 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.firespring.com/images/c985164b-9db7-4c95-8136-5919f0f260ad.jpg

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

c6fc04cd3a90574e03544ec8a55f753120398cf078173638eeb0f49d0ccb4392

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 27 May 2024 10:04:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
Via: 1.1 74ca1b9f17cb4adcfc54f8b84ccc7d82.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P11
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
content-transfer-encoding: binary
Content-Disposition: inline; filename="Mother and son with food.jpg.webp"
Connection: keep-alive
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
Server: Apache
x-frame-options: SAMEORIGIN
Vary: Accept
Content-Type: image/webp
Cache-Control: must-revalidate, max-age=86400
X-Amz-Cf-Id: ut3OkLGgV90YLjNm6DeCxuVrFnGLCIpnH04dEqo6kd2ybV05QvaI4g==
Expires: Tue, 28 May 2024 10:04:03 GMT

GET
H/1.1 200
OK c3494e51-ad8f-415a-98b1-e502be8952ca.jpg
cdn.firespring.com/images/ 84 KB
85 KB 322ms
321ms Image
image/webp 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.firespring.com/images/c3494e51-ad8f-415a-98b1-e502be8952ca.jpg

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

8fb203c88f2e3b5d8a0f5a7ef6df8276a37b11d8de8d672e7779aa5a914e31e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 27 May 2024 10:04:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
Via: 1.1 5c21b2b6b5e8901cc7633407000764f0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P11
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
content-transfer-encoding: binary
Content-Disposition: inline; filename="volunteer with apples.jpg.webp"
Connection: keep-alive
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
Server: Apache
x-frame-options: SAMEORIGIN
Vary: Accept
Content-Type: image/webp
Cache-Control: must-revalidate, max-age=86400
X-Amz-Cf-Id: -M4WsO9mnqLXqlOM6X3OcMB394uptMVvxz6t--kPqwtlSVpx14yZIw==
Expires: Tue, 28 May 2024 10:04:03 GMT

GET
H/1.1 200
OK cb48313f-04c0-4e03-8a1a-6ca9fda09123.png
cdn.firespring.com/images/ 57 KB
57 KB 301ms
301ms Image
image/webp 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.firespring.com/images/cb48313f-04c0-4e03-8a1a-6ca9fda09123.png

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

e8bac59d898eaab24656017f54e456ce8a6e5ec322fe7430ad61e5bd6c7be636

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 27 May 2024 10:04:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
Via: 1.1 6f1a8e219f50f958f5a2fbc9c84af776.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P11
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
content-transfer-encoding: binary
Content-Disposition: inline; filename="Donated Food.png.webp"
Connection: keep-alive
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
Server: Apache
x-frame-options: SAMEORIGIN
Vary: Accept
Content-Type: image/webp
Cache-Control: must-revalidate, max-age=86400
X-Amz-Cf-Id: 3DwP3GyySiTjYARz6VO2VKc2S4Uawl-R3G-izIW5Zp5JqH2dYWvZig==
Expires: Tue, 28 May 2024 10:04:03 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
675 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter:wght@200;300;400;500;600;700;800;900

Requested by

Host: redwood-empire-food-bank.givecloud.co
URL: https://redwood-empire-food-bank.givecloud.co/v1/widgets.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5bf8428f543a7cf2b19a30a9a5cddc6bc7b4434c13428110d0c8d20a5397b2d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 May 2024 10:04:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 May 2024 10:04:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 May 2024 10:04:02 GMT

GET
H2 200 UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfAZ9hiA.woff2
fonts.gstatic.com/s/inter/v13/ 21 KB
21 KB 42ms
41ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfAZ9hiA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:wght@200;300;400;500;600;700;800;900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2301bb030a2bcaa9c763cc4771bd717aac16709c29eaba00673fcbe7cdf99a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://refb.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:41:20 GMT
x-content-type-options: nosniff
age: 372163
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21564
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 May 2025 02:41:20 GMT

POST
H2 200 id Show response
wisepops.net/ 147 B
623 B 259ms
175ms Fetch
application/json 2606:4700:20::681a:e61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wisepops.net/id?h=xmBqhzvX8f&vid=&eid=
Requested by: Host: loader.wisepops.com
URL: https://loader.wisepops.com/get-loader.js?v=1&site=xmBqhzvX8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad182162f9e1844ea50a3fa9765977b5f59cd5c2402ff99c36c137a7e3d3d6e3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 27 May 2024 10:04:03 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X6OWkGt5IKbC4gVFhSAIoGuqbK%2FNKw%2FXPJH1Lh23yXuoi1%2BZioPYWdO61n1syWeybSZknusqkb%2FkwNeoP40OPrKc%2BESwb8F1D683faMMd9Dbn8RhO1YVkrcs10CJDUXTbVz7brJlP5ji%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: OPTIONS, POST, GET
access-control-allow-origin: *
content-type: application/json
cf-ray: 88a52db95df719ad-FRA
access-control-allow-headers: *

