urlscan.io logo urlscan.io
SecurityTrails logo

dsvw7i2ufebz4.cloudfront.net Open in urlscan Pro
2600:9000:275d:1200:1e:ffde:c800:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.transgender.org//wba//
Effective URL: https://dsvw7i2ufebz4.cloudfront.net//wba//
Submission: On June 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 29 HTTP transactions. The main IP is 2600:9000:275d:1200:1e:ffde:c800:93a1, located in United States and belongs to AMAZON-02, US. The main domain is dsvw7i2ufebz4.cloudfront.net.
TLS certificate: Issued by Amazon RSA 2048 M01 on October 10th 2023. Valid for: a year.
This is the only time dsvw7i2ufebz4.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:10::6816:14a0 (United States)

ASN13335 (CLOUDFLARENET, US)
www.transgender.org
8    2600:9000:275d:1200:1e:ffde:c800:93a1 (United States)

ASN16509 (AMAZON-02, US)
dsvw7i2ufebz4.cloudfront.net
1    65.9.86.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-42.ams1.r.cloudfront.net
js.stripe.com
2    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    65.9.86.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-110.ams1.r.cloudfront.net
js.stripe.com
2    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2606:4700:10::6816:15a0 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.transgender.org
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
8 cloudfront.net
dsvw7i2ufebz4.cloudfront.net
4 MB
5 transgender.org
www.transgender.org
cdn.transgender.org
4 MB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77
2 KB
4 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1556
150 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 205
72 KB
2 gstatic.com
fonts.gstatic.com
67 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
199 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2347
263 B
29 9
Domain Requested by
8 dsvw7i2ufebz4.cloudfront.net dsvw7i2ufebz4.cloudfront.net
4 cdn.transgender.org dsvw7i2ufebz4.cloudfront.net
4 fonts.googleapis.com dsvw7i2ufebz4.cloudfront.net
js.stripe.com
4 js.stripe.com dsvw7i2ufebz4.cloudfront.net
js.stripe.com
2 www.facebook.com dsvw7i2ufebz4.cloudfront.net
2 connect.facebook.net dsvw7i2ufebz4.cloudfront.net
connect.facebook.net
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagmanager.com dsvw7i2ufebz4.cloudfront.net
www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.transgender.org 1 redirects
29 10

This site contains links to these domains. Also see Links.

Domain
transgenderaction.org
www.facebook.com
instagram.com
www.linkedin.com
discord.gg
Subject Issuer Validity Valid
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-05-22 -
2024-08-22		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-24 -
2024-06-22		 3 months crt.sh
cdn.transgender.org
GTS CA 1P5		 2024-05-02 -
2024-07-31		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://dsvw7i2ufebz4.cloudfront.net//wba//
Frame ID: 3896DA6CAD58B0A09783ED5591052E31
Requests: 29 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-muas-control-964b24d015889f4a19b16df9b3ea7da2.html
Frame ID: 4821F52CBD1B130A18C7DF6545ACE0FE
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: C95C6AE837F3A395940BB24C52B3945B
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/hcaptcha-invisible-8a4293d8cb3664cb1c1f90c15a9009e0.html
Frame ID: 0D8FA71B21CF18DD55D8B7AD5AB69D74
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Transgender.org | Community-Built Support Platform

Page URL History Show full URLs

  1. http://www.transgender.org//wba// HTTP 307
    https://www.transgender.org//wba// HTTP 301
    http://dsvw7i2ufebz4.cloudfront.net//wba// HTTP 307
    https://dsvw7i2ufebz4.cloudfront.net//wba// Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

