Submitted URL: http://detexify.kirelabs.org/
Effective URL: http://detexify.kirelabs.org/classify.html
Submission: On November 20 via api from US — Scanned from DE

Summary

This website contacted 17 IPs in 3 countries across 13 domains to perform 53 HTTP transactions. The main IP is 52.202.168.65, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is detexify.kirelabs.org.
This is the only time detexify.kirelabs.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
16 gumroad.com
gumroad.com — Cisco Umbrella Rank: 67581
assets.gumroad.com — Cisco Umbrella Rank: 96214
app.gumroad.com — Cisco Umbrella Rank: 130797
1 MB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
229 KB
8 kirelabs.org
detexify.kirelabs.org
605 KB
4 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2612
4 KB
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
6 KB
3 flattr.com
api.flattr.com — Cisco Umbrella Rank: 529893
button.flattr.com — Cisco Umbrella Rank: 474566
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2462
21 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
3 KB
2 gttp.co
gttp.co
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 899
7 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
82 KB
1 gstatic.com
fonts.gstatic.com
48 KB
53 13
Domain Requested by
13 assets.gumroad.com detexify.kirelabs.org
gumroad.com
assets.gumroad.com
app.gumroad.com
8 detexify.kirelabs.org 1 redirects detexify.kirelabs.org
gumroad.com
6 pagead2.googlesyndication.com detexify.kirelabs.org
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 www.paypalobjects.com detexify.kirelabs.org
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 app.gumroad.com assets.gumroad.com
app.gumroad.com
static.cloudflareinsights.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 api.flattr.com 2 redirects
2 www.google-analytics.com detexify.kirelabs.org
www.google-analytics.com
2 fonts.googleapis.com detexify.kirelabs.org
2 gttp.co detexify.kirelabs.org
1 www.google.com tpc.googlesyndication.com
1 static.cloudflareinsights.com app.gumroad.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com www.google-analytics.com
1 stats.g.doubleclick.net www.google-analytics.com
1 button.flattr.com detexify.kirelabs.org
1 fonts.gstatic.com fonts.googleapis.com
1 gumroad.com detexify.kirelabs.org
53 19
Subject Issuer Validity Valid
www.paypal.com
DigiCert SHA2 Extended Validation Server CA
2023-10-12 -
2024-10-31
a year crt.sh
gumroad.com
E1
2023-10-28 -
2024-01-26
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-04-10 -
2024-04-09
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
www.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh

This page contains 6 frames:

Primary Page: http://detexify.kirelabs.org/classify.html
Frame ID: E71EDCF064988E409D9A47A37D9A847B
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7217292717360456&output=html&h=50&slotname=2804888725&adk=3049951324&adf=3076384377&pi=t.ma~as.2804888725&w=320&lmt=1585690282&format=320x50&url=http%3A%2F%2Fdetexify.kirelabs.org%2Fclassify.html&ea=0&wgl=1&dt=1700491295476&bpp=4&bdt=877&idt=432&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&correlator=4655458872957&frm=20&pv=2&ga_vid=1658553127.1700491296&ga_sid=1700491296&ga_hid=1229065899&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=480&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079606%2C31079629%2C42532600%2C44795922%2C44809004%2C44809317%2C31078301%2C31079698%2C44807763%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1054551418885316&tmod=936479947&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=1024&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=494
Frame ID: C71C6B7AE41750A52466E064B6A1731D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7217292717360456&output=html&adk=1812271804&adf=3025194257&lmt=1585690282&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C500x675_r&format=0x0&url=http%3A%2F%2Fdetexify.kirelabs.org%2Fclassify.html&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&aslcwct=1&asacwct=1&dt=1700491295480&bpp=2&bdt=881&idt=504&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x50&nras=1&correlator=4655458872957&frm=20&pv=1&ga_vid=1658553127.1700491296&ga_sid=1700491296&ga_hid=1229065899&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079606%2C31079629%2C42532600%2C44795922%2C44809004%2C44809317%2C31078301%2C31079698%2C44807763%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1054551418885316&tmod=936479947&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=557
Frame ID: 0300C4B4E60D81A236B030E4488E61F3
Requests: 1 HTTP requests in this frame

Frame: https://app.gumroad.com/cart_items_count
Frame ID: A91E6212866DF660835703355078C2BD
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AA527C6395CD1D54E298FE1A0831E935
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C87141F392A5ED93E5C691BDB28010D7
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Detexify LaTeX handwritten symbol recognition

Page URL History Show full URLs

  1. http://detexify.kirelabs.org/ HTTP 302
    http://detexify.kirelabs.org/classify.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Checkout