POST
H2 200 my-wisepop Show response
wisepops.net/ 464 B
667 B 209ms
209ms XHR
application/json 2606:4700:20::681a:e61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wisepops.net/my-wisepop
Requested by: Host: loader.wisepops.com
URL: https://loader.wisepops.com/get-loader.js?v=1&site=xmBqhzvX8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e00e58d8dacf98e0a9c65afa4c9803328f17528f3b9b897a536ed9c319d77da

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: application/json
Referer: https://refb.org/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 10:04:03 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 326
server: cloudflare
vary: Accept-Encoding
access-control-max-age: 86400
access-control-allow-methods: OPTIONS, POST, GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p7itXtxiboF09ZVhVGv9w4Y7hrF8QiWpzZ2D1YfHWASzO9%2BgIhpgCGouugmzzfEo0wW0uvnEyuRyBaNnPqUI%2BDtGEmI2H09nH3zk11XKaZSvRkUPZwmKN5P6s3uad5IfU8lRsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-store
x-cloud-trace-context: 78398d97799254265d511ff0ee16c70d
cf-ray: 88a52dba8fd719ad-FRA
access-control-allow-headers: *

GET
H2 200 491961.js Show response
cdn.wisepops.com/shared/wisepops/nTmG7hC9U5MEo6Xnpjav/ 262 KB
79 KB 732ms
720ms Script
application/javascript 2606:4700:20::681a:b13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.wisepops.com/shared/wisepops/nTmG7hC9U5MEo6Xnpjav/491961.js?v=1715798537000
Requested by: Host: loader.wisepops.com
URL: https://loader.wisepops.com/get-loader.js?v=1&site=xmBqhzvX8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ae209bbbedcf04c3afee78acbb1930ff28c17205bb6e1daa38ff48d43a9e487

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 10:04:04 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPrQfsSamRlzKT19S2skAScZ3sBn77-LP8yRXl0rHsu13HXdBfBQNKzSjfsjUP6OMUdLKBE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 15 May 2024 18:42:19 GMT
server: cloudflare
etag: W/"aac01b08be49c0844e1f9fecd32b9f8e"
vary: Accept-Encoding
x-goog-generation: 1715798539440827
content-type: application/javascript
x-goog-hash: crc32c=GFGSBA==, md5=qsAbCL5JwIROH5/s0yufjg==
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8ZzkB2fBtOv31hziAewraTXSPPlbyauIh4Uzmt1sHokStMheZXH2zmfPxckXzniBL83hzLj0nqhl1o%2FmzaLLht3PGEDI9OMt68EeiwrmVEZ1QE%2BHxT3L0BY7kuiP5fJU4LiX1FyuaYw7JMKvt7Y%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 268702
cf-ray: 88a52dbbef7865a9-FRA
expires: Mon, 27 May 2024 11:04:03 GMT

GET
H3 200 css
fonts.googleapis.com/ 9 KB
736 B 55ms
54ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,700%7CArchivo:300,400,700

Requested by

Host: cdn.wisepops.com
URL: https://cdn.wisepops.com/shared/wisepops/nTmG7hC9U5MEo6Xnpjav/491961.js?v=1715798537000

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

ESF /

Resource Hash

10bf7278478214cfdb1a78256e75110db0c2614b6580a1e2e555eb0406345e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 May 2024 10:04:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 May 2024 10:04:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 May 2024 10:04:04 GMT

GET
H2 200 b2bd0a194739732ffeea96077503dae2.png
cdn.wisepops.com/shared/images/wisepops/c.57434/ 1 MB
1 MB 486ms
486ms Image
image/png 2606:4700:20::681a:b13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.wisepops.com/shared/images/wisepops/c.57434/b2bd0a194739732ffeea96077503dae2.png
Requested by: Host: refb.org
URL: https://refb.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c18fbbf33489bb80e0035ae79a257a14565b122e82452311913a8232ffd4f4c7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 10:04:05 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPqtc1R0H2hYItMsn6sjlJjur5UKnsl6bBFg7a5ZJ7FZ1y7Hn-k--IW0dN3q6tSrx34l-40
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 1335972
last-modified: Wed, 15 May 2024 18:23:43 GMT
server: cloudflare
etag: "b2bd0a194739732ffeea96077503dae2"
vary: Accept-Encoding
x-goog-generation: 1715797423738648
content-type: image/png
x-goog-hash: crc32c=usTipA==, md5=sr0KGUc5cy/+6pYHdQPa4g==
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V8fWiMvRWMB1TamcMXj7ieZD6eVmvCAS0FUZ76fyrZdh0RVLEqMvadgRMgKj2dbxN%2FCDARInehUOYwlddaZPW1RtECJXm7BWnTW%2F%2B9xCUfc%2BN%2FHRWLPJgHcGSggUyBTR5d7lzknqi0%2BDXg1gbdA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 1335972
accept-ranges: bytes
cf-ray: 88a52dc14fc065a9-FRA
expires: Mon, 27 May 2024 11:04:04 GMT