29
Requests

100 %
HTTPS

82 %
IPv6

9
Domains

10
Subdomains

11
IPs

2
Countries

8749 kB
Transfer

11849 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.transgender.org//wba// HTTP 307
    https://www.transgender.org//wba// HTTP 301
    http://dsvw7i2ufebz4.cloudfront.net//wba// HTTP 307
    https://dsvw7i2ufebz4.cloudfront.net//wba// Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dsvw7i2ufebz4.cloudfront.net//wba//
Redirect Chain
  • http://www.transgender.org//wba//
  • https://www.transgender.org//wba//
  • http://dsvw7i2ufebz4.cloudfront.net//wba//
  • https://dsvw7i2ufebz4.cloudfront.net//wba//
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dsvw7i2ufebz4.cloudfront.net//wba//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:1200:1e:ffde:c800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c03406eaa6fd16bc213b960264cdf07e9502d48666d818345cb7555e3856a9b2

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0
content-encoding
gzip
content-type
text/html
date
Fri, 14 Jun 2024 21:20:55 GMT
etag
W/"5524ec374b48a35b9836539e29dae749"
last-modified
Thu, 22 Feb 2024 06:58:39 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 8614f084c2572336b13eed108c40e01e.cloudfront.net (CloudFront)
x-amz-cf-id
byU5Cefm7-NaHQDfDM5u67lQnwQJtX91BmJQ5c4pNSRGvIOHrPJK7Q==
x-amz-cf-pop
FRA56-P11
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront

Redirect headers

Location
https://dsvw7i2ufebz4.cloudfront.net//wba//
Non-Authoritative-Reason
HttpsUpgrades
/
js.stripe.com/v3/ 		613 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: dsvw7i2ufebz4.cloudfront.net
URL: https://dsvw7i2ufebz4.cloudfront.net//wba//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-42.ams1.r.cloudfront.net
Software
Cloudfront /
Resource Hash
cd580eb4a53f0e3009ff27c4afd31a4b46f2137b226440353b48d26bf00cc37a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dsvw7i2ufebz4.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 21:20:19 GMT
content-encoding
br
via
1.1 05ec74146f636de45e985d09f62976dc.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
36
x-amz-cf-pop
AMS1-C1
x-cache
Hit from cloudfront
last-modified
Fri, 14 Jun 2024 20:40:46 GMT
server
Cloudfront
etag
W/"3d8a160e161dc972aeab4614778485ee"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
WLpQdqlBiNRQuO4WnH-8OSFBy7imTNgFDKOb94JfRr9tAHtpkjEIUw==
index-98b74ff1.js
dsvw7i2ufebz4.cloudfront.net/assets/ 		3 MB
690 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dsvw7i2ufebz4.cloudfront.net/assets/index-98b74ff1.js
Requested by
Host: dsvw7i2ufebz4.cloudfront.net
URL: https://dsvw7i2ufebz4.cloudfront.net//wba//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:1200:1e:ffde:c800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
79ffb10c4f468e080b21354c5af24dd912d93c805ca1e17f15a60306de5b15ce

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dsvw7i2ufebz4.cloudfront.net//wba//
Origin
https://dsvw7i2ufebz4.cloudfront.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 18:23:33 GMT
content-encoding
gzip
via
1.1 8614f084c2572336b13eed108c40e01e.cloudfront.net (CloudFront)
last-modified
Thu, 22 Feb 2024 06:58:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
10642
x-amz-server-side-encryption
AES256
etag
W/"5d62c53ce9e1624ed2d7b13f88e7a2cb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
APJGKjXZ-IQh9H5FgBeXESfS1aTrVaAXpOL-ikt8mMUafkwVKsP9wA==
index-6e7493ef.css
dsvw7i2ufebz4.cloudfront.net/assets/ 		276 B
647 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dsvw7i2ufebz4.cloudfront.net/assets/index-6e7493ef.css
Requested by
Host: dsvw7i2ufebz4.cloudfront.net
URL: https://dsvw7i2ufebz4.cloudfront.net//wba//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:1200:1e:ffde:c800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6e7493efa07530063bfcb93c66723a0a295dd43ed19c11c9236cffe2b121c8ef