Overall confidence: 100%
Detected patterns
  • <input[^>]+_s-xclick
  • paypalobjects\.com

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

53
Requests

68 %
HTTPS

88 %
IPv6

13
Domains

19
Subdomains

17
IPs

3
Countries

2034 kB
Transfer

6516 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://detexify.kirelabs.org/ HTTP 302
    http://detexify.kirelabs.org/classify.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 20
  • http://api.flattr.com/js/0.5.0/load.js?mode=auto HTTP 301
  • https://api.flattr.com/js/0.5.0/load.js?mode=auto HTTP 301
  • https://button.flattr.com/loader.js?mode=auto

53 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request classify.html
detexify.kirelabs.org/
Redirect Chain
  • http://detexify.kirelabs.org/
  • http://detexify.kirelabs.org/classify.html
9 KB
10 KB
Document
General
Full URL
http://detexify.kirelabs.org/classify.html
Protocol
HTTP/1.1
Server
52.202.168.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-168-65.compute-1.amazonaws.com
Software
thin /
Resource Hash
72112388fedc8d52c9056e2b947553d7e5b1bb79a78a936be2465ab20fbffbba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
9579
Content-Type
text/html
Date
Mon, 20 Nov 2023 14:41:33 GMT
Last-Modified
Tue, 31 Mar 2020 21:31:22 GMT
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700491294&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=yeHrUmYCC8Rsv9VXaMaKFHUp%2BAYtkT%2F0wdqVYRGutkw%3D"}]}
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1700491294&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=yeHrUmYCC8Rsv9VXaMaKFHUp%2BAYtkT%2F0wdqVYRGutkw%3D
Server
thin
Via
1.1 vegur

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html;charset=utf-8
Date
Mon, 20 Nov 2023 14:41:33 GMT
Location
http://detexify.kirelabs.org/classify.html
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700491294&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=yeHrUmYCC8Rsv9VXaMaKFHUp%2BAYtkT%2F0wdqVYRGutkw%3D"}]}
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1700491294&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=yeHrUmYCC8Rsv9VXaMaKFHUp%2BAYtkT%2F0wdqVYRGutkw%3D
Server
thin
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Xss-Protection
1; mode=block
style-211700fe.css
detexify.kirelabs.org/stylesheets/
181 KB
182 KB
Stylesheet
General
Full URL
http://detexify.kirelabs.org/stylesheets/style-211700fe.css
Requested by
Host: detexify.kirelabs.org
URL: http://detexify.kirelabs.org/classify.html
Protocol
HTTP/1.1
Server
52.202.168.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-168-65.compute-1.amazonaws.com
Software
thin /
Resource Hash
8683569e70ba56fe875c851c0644f88f4addbe753e299a710abc81f965052f71