POST
H2 200 /
activity.wisepops.com/ 0
0 144ms
143ms Fetch 2606:4700:20::ac43:4adc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://activity.wisepops.com/?v=2.1.29&site=xmBqhzvX8f
Requested by: Host: loader.wisepops.com
URL: https://loader.wisepops.com/get-loader.js?v=1&site=xmBqhzvX8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4adc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
source: loader
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://refb.org/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 10:04:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uwTUYwMT%2FNh7hpwhJ80ERqlhlamTDsvgkXoBjKj%2BlryzIj3JFl9%2Bo1JyC3rovkz0OTMel5Oc8MfIYxQ4A4yUBmcJ2FVD53UbtYTVQ2NPqcaXy50GK7vNeSXnsXPqs%2FcomtiCujO4PaSyiEGycfrZ8uMAlw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 88a52dc31b2ebbfe-FRA
content-length: 0

OPTIONS
H2 200 /
activity.wisepops.com/ Frame 0
0 266ms
168ms Preflight 2606:4700:20::ac43:4adc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://activity.wisepops.com/?v=2.1.29&site=xmBqhzvX8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4adc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,source
Access-Control-Request-Method: POST
Origin: https://refb.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type, source
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
cf-cache-status: DYNAMIC
cf-ray: 88a52dc21974bbfe-FRA
content-length: 0
date: Mon, 27 May 2024 10:04:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0%2BTJRFJQjItMvFbFj1P9lBcwqIcsgNvVTUeSxtD0JPm26U1Tq0FQcsVCShFWFFNBN%2BVtQt521T6GDT%2Bq51xxli7FIssAWkxAXP2ILqCBc5z2a2SLVodG%2BsGIYKoZYgVVjvlwstTZ%2FyS%2FM6ZpyA0nzL5OkA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 200 k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxI.woff2
fonts.gstatic.com/s/archivo/v19/ 34 KB
34 KB 41ms
40ms Font
font/woff2 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/archivo/v19/k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,700%7CArchivo:300,400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

7c59b09511f172d20fbf5feaf7aff9e844460cdb286d8930a1f546b39ed1a5e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://refb.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 00:08:32 GMT
x-content-type-options: nosniff
age: 294932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35272
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:41:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 May 2025 00:08:32 GMT

POST
H2 200 _.gif
tracking.wisepops.com/ 2 B
392 B 197ms
186ms Ping
application/json 2606:4700:20::681a:b13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.wisepops.com/_.gif?e=d&p=491961&site=xmBqhzvX8f&url=https%3A%2F%2Frefb.org%2F
Requested by: Host: loader.wisepops.com
URL: https://loader.wisepops.com/get-loader.js?v=1&site=xmBqhzvX8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 10:04:05 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qTx2iJJrK4%2Fi63B0Taeb%2FDuQJRESgiYZiR%2BNmBIeLUrKxdY2oPalgk7QeXBcMTWvu86imOu7%2B7skf9w4aHODWbqutFaCN3nm6sdIkUiMeoDx9aiu%2BqD1PchQclib4qZOadc10qiRcgkBoAd4sIvi2hfDiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 9ef6c84dd0d22e8e46d71e515a3532b4
cache-control: no-store
cf-ray: 88a52dc7587265a9-FRA
content-length: 28

GET
H/1.1 200
OK daab4c61-3a38-4490-a901-35e49ff30a48
cdn.firespring.com/images/ 15 KB
4 KB 605ms
605ms Other
image/x-icon 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.firespring.com/images/daab4c61-3a38-4490-a901-35e49ff30a48

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

0e775d96ce6a9d75084a0e59800b97a824743f572c61a6806d1c68e8178f0eab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 27 May 2024 10:04:06 GMT
Content-Encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
Via: 1.1 74ca1b9f17cb4adcfc54f8b84ccc7d82.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P11
X-Cache: Miss from cloudfront
content-transfer-encoding: binary
Content-Disposition: inline; filename="favicon.ico"
Connection: keep-alive
Content-Length: 3616
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
Server: Apache
x-frame-options: SAMEORIGIN
Vary: Accept,Accept-Encoding
Content-Type: image/x-icon
Cache-Control: must-revalidate, max-age=86400
X-Amz-Cf-Id: Tb2P3MZbsLODfa-JAAEeg4MyjICJfKzYHfin8Kg2LyiHQizdPrm1aA==
Expires: Tue, 28 May 2024 10:04:06 GMT