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dsvw7i2ufebz4.cloudfront.net//wba//
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 11:23:11 GMT
via
1.1 8614f084c2572336b13eed108c40e01e.cloudfront.net (CloudFront)
last-modified
Thu, 22 Feb 2024 06:58:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
35864
x-amz-server-side-encryption
AES256
etag
"86a6c4995a07e2254036dfdb5e6f53de"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
276
x-amz-cf-id
riXsO9QImHVg1w3hKZgSkb2dUOlsBfK0WYBBMv0FLMzzX9N37uJDcQ==
gtm.js
www.googletagmanager.com/ 		261 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MX2R57PM
Requested by
Host: dsvw7i2ufebz4.cloudfront.net
URL: https://dsvw7i2ufebz4.cloudfront.net//wba//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ee59a902be660093d474e64814cdd92d526da4b183867b3a0985456efccbc887
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dsvw7i2ufebz4.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 21:20:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94728
x-xss-protection
0
last-modified
Fri, 14 Jun 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 14 Jun 2024 21:20:54 GMT
css2
fonts.googleapis.com/ 		822 B
815 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Urbanist:wght@300&display=swap
Requested by
Host: dsvw7i2ufebz4.cloudfront.net
URL: https://dsvw7i2ufebz4.cloudfront.net/assets/index-6e7493ef.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d88474514adad1751cb3321a8f51efb2f338c4c79007c633d0eb459ab2a6b00e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dsvw7i2ufebz4.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 14 Jun 2024 21:20:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 14 Jun 2024 21:20:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Jun 2024 21:20:54 GMT
css2
fonts.googleapis.com/ 		5 KB
574 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lexend:wght@200;300;400;600&display=swap
Requested by
Host: dsvw7i2ufebz4.cloudfront.net
URL: https://dsvw7i2ufebz4.cloudfront.net/assets/index-6e7493ef.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e1197817d0b29b5895ba179b45635778bcba2cc4021909878cc2b46453a16690
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dsvw7i2ufebz4.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 14 Jun 2024 21:20:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 14 Jun 2024 21:20:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Jun 2024 21:20:54 GMT
css2
fonts.googleapis.com/ 		2 KB
472 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Urbanist:wght@300;400;600&display=swap
Requested by
Host: dsvw7i2ufebz4.cloudfront.net
URL: https://dsvw7i2ufebz4.cloudfront.net/assets/index-6e7493ef.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6a0706e0b4b15240981b65d94d823313dc2764cf7fbc91310b5b14ab8948ee43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dsvw7i2ufebz4.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 14 Jun 2024 21:20:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 14 Jun 2024 21:20:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Jun 2024 21:20:54 GMT
controller-with-muas-control-964b24d015889f4a19b16df9b3ea7da2.html
js.stripe.com/v3/ Frame 4821 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-with-muas-control-964b24d015889f4a19b16df9b3ea7da2.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-110.ams1.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://dsvw7i2ufebz4.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
44
cache-control
max-age=60, stale-while-revalidate=900
content-length
391
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 14 Jun 2024 21:20:11 GMT
etag
"964b24d015889f4a19b16df9b3ea7da2"
last-modified
Fri, 14 Jun 2024 20:00:50 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 bf5caee39117de5337c47c748b716e80.cloudfront.net (CloudFront)
x-amz-cf-id
dzj4SALtTTDZtOeK7vzCq3T1WBn1MmUxwoBNP-v26ZimZeFtBIMJwQ==
x-amz-cf-pop
AMS1-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame C95C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-110.ams1.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://dsvw7i2ufebz4.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2161
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 14 Jun 2024 20:44:55 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Thu, 30 May 2024 20:04:59 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 bf5caee39117de5337c47c748b716e80.cloudfront.net (CloudFront)
x-amz-cf-id
1sbYwEct1opKWBvUxEtgep_xrJonkbSaoQ74EV9GrLq6Ei6lVNV5fw==
x-amz-cf-pop
AMS1-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
en-US-626986ed.js
dsvw7i2ufebz4.cloudfront.net/assets/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dsvw7i2ufebz4.cloudfront.net/assets/en-US-626986ed.js
Requested by
Host: dsvw7i2ufebz4.cloudfront.net
URL: https://dsvw7i2ufebz4.cloudfront.net/assets/index-98b74ff1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:1200:1e:ffde:c800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b82de5790a6b620687e2938b5fd7cc725485d90fe2df14ec43ffbb6369395d0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dsvw7i2ufebz4.cloudfront.net/assets/index-98b74ff1.js
Origin
https://dsvw7i2ufebz4.cloudfront.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 20:13:08 GMT
content-encoding
br
via
1.1 8614f084c2572336b13eed108c40e01e.cloudfront.net (CloudFront)
last-modified
Thu, 22 Feb 2024 06:58:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
4068
etag
W/"f9ef40465fc946c176855ff641c1845f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
XT_0o8xNeJ6KhzNc6eacKjlF4ftqqof1lnYRPZmAT5MznL0MlgxLCg==
background-7453126d.png
dsvw7i2ufebz4.cloudfront.net/assets/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsvw7i2ufebz4.cloudfront.net/assets/background-7453126d.png
Requested by
Host: dsvw7i2ufebz4.cloudfront.net
URL: https://dsvw7i2ufebz4.cloudfront.net//wba//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:1200:1e:ffde:c800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7453126d068233d49a4fa6eb56124636c4f13268b74c829c4bafe52a28532329