GET
H2 200 491963.js Show response
cdn.wisepops.com/shared/wisepops/xcfm2KPaabhPKdXDcLZd/ 268 KB
80 KB 716ms
715ms Script
application/javascript 2606:4700:20::681a:b13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.wisepops.com/shared/wisepops/xcfm2KPaabhPKdXDcLZd/491963.js?v=1715798278000
Requested by: Host: loader.wisepops.com
URL: https://loader.wisepops.com/get-loader.js?v=1&site=xmBqhzvX8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a371278b2cb6466e1021224d055c0ec915a75fabc1684948d936aa7728ef843

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 10:04:06 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPotwBqjg-pEOWkc3cQCBZlLnO--Mt6BH9sgWQno6M6FwBch73pd33B7I_lWOXhC7z7MVj2j7OOoqQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 15 May 2024 18:38:00 GMT
server: cloudflare
etag: W/"5030a5054a42a02fa93bef10599e0492"
vary: Accept-Encoding
x-goog-generation: 1715798280589657
content-type: application/javascript
x-goog-hash: crc32c=pEi5hg==, md5=UDClBUpCoC+pO+8QWZ4Ekg==
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qWtdy%2FYq05KTDcYH4iTn6eKCeCKQA1S49IppXo2bBBm88nZK5ekQtit868%2F%2FcqF%2FrQJIP7eAXSKWqxJsagg6pD%2BmPio7tLrtUJ8eLGwJ4dvTrEDlVZ60Cu0B9Tj1krfdUdarLZrAmzJlctMQVCg%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 274295
cf-ray: 88a52dc91aab65a9-FRA
expires: Mon, 27 May 2024 11:04:06 GMT

POST
H2 200 /
activity.wisepops.com/ 0
0 145ms
145ms Fetch 2606:4700:20::ac43:4adc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://activity.wisepops.com/?v=2.1.29&site=xmBqhzvX8f
Requested by: Host: loader.wisepops.com
URL: https://loader.wisepops.com/get-loader.js?v=1&site=xmBqhzvX8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4adc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
source: loader
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://refb.org/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 10:04:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XIiVKFL1pm9a5BOik8X0Hc0l6v7WHdPkYTUwhjTdjM90pI%2F7zdGjNUe2V7xGJ3FKe%2BfaN49GhJQLhfN%2FQQLFsDwfmo6b%2F9d3P%2BF%2FwfPpLzcOu839dp%2FPqJPrQqEdMoYNgjzJl7h8uCm8VvjZx29Hd7gmKw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 88a52dce6b7fbbfe-FRA
content-length: 0

OPTIONS
H2 200 /
activity.wisepops.com/ Frame 0
0 149ms
149ms Preflight 2606:4700:20::ac43:4adc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://activity.wisepops.com/?v=2.1.29&site=xmBqhzvX8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4adc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,source
Access-Control-Request-Method: POST
Origin: https://refb.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type, source
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
cf-cache-status: DYNAMIC
cf-ray: 88a52dcd7a4ebbfe-FRA
content-length: 0
date: Mon, 27 May 2024 10:04:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Try9VQZJBqYymJCBHx6KgVkUVVPsTfNIQGF%2BDCPzHFKYR8Vnzva%2BYbz21Z6Bkg2JcPznzswJNPsdivdt1H1qdcjK4pkPmLptCvSCUMpGQKR0D%2FjLOIh24aSDu0vD1qR%2FTrcxkPmhIsThz%2F9JozsivbOTfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 200 css
fonts.googleapis.com/ 4 KB
526 B 53ms
52ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Archivo:300,400,700

Requested by

Host: cdn.wisepops.com
URL: https://cdn.wisepops.com/shared/wisepops/xcfm2KPaabhPKdXDcLZd/491963.js?v=1715798278000

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

ESF /

Resource Hash

f4cd2b90260c4d2287fc31e666a45493ca126daba9f17b95d90ea3a628421eeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 May 2024 10:04:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 May 2024 10:01:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 May 2024 10:04:06 GMT