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dsvw7i2ufebz4.cloudfront.net//wba//
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 21:20:56 GMT
via
1.1 8614f084c2572336b13eed108c40e01e.cloudfront.net (CloudFront)
last-modified
Thu, 22 Feb 2024 06:58:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
etag
"a68058b49f8e4cd76c4d04c2c782e95c"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3418383
x-amz-cf-id
xZ3ppCUqPItJ9VSfUBHPvsY1ghsZyZ0-BpHjRR5yEgODv9Gs5JVM0A==
wlpwgwvFAVdoq2_v-6QU.woff2
fonts.gstatic.com/s/lexend/v19/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lexend/v19/wlpwgwvFAVdoq2_v-6QU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lexend:wght@200;300;400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
212cab2c8f18589ea483920adea5f5d180ab007a4140ad723d931dae89d876e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://dsvw7i2ufebz4.cloudfront.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:47:15 GMT
x-content-type-options
nosniff
age
95620
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39808
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:33:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 18:47:15 GMT
L0x-DF02iFML4hGCyMqlbS0.woff2
fonts.gstatic.com/s/urbanist/v15/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/urbanist/v15/L0x-DF02iFML4hGCyMqlbS0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Urbanist:wght@300;400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84221e6c0c5f950b44d38a40bc19ffa9a340b2a5d207cb6f6461b84d474f2555
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://dsvw7i2ufebz4.cloudfront.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 11:52:00 GMT
x-content-type-options
nosniff
age
120535
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27824
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:09:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 11:52:00 GMT
tdo-sun-5bbaee37.svg
dsvw7i2ufebz4.cloudfront.net/assets/ 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsvw7i2ufebz4.cloudfront.net/assets/tdo-sun-5bbaee37.svg
Requested by
Host: dsvw7i2ufebz4.cloudfront.net
URL: https://dsvw7i2ufebz4.cloudfront.net//wba//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:1200:1e:ffde:c800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5bbaee37c942714903d681e183b4b5b8745b05ec30e34d148d1d857edf0b2c4d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dsvw7i2ufebz4.cloudfront.net//wba//
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 21:20:55 GMT
content-encoding
br
via
1.1 8614f084c2572336b13eed108c40e01e.cloudfront.net (CloudFront)
last-modified
Thu, 22 Feb 2024 06:58:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
35395
x-amz-server-side-encryption
AES256
etag
W/"1d234556c4558ec2a9d5b1ce6cf4cb4a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
J-HZBZ8BuU3v26eNR5ychqss6LlDOEU3KScUvyLcmoXRAsq6nYMzSg==
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a73a8a32f646f01b569232743c999c1f8930d4c095e2e0630be1824d785968a0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
instagram-224fd986.png
dsvw7i2ufebz4.cloudfront.net/assets/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsvw7i2ufebz4.cloudfront.net/assets/instagram-224fd986.png
Requested by
Host: dsvw7i2ufebz4.cloudfront.net
URL: https://dsvw7i2ufebz4.cloudfront.net//wba//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:1200:1e:ffde:c800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
224fd9863e0209f64f9b17d1525cf0c17528d092de553ca676cce74202de0e80