GET
H2 200 2abafd5c64b07f5c1b7b9d0ab5de5e26.png
cdn.wisepops.com/shared/images/wisepops/c.57434/ 339 KB
340 KB 505ms
504ms Image
image/png 2606:4700:20::681a:b13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.wisepops.com/shared/images/wisepops/c.57434/2abafd5c64b07f5c1b7b9d0ab5de5e26.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0022d602b6a8a78b87db89b573d1e9adf11f65b38faa28a8a2e2e4f9ec29d5c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 10:04:07 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPoXbFFsq8peXUUmBhJJCSAChdEdEvdh5vRaAhuwPXfbC5A9Sv40zlgbwRYWU5OQ4ClzS67ZrcoaDg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 346702
last-modified: Wed, 15 May 2024 18:33:28 GMT
server: cloudflare
etag: "2abafd5c64b07f5c1b7b9d0ab5de5e26"
vary: Accept-Encoding
x-goog-generation: 1715798008418313
content-type: image/png
x-goog-hash: crc32c=iS4Xmg==, md5=Krr9XGSwf1wbe50Ktd5eJg==
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g4foM3COXTT4%2FOtKaDzRkSIjk%2FaWzWIZ0TiOx9IcmgMB2TwKO2t9zZCYB4jTc5rhCgJmSaVBMyOur94F6Q3qPdxigUzChLmrlMXLpoDcSsm%2FgernOXNu44Bo7m7r%2FbVvVf3Kjk0dgFLPgwHWN8E%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 346702
accept-ranges: bytes
cf-ray: 88a52dce39fd65a9-FRA
expires: Mon, 27 May 2024 11:04:06 GMT

GET
H3 200 k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxI.woff2
fonts.gstatic.com/s/archivo/v19/ 34 KB
0 0ms
0ms Font
font/woff2 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/archivo/v19/k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo:300,400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

7c59b09511f172d20fbf5feaf7aff9e844460cdb286d8930a1f546b39ed1a5e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://refb.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 00:08:32 GMT
x-content-type-options: nosniff
age: 294932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35272
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:41:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 May 2025 00:08:32 GMT

GET
H3 200 k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxI.woff2
fonts.gstatic.com/s/archivo/v19/ 34 KB
0 1ms
1ms Font
font/woff2 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/archivo/v19/k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo:300,400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

7c59b09511f172d20fbf5feaf7aff9e844460cdb286d8930a1f546b39ed1a5e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://refb.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 00:08:32 GMT
x-content-type-options: nosniff
age: 294932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35272
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:41:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 May 2025 00:08:32 GMT

GET
H3 200 k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxI.woff2
fonts.gstatic.com/s/archivo/v19/ 34 KB
0 1ms
1ms Font
font/woff2 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/archivo/v19/k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo:300,400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

7c59b09511f172d20fbf5feaf7aff9e844460cdb286d8930a1f546b39ed1a5e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://refb.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 00:08:32 GMT
x-content-type-options: nosniff
age: 294932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35272
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:41:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 May 2025 00:08:32 GMT

GET
H2 200 popup-95306bbb9741f4f889d3.chunk.js Show response
cdn.wisepops.com/shared/wisepops/xcfm2KPaabhPKdXDcLZd/491963/ 2 KB
1 KB 265ms
264ms Script
application/javascript 2606:4700:20::681a:b13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.wisepops.com/shared/wisepops/xcfm2KPaabhPKdXDcLZd/491963/popup-95306bbb9741f4f889d3.chunk.js
Requested by: Host: cdn.wisepops.com
URL: https://cdn.wisepops.com/shared/wisepops/xcfm2KPaabhPKdXDcLZd/491963.js?v=1715798278000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21682657ee6267c380130947c65ef769559c7fc2753f2321117aae7a1e1bb4e1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 10:04:07 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPrt0_866EpY1Xz2vGs30yoo_o9DXtqM2cVCeoSIYMOSARK3ON9kL4MVbVSfUjvLHaunC0U
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 15 May 2024 18:38:01 GMT
server: cloudflare
etag: W/"e07c0845242e613059323d8d057557ee"
vary: Accept-Encoding
x-goog-generation: 1715798281485794
content-type: application/javascript
x-goog-hash: crc32c=aquHeg==, md5=4HwIRSQuYTBZMj2NBXVX7g==
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UDoral9ZZbqHWe0vF9gYv%2Ftq%2FAdhkJMr1YnD0mhZsmdTVHKTJP2EZyxEfpK%2FUZjPCws0%2BwXapDMs3kW2FWW6yqsr7BqbySwQGtTtzoIW77D%2FXSXYOJQYMBdZ%2BRmTxBOqHlHvA98AJ3I20EieE90%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 1664
cf-ray: 88a52dd3199965a9-FRA
expires: Mon, 27 May 2024 11:04:07 GMT

POST
H2 200 _.gif
tracking.wisepops.com/ 2 B
349 B 226ms
226ms Ping
application/json 2606:4700:20::681a:b13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.wisepops.com/_.gif?e=d&p=491963&site=xmBqhzvX8f&url=https%3A%2F%2Frefb.org%2F
Requested by: Host: loader.wisepops.com
URL: https://loader.wisepops.com/get-loader.js?v=1&site=xmBqhzvX8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://refb.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 10:04:07 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sg%2B3ITLx%2F46uFx%2BCpCmgLBVDphr2eX5%2B1WxRe2VfoyPXw2c3qPNndPvfouoCV5D4h%2FB99hs2V%2FN%2B4XaPDkLvaD2gkGl7amBI6ho24IreoEJwXIlRyaoKg2vOH3MZxNMdEJcJ%2FQu2Hq4tNrw2FMFBauFESg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 6292979ac7f5fefaee05a20435b783d8
cache-control: no-store
cf-ray: 88a52dd339a765a9-FRA
content-length: 28

POST
H2 200 /
activity.wisepops.com/ 0
0 148ms
148ms Fetch 2606:4700:20::ac43:4adc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://activity.wisepops.com/?v=2.1.29&site=xmBqhzvX8f
Requested by: Host: loader.wisepops.com
URL: https://loader.wisepops.com/get-loader.js?v=1&site=xmBqhzvX8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4adc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
source: loader
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://refb.org/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 10:04:08 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZJsLUy%2F59aBdAJqtPYLQyfnyMA%2BK7LW0GoO%2BvQYI7mfVZd0kvaWvikQBMzldCWro173Ipnle8QwoXVT86q18K8lq9islSIgYRVz3pD%2BACaLCz4i%2BsX6pfmQb%2F2y9jYufZQhSahxpdTjI4cIJqTUaK3Xt8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 88a52dda4c01bbfe-FRA
content-length: 0

OPTIONS
H2 200 /
activity.wisepops.com/ Frame 0
0 144ms
144ms Preflight 2606:4700:20::ac43:4adc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://activity.wisepops.com/?v=2.1.29&site=xmBqhzvX8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4adc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,source
Access-Control-Request-Method: POST
Origin: https://refb.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type, source
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
cf-cache-status: DYNAMIC
cf-ray: 88a52dd96ac1bbfe-FRA
content-length: 0
date: Mon, 27 May 2024 10:04:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j60uAktojaxTIocOf7gI4MlRtsi7uB%2BMy574Ok4yRoDQpI%2FthSH1eNvvFn0%2FvDaiLoFv5wBv8fB%2BdpsI50PBOPaK1PVVAoI5KSAIlFKdzqghXTN5t6xKe0w8%2FzpC2Tq1cItJNpordH501ThgKxgcy8adRg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
refb.org/	1970-01-20 20:53:38	Name: fdp_session Value: 7s7b10qehqb8gk4056v8hrcl1s
.refb.org/	1970-01-21 06:29:24	Name: _ga Value: GA1.1.755298933.1716804243
.refb.org/	1970-01-20 23:03:00	Name: _gcl_au Value: 1.1.824543598.1716804243
refb.org/	1970-01-21 05:39:00	Name: ssi--sessionId Value: f59754c2-f332-4e99-f3b4-2cccc13bae65
refb.org/	1970-01-20 20:53:24	Name: ssi--lastInteraction Value: 1716804242616
refb.org/	1970-01-21 05:39:00	Name: ssi--sessionId--ss360_1 Value: 8230b0f5-35fe-a522-b5ca-2735f9dc7a7d
refb.org/	1970-01-20 20:53:24	Name: ssi--lastInteraction--ss360_1 Value: 1716804242623
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: HCLtyvlF4To
.youtube.com/	1970-01-21 01:12:36	Name: VISITOR_INFO1_LIVE Value: 9RSURibn33g
.youtube.com/	1970-01-21 01:12:36	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgGg%3D%3D
.refb.org/	1970-01-21 06:29:24	Name: wisepops_visitor Value: %7B%22xmBqhzvX8f%22%3A%220c688d4e-3b6c-41b4-aba3-0aed9d671137%22%7D
.refb.org/	1970-01-21 06:29:24	Name: wisepops_visits Value: %5B%222024-05-27T10%3A04%3A02.411Z%22%5D
.refb.org/	1970-01-21 06:29:24	Name: wisepops Value: %7B%22popups%22%3A%7B%22491961%22%3A%7B%22dc%22%3A1%2C%22d%22%3A1716804245610%7D%2C%22491963%22%3A%7B%22dc%22%3A1%2C%22d%22%3A1716804247521%7D%7D%2C%22sub%22%3A0%2C%22ucrn%22%3A77%2C%22cid%22%3A%2257434%22%2C%22v%22%3A4%2C%22bandit%22%3A%7B%22recos%22%3A%7B%7D%7D%7D
.refb.org/	1969-12-31 23:59:59	Name: wisepops_session Value: %7B%22arrivalOnSite%22%3A%222024-05-27T10%3A04%3A02.411Z%22%2C%22mtime%22%3A1716804247523%2C%22pageviews%22%3A1%2C%22popups%22%3A%7B%22491963%22%3A0%7D%2C%22bars%22%3A%7B%22491961%22%3A0%7D%2C%22sticky%22%3A%7B%7D%2C%22countdowns%22%3A%7B%7D%2C%22src%22%3Anull%2C%22utm%22%3A%7B%7D%2C%22testIp%22%3Anull%7D
.refb.org/	1970-01-21 06:29:24	Name: _ga_341889012 Value: GS1.1.1716804242.1.0.1716804247.0.0.0
.refb.org/	1970-01-21 06:29:24	Name: _ga_3MXD5JNQ3T Value: GS1.1.1716804242.1.0.1716804247.0.0.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://signup.e2ma.net/tts_signup/1931774/764e855f5f7be3b5cc0ab5da69852621/1922935/?v=a(Line 15) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https: 'strict-dynamic' 'nonce-bfb16d743b9142a667a2bd46f8ab949ff53bf05fec25baa7dc5a89ea81c8079e' 'unsafe-inline' 'unsafe-eval' 'report-sample'". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