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dsvw7i2ufebz4.cloudfront.net//wba//
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 21:20:55 GMT
via
1.1 8614f084c2572336b13eed108c40e01e.cloudfront.net (CloudFront)
last-modified
Thu, 22 Feb 2024 06:58:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
35395
x-amz-server-side-encryption
AES256
etag
"9358f67a4fc2abe14fad1d18c30df56d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
8005
x-amz-cf-id
_osrUJ6lh8SnlNDciKnB7DmGjm44Kd93masFEOaTBW4ivO_puEF92A==
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6b294dda21183adddd03ba5a4fbcbce595ed0f2cc22ccc279219171bb036e698

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4168697c93f3170d7cbbb19e8a9517f23ae582b1f0b7296861ed97105f7f98e1

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
css2
fonts.googleapis.com/ 		5 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lexend:wght@200;300;400;600&display=swap
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e1197817d0b29b5895ba179b45635778bcba2cc4021909878cc2b46453a16690
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Accept
application/json
Referer
https://dsvw7i2ufebz4.cloudfront.net/
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 21:20:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 14 Jun 2024 21:20:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Jun 2024 21:20:54 GMT
js
www.googletagmanager.com/gtag/ 		322 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EH1WKZMPQW&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2R57PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ca2cfd036c5e09c827813ecf5d1af0aae614fa59a3a7fa6bceb5f549168ec098
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dsvw7i2ufebz4.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 21:20:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
108530
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 14 Jun 2024 21:20:55 GMT
fbevents.js
connect.facebook.net/en_US/ 		219 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: dsvw7i2ufebz4.cloudfront.net
URL: https://dsvw7i2ufebz4.cloudfront.net//wba//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dsvw7i2ufebz4.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 14 Jun 2024 21:20:55 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58024
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1328, tbw=2769, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
ysWBMCa8io6UfYa3odNOAP0LhXe2uq4QbU6aXnrjs8/Prq9bomDXIgLmowum14rS/kYwBJVAzgikZ4ejeOgKYA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
gender-expression.png
cdn.transgender.org/guides/trans-101/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.transgender.org/guides/trans-101/gender-expression.png
Requested by
Host: dsvw7i2ufebz4.cloudfront.net
URL: https://dsvw7i2ufebz4.cloudfront.net//wba//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:15a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e41a53a7a283f1b49d753fb94b11b7aa3e7701f5c51502370700db411b309a30

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dsvw7i2ufebz4.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 21:20:55 GMT
cf-cache-status
MISS
last-modified
Sun, 12 Nov 2023 03:22:49 GMT
server
cloudflare
x-amz-request-id
MQSRCRJE8N4F3B8Z
etag
"cde2fb9b93afe778e903cf151fcf6c6c"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
893d5df8b8e92c36-FRA
content-length
1383547
x-amz-id-2
T+Ib5Ble4Qb9mGHvS17W0kVqpEvl5Kn7vFuwHEzubfYoLNusdxbfCACYzCisIUW0aQ05eqFGIfI=
syringe-on-vials.png
cdn.transgender.org/guides/injection-guide/ 		438 KB
439 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.transgender.org/guides/injection-guide/syringe-on-vials.png
Requested by
Host: dsvw7i2ufebz4.cloudfront.net
URL: https://dsvw7i2ufebz4.cloudfront.net//wba//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:15a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a39159149117275bf6b41aaaa086bcb593109f1371f5a1ff58a99209ea508c8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dsvw7i2ufebz4.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 21:20:55 GMT
cf-cache-status
MISS
last-modified
Sun, 12 Nov 2023 03:22:41 GMT
server
cloudflare
x-amz-request-id
MQSSEE0KBYWS8VT9
etag
"b9c275e5b7a3a82061d47ebaa7727923"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
893d5df8b8ed2c36-FRA
content-length
448774
x-amz-id-2
0XX7Wuc8aePwQkFbe31tx2tMZbv/qUyluJUywe8QJot7ZypD62bO4QyWqj+4+VXTqhZQwCf7Akc=
risks.png
cdn.transgender.org/guides/safety-guide/ 		924 KB
925 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.transgender.org/guides/safety-guide/risks.png
Requested by
Host: dsvw7i2ufebz4.cloudfront.net
URL: https://dsvw7i2ufebz4.cloudfront.net//wba//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:15a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c247272d2a26fe35dd9b5292a5b0881e79954f43f67bf92a563f59d8011e5a64