activity.wisepops.com
analytics.firespring.com
cdn.firespring.com
cdn.gtranslate.net
cdn.sitesearch360.com
cdn.wisepops.com
dk98ddgl0znzm.cloudfront.net
embed.e2ma.net
emma-content-aggregates-prd.s3.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
insights.sitesearch360.com
loader.wisepops.com
redwood-empire-food-bank.givecloud.co
refb.org
region1.google-analytics.com
signup.e2ma.net
tracking.wisepops.com
translate.google.com
translate.googleapis.com
wisepops.net
www.googletagmanager.com
www.gstatic.com
www.youtube.com
104.16.224.240
142.250.186.163
142.250.186.170
18.244.18.5
2001:4860:4802:32::36
2600:9000:2724:ca00:b:c006:c80:93a1
2600:9000:2724:da00:b:c006:c80:93a1
2606:4700:10::6816:2680
2606:4700:20::681a:b13
2606:4700:20::681a:e61
2606:4700:20::ac43:44cc
2606:4700:20::ac43:4adc
2606:4700::6812:992
2a00:1450:4001:803::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:810::200e
2a00:1450:4001:811::2008
2a00:1450:4001:812::200a
2a00:1450:4001:81d::2003
2a00:1450:4001:829::2003
52.216.114.19
52.5.5.85
52.54.99.181
08d204103ce29a0c1becbf57c9ca86eae48a2d075088a1fcbee93002953235d4
0d6c2aa0a446364169fba9251e31da41e2f618a09e3cceae2fccd617508e372f
0e775d96ce6a9d75084a0e59800b97a824743f572c61a6806d1c68e8178f0eab
0f49f69a5105e16564e48fb4e34614434ed8b8e82ab32fade546765f861df846
0f522619f4e6a9910a4ebeea654f5bd051c7f02dd91ce4898d6332539bcf5c6d
10bf7278478214cfdb1a78256e75110db0c2614b6580a1e2e555eb0406345e32
15c6451016aa4cca0bc0dfd2b6108655fbe4e2d90794265e36abc8bff832e85b
1932da1682d444e6101f31f7e54079b63b5d4821eddf7acff9326b614b245332
1c64c14fa68916dba409ddf0e38ca5dc8bd262b959a5814ecb6667096b35efa5
21682657ee6267c380130947c65ef769559c7fc2753f2321117aae7a1e1bb4e1
21982516c2709d6f0efe58184804044aa685925ae4d550d3d3d1b3a5a49ac390
2301bb030a2bcaa9c763cc4771bd717aac16709c29eaba00673fcbe7cdf99a59
232c6f6a7678304f9efaa26f30b1610debc2ba9f4cd636b5e6751c8d73761b92
2f0e74ef11fded5b721296335b5fe6eb516cfee12091deb90bfd4f35fec3f1c1
316c5fa4b045e20e79ae7d2ce447f7076a7201174466e45ce82641600bc24494
35cd9d8f8d50cce54b63dd0ae6f929f690bc81e8b618952706b1bf12e8e13713
370689c31d406bd9a0544097dda11a275247cb914335562692142e98826cf9d8
43ff665b98ca93cc9dc6fafde6c375f9d6a6413c142dce02f0a3b0582a7629d3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
56cc37d2c71c5296c62523b610801d6340542144fbc2a056750a208b2ffdfbb4
5bf8428f543a7cf2b19a30a9a5cddc6bc7b4434c13428110d0c8d20a5397b2d1
62db744adb365b3f34dc423c5a427500b77ecf056b541a87706dad1392e0bf35
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
6e00e58d8dacf98e0a9c65afa4c9803328f17528f3b9b897a536ed9c319d77da
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
74b20f6bc9778385468ee059054c8ab79da2d8c85e0d9829a49ad13e9b043a20
7ae209bbbedcf04c3afee78acbb1930ff28c17205bb6e1daa38ff48d43a9e487
7c59b09511f172d20fbf5feaf7aff9e844460cdb286d8930a1f546b39ed1a5e1
7d6edefa17ea1e92ff0e5db57919136ffc52725c1b6239d7fa11245abfabbdad
80d2145dc47e5cdcad01d0ede4d7d454f43ed32c41b2017b01bfcd5b733bcb2f
851a0682418739b70ab9369b71a17c060a9a79f438a63fcfaf2e3e1ae9f59cb1
86d096364d7297f1ba37d8b8a5446bf858684df828c4eee06215d67a364a768d
88016f3e375f96ff36202e84fb998d0d224202a8139b02a1d61612c317e4c6a9
8a371278b2cb6466e1021224d055c0ec915a75fabc1684948d936aa7728ef843
8fb203c88f2e3b5d8a0f5a7ef6df8276a37b11d8de8d672e7779aa5a914e31e6
93a24598aa20095b884a75ad052a4e17d4ec5bb917dd709d6ce3357fa2bcde14
9b777f388466ed45f703dc3b008a3120717fd280ce1a558622dde56e5056d01f
9dd515ced04202e6327ddc828e549d178dec174ee83c00e26cfac5105b98ca9e
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
a4506784688eef9181af1d00b31ea717e6386eafb55e5efa597f445a5a11485b
aab005e1e9c3d72739f90a0599a16112cd7713958aa506a36fadfc3030e90083
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
ad182162f9e1844ea50a3fa9765977b5f59cd5c2402ff99c36c137a7e3d3d6e3
ae17c16afbea216707b2203ea1cf9bdb45b9bfe47d0f4ae3258ddbc6294dd02f
b0022d602b6a8a78b87db89b573d1e9adf11f65b38faa28a8a2e2e4f9ec29d5c
b0da03ac2a2b5029ae50162a26a8d59377efe03cc05f7d68025f28ef8bbcf2ed
b1c80bca1fc3479af5baa28a7e391a0bb7dc99e98cfa64d659c7306cb2bc28c0
b1e4a4968e02c18d03ac98083e3fdfee6a5a2514a59d3e8474b3c5fccdb72313
b3ed8be8ecdd4e83c01208624e1197b428bdbd14cd4ad2b0b30745a43088404d
ba379f3cae03800268ab7bbdde16c23561decb44a05174be07548680b7e54d59
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c16c6f2d4164c9297edbc4e2693996b7890631977bacf14041f13f35f54ab44c
c18fbbf33489bb80e0035ae79a257a14565b122e82452311913a8232ffd4f4c7
c6fc04cd3a90574e03544ec8a55f753120398cf078173638eeb0f49d0ccb4392
cf5b6042462efb5af6e84aa58f5d1216b8fcc4041151f1ecb18e3babd4ea6080
d216b122e85aaa922b1e9c2340a16e13592afae5c10b7c0cb123bb6280cbb104
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e68cb17420501844a1a7c32cc2786f40c12813c22514e36fd684c0a022ca58e0
e8b518d89f64243cf8edeb4d1468b5e44af082a370d0c2007562ad01bf7e2092
e8bac59d898eaab24656017f54e456ce8a6e5ec322fe7430ad61e5bd6c7be636
f4cd2b90260c4d2287fc31e666a45493ca126daba9f17b95d90ea3a628421eeb
fa807c82b27c52eb36c1588bd7232979ebe9dee6479a26e81ff469b392a9cdfe
fd7f8bfdffe5f7fcab8a0658f2f64a42aee60a884094bd373a530f1a437d1400
fe662c7af89b86d5286d5240689ce8845d7931e1a800e229183beb580863113d

refb.org Open in urlscan Pro 52.5.5.85 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

78 Requests

99 %HTTPS

70 %IPv6

16 Domains

24 Subdomains

25 IPs

3 Countries

5439 kBTransfer

9518 kBSize

16 Cookies

13 Outgoing links

Page URL History

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

refb.org Open in urlscan Pro
52.5.5.85 Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

99 %
HTTPS

70 %
IPv6

16
Domains

24
Subdomains

25
IPs

3
Countries

5439 kB
Transfer

9518 kB
Size

16
Cookies

78 HTTP transactions
2 data transactions