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dsvw7i2ufebz4.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 21:20:55 GMT
cf-cache-status
MISS
last-modified
Sun, 12 Nov 2023 03:22:47 GMT
server
cloudflare
x-amz-request-id
MQSG6W3TWPCJEVSQ
etag
"1198b6988a23ae2de179fc4ad5ece7e8"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
893d5df8b8e62c36-FRA
content-length
945767
x-amz-id-2
RN+CZhPkwy68+Zwwe+YdQpM/oUX+xWF5UGxmtGQy0wqP5x9Y0NXpimcoPcCItErU/U7EIe9hKsU=
reasons.png
cdn.transgender.org/guides/coming-out/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.transgender.org/guides/coming-out/reasons.png
Requested by
Host: dsvw7i2ufebz4.cloudfront.net
URL: https://dsvw7i2ufebz4.cloudfront.net//wba//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:15a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f0b88442cbc443c2f9b92c354c248425aefca184b0fcc8e8e6b794d1fe5514c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dsvw7i2ufebz4.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 21:20:55 GMT
cf-cache-status
MISS
last-modified
Sun, 12 Nov 2023 03:22:38 GMT
server
cloudflare
x-amz-request-id
MQSTFZ8NNNR3H90M
etag
"aee3f99505562b1e820e9f3c66724a97"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
893d5df8b8ef2c36-FRA
content-length
1448718
x-amz-id-2
KWjycuGDwZEq2SFBgrOhwsWPrjUqvYD8rYvk3Hy6HG5ezI+CYr01nKVO8zqgH/rE2RkpWi3Zavo=
1414459879491815
connect.facebook.net/signals/config/ 		58 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1414459879491815?v=2.9.158&r=stable&domain=dsvw7i2ufebz4.cloudfront.net&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bc9b29c60a41f21f9d06118d490de5fa32377c2090403965c0aa822e62a9b0f8
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dsvw7i2ufebz4.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 14 Jun 2024 21:20:55 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=12, rtx=0, c=63, mss=1328, tbw=63503, tp=-1, tpl=-1, uplat=182, ullat=0
pragma
public
x-fb-debug
/lDBzTKUSgeA0CPaaTNNhN7FcUWUehklcWKzWo2o1Guzlf1SCeInaoi4PtZMJqJqFg3CC+RvfgfzdBVayZ91aA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
263 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-EH1WKZMPQW&gtm=45je46c0v9174243823z89174241785za200zb9174241785&_p=1718400054927&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=612047647.1718400055&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718400055&sct=1&seg=0&dl=https%3A%2F%2Fdsvw7i2ufebz4.cloudfront.net%2F%2Fwba%2F%2F&dt=Transgender.org%20%7C%20Community-Built%20Support%20Platform&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1620
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EH1WKZMPQW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dsvw7i2ufebz4.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 21:20:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dsvw7i2ufebz4.cloudfront.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1414459879491815&ev=PageView&dl=https%3A%2F%2Fdsvw7i2ufebz4.cloudfront.net%2F%2Fwba%2F%2F&rl=&if=false&ts=1718400055554&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.2.1718400055554.7204199056828537&ler=empty&cdl=API_unavailable&it=1718400055142&coo=false&rqm=GET
Requested by
Host: dsvw7i2ufebz4.cloudfront.net
URL: https://dsvw7i2ufebz4.cloudfront.net//wba//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dsvw7i2ufebz4.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2773, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 14 Jun 2024 21:20:55 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1414459879491815&ev=PageView&dl=https%3A%2F%2Fdsvw7i2ufebz4.cloudfront.net%2F%2Fwba%2F%2F&rl=&if=false&ts=1718400055554&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.2.1718400055554.7204199056828537&ler=empty&cdl=API_unavailable&it=1718400055142&coo=false&rqm=FGET
Requested by
Host: dsvw7i2ufebz4.cloudfront.net
URL: https://dsvw7i2ufebz4.cloudfront.net//wba//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dsvw7i2ufebz4.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xda2b7d8a41fbe0e1","source_keys":["1","2"]},{"key_piece":"0xa4d91fe5e58710e3","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Fri, 14 Jun 2024 21:20:55 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=11, rtx=0, c=10, mss=1328, tbw=3090, tp=-1, tpl=-1, uplat=198, ullat=0
pragma
no-cache
x-fb-debug
7wKR0nU+g87M6P6Qk130YZQ1EHfK0mmlJE3XDCl86veqtlZiz7BjCSEuQWpuyItpyKPMfERLZrumdr7heLl9tg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
hcaptcha-invisible-8a4293d8cb3664cb1c1f90c15a9009e0.html
js.stripe.com/v3/ Frame 0D8F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/hcaptcha-invisible-8a4293d8cb3664cb1c1f90c15a9009e0.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-110.ams1.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-XdHYHx8Fq7gheIf7aaT6yZ/wJ80gr53NJ9gH5dU8xsc='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
age
996
cache-control
max-age=31536000
content-encoding
br
content-security-policy
base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-XdHYHx8Fq7gheIf7aaT6yZ/wJ80gr53NJ9gH5dU8xsc='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 14 Jun 2024 21:04:21 GMT
etag
W/"8a4293d8cb3664cb1c1f90c15a9009e0"
last-modified
Fri, 14 Jun 2024 20:01:05 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 bf5caee39117de5337c47c748b716e80.cloudfront.net (CloudFront)
x-amz-cf-id
wZzai4ydNB62lBXKhtJP77OR3pcRvQIYi4z3e8H_ge-odfItnPzHNQ==
x-amz-cf-pop
AMS1-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
favicon.ico
dsvw7i2ufebz4.cloudfront.net/ 		66 KB
66 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://dsvw7i2ufebz4.cloudfront.net/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:1200:1e:ffde:c800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27aa96ed08cd7e86f2a77ac5dde02c46b8bdf4462549adb3663b8e4608ace348

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dsvw7i2ufebz4.cloudfront.net//wba//
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 21:20:56 GMT
via
1.1 8614f084c2572336b13eed108c40e01e.cloudfront.net (CloudFront)
last-modified
Thu, 22 Feb 2024 06:58:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
35384
x-amz-server-side-encryption
AES256
etag
"5819205c1cdd391545f0c32137faaab8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/x-icon
accept-ranges
bytes
content-length
67646
x-amz-cf-id
URA0Qkm0VmmGkqe5r3gjSRT6a3SYZs9E90mci5LpLuap5-2tfmFRig==

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 undefined| event object| fence object| sharedStorage object| webpackChunkStripeJSouter function| noop function| Stripe object| dataLayer function| postscribe object| google_tag_manager_external object| google_tag_manager object| google_tag_data function| fbq function| _fbq function| onYouTubeIframeAPIReady object| gaGlobal

8 Cookies

Domain/Path Name / Value
.dsvw7i2ufebz4.cloudfront.net/ Name: _gcl_au
Value: 1.1.498614396.1718400055
.dsvw7i2ufebz4.cloudfront.net/ Name: _ga_EH1WKZMPQW
Value: GS1.1.1718400055.1.0.1718400055.0.0.0
.dsvw7i2ufebz4.cloudfront.net/ Name: _ga
Value: GA1.1.612047647.1718400055
.dsvw7i2ufebz4.cloudfront.net/ Name: _fbp
Value: fb.2.1718400055554.7204199056828537
m.stripe.com/ Name: m
Value: a23f3dbb-ff2a-4656-bffa-1591fb7fa56a62cfa9
.dsvw7i2ufebz4.cloudfront.net/ Name: __stripe_mid
Value: 1f41ecee-ca66-4ea9-904d-f98c898f3f999a1f19
.dsvw7i2ufebz4.cloudfront.net/ Name: __stripe_sid
Value: 029ad400-f469-46dd-8850-2b70410bfa27dcdf28
api.hcaptcha.com/ Name: hmt_id
Value: 08d75620-efd0-4faf-af8a-427e63825810

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.transgender.org
connect.facebook.net
dsvw7i2ufebz4.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
region1.google-analytics.com
www.facebook.com
www.googletagmanager.com
www.transgender.org
2001:4860:4802:32::36
2600:9000:275d:1200:1e:ffde:c800:93a1
2606:4700:10::6816:14a0
2606:4700:10::6816:15a0
2a00:1450:4001:800::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:830::2008
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
65.9.86.110
65.9.86.42
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
212cab2c8f18589ea483920adea5f5d180ab007a4140ad723d931dae89d876e5
224fd9863e0209f64f9b17d1525cf0c17528d092de553ca676cce74202de0e80
27aa96ed08cd7e86f2a77ac5dde02c46b8bdf4462549adb3663b8e4608ace348
4168697c93f3170d7cbbb19e8a9517f23ae582b1f0b7296861ed97105f7f98e1
5bbaee37c942714903d681e183b4b5b8745b05ec30e34d148d1d857edf0b2c4d
6a0706e0b4b15240981b65d94d823313dc2764cf7fbc91310b5b14ab8948ee43
6b294dda21183adddd03ba5a4fbcbce595ed0f2cc22ccc279219171bb036e698
6b82de5790a6b620687e2938b5fd7cc725485d90fe2df14ec43ffbb6369395d0
6e7493efa07530063bfcb93c66723a0a295dd43ed19c11c9236cffe2b121c8ef
7453126d068233d49a4fa6eb56124636c4f13268b74c829c4bafe52a28532329
79ffb10c4f468e080b21354c5af24dd912d93c805ca1e17f15a60306de5b15ce
84221e6c0c5f950b44d38a40bc19ffa9a340b2a5d207cb6f6461b84d474f2555
8f0b88442cbc443c2f9b92c354c248425aefca184b0fcc8e8e6b794d1fe5514c
9a39159149117275bf6b41aaaa086bcb593109f1371f5a1ff58a99209ea508c8
a73a8a32f646f01b569232743c999c1f8930d4c095e2e0630be1824d785968a0
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
bc9b29c60a41f21f9d06118d490de5fa32377c2090403965c0aa822e62a9b0f8
c03406eaa6fd16bc213b960264cdf07e9502d48666d818345cb7555e3856a9b2
c247272d2a26fe35dd9b5292a5b0881e79954f43f67bf92a563f59d8011e5a64
ca2cfd036c5e09c827813ecf5d1af0aae614fa59a3a7fa6bceb5f549168ec098
cd580eb4a53f0e3009ff27c4afd31a4b46f2137b226440353b48d26bf00cc37a
d88474514adad1751cb3321a8f51efb2f338c4c79007c633d0eb459ab2a6b00e
e1197817d0b29b5895ba179b45635778bcba2cc4021909878cc2b46453a16690
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41a53a7a283f1b49d753fb94b11b7aa3e7701f5c51502370700db411b309a30
ee59a902be660093d474e64814cdd92d526da4b183867b3a0985456efccbc887