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/classify.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 14:41:34 GMT
Via
1.1 vegur
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Last-Modified
Tue, 31 Mar 2020 21:31:22 GMT
Server
thin
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700491294&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=yeHrUmYCC8Rsv9VXaMaKFHUp%2BAYtkT%2F0wdqVYRGutkw%3D"}]}
Content-Type
text/css
Connection
keep-alive
Content-Length
185202
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1700491294&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=yeHrUmYCC8Rsv9VXaMaKFHUp%2BAYtkT%2F0wdqVYRGutkw%3D
shared-82878c38.js
detexify.kirelabs.org/javascripts/
155 KB
156 KB
Script
General
Full URL
http://detexify.kirelabs.org/javascripts/shared-82878c38.js
Requested by
Host: detexify.kirelabs.org
URL: http://detexify.kirelabs.org/classify.html
Protocol
HTTP/1.1
Server
52.202.168.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-168-65.compute-1.amazonaws.com
Software
thin /
Resource Hash
c6309b8d07470d8662dfa822f4f5aabd278ae570e4907a5e44299a6f1795d26f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/classify.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 14:41:34 GMT
Via
1.1 vegur
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Last-Modified
Tue, 31 Mar 2020 21:31:22 GMT
Server
thin
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700491294&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=yeHrUmYCC8Rsv9VXaMaKFHUp%2BAYtkT%2F0wdqVYRGutkw%3D"}]}
Content-Type
application/javascript
Connection
keep-alive
Content-Length
158683
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1700491294&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=yeHrUmYCC8Rsv9VXaMaKFHUp%2BAYtkT%2F0wdqVYRGutkw%3D
classify-deb1263c.js
detexify.kirelabs.org/javascripts/
834 B
2 KB
Script
General
Full URL
http://detexify.kirelabs.org/javascripts/classify-deb1263c.js
Requested by
Host: detexify.kirelabs.org
URL: http://detexify.kirelabs.org/classify.html
Protocol
HTTP/1.1
Server
52.202.168.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-168-65.compute-1.amazonaws.com
Software
thin /
Resource Hash
37c48d82d0ba43adc99686a5575f9c5e0887729d3f191e7b0cbdc14d201e65bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/classify.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 14:41:34 GMT
Via
1.1 vegur
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Last-Modified
Tue, 31 Mar 2020 21:31:22 GMT
Server
thin
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700491294&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=yeHrUmYCC8Rsv9VXaMaKFHUp%2BAYtkT%2F0wdqVYRGutkw%3D"}]}
Content-Type
application/javascript
Connection
keep-alive
Content-Length
834
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1700491294&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=yeHrUmYCC8Rsv9VXaMaKFHUp%2BAYtkT%2F0wdqVYRGutkw%3D
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
151 KB
55 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: detexify.kirelabs.org
URL: http://detexify.kirelabs.org/classify.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c49c777807286f6b0703df8e7deca98556e8b4585244d766c59cd4b6c38d424
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 14:41:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Length
55983
X-XSS-Protection
0
Server
cafe
ETag
4963158961107922523
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=3600
Timing-Allow-Origin
*
Expires
Mon, 20 Nov 2023 14:41:35 GMT
btn_donate_LG.gif
www.paypalobjects.com/en_GB/i/btn/
2 KB
2 KB
Image
General
Full URL
https://www.paypalobjects.com/en_GB/i/btn/btn_donate_LG.gif
Requested by
Host: detexify.kirelabs.org
URL: http://detexify.kirelabs.org/classify.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4D07) /
Resource Hash
4df41d841402fedbee9fb11981ccbc96eb3143097a2a1fcd741e81a6366e1a6c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 14:41:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
e0a5cf07bccb2
dc
ccg11-origin-www-1.paypal.com
content-length
1714
last-modified
Mon, 03 Apr 2023 20:22:08 GMT
server
ECAcc (frc/4D07)
traceparent
00-0000000000000000000e0a5cf07bccb2-8e351439263e10fa-01
etag
"642b3570-6b2"
content-type
image/gif
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Mon, 20 Nov 2023 15:41:34 GMT
pixel.gif
www.paypalobjects.com/de_DE/i/scr/
43 B
230 B
Image
General
Full URL
https://www.paypalobjects.com/de_DE/i/scr/pixel.gif
Requested by
Host: detexify.kirelabs.org
URL: http://detexify.kirelabs.org/classify.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CFA) /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 14:41:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
13c2b544fdf07
dc
ccg11-origin-www-1.paypal.com
content-length
43
last-modified
Fri, 16 Aug 2019 04:57:26 GMT
server
ECAcc (frc/4CFA)
traceparent
00-000000000000000000013c2b544fdf07-57ebc16264b3280e-01
etag
"5d5637b6-2b"
content-type
image/gif
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Mon, 20 Nov 2023 15:41:35 GMT
v1.js
gttp.co/
0
0
Script
General
Full URL
http://gttp.co/v1.js
Requested by
Host: detexify.kirelabs.org
URL: http://detexify.kirelabs.org/classify.html
Protocol
HTTP/1.1
Server
2606:4700:3032::ac43:bafd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

gumroad.js
gumroad.com/js/
511 B
2 KB
Script
General
Full URL
https://gumroad.com/js/gumroad.js
Requested by
Host: detexify.kirelabs.org
URL: http://detexify.kirelabs.org/classify.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c18c997d08765d4ef06721aeae7bc0adac6b9d968b7dc236f87c4038f856b448
Security Headers
Name Value
Content-Security-Policy default-src https 'self'; child-src * data: blob:; connect-src 'self' blob: www.dropbox.com api.dropboxapi.com s3.amazonaws.com/gumroad s3.amazonaws.com/gumroad/ gumroad-public-storage.s3.amazonaws.com gumroad-public-storage.s3.amazonaws.com/ s3.amazonaws.com/gumroad-public-storage s3.amazonaws.com/gumroad-public-storage/ www.google.com www.gstatic.com *.facebook.com *.facebook.net *.google-analytics.com *.g.doubleclick.net *.googletagmanager.com analytics.google.com *.analytics.google.com files.gumroad.com/ d1bdh6c3ceakz5.cloudfront.net/ *.braintreegateway.com www.paypalobjects.com *.paypal.com *.braintree-api.com iframe.ly beaconapi.helpscout.net d3hb14vkzrxvla.cloudfront.net app.gumroad.com; font-src * data: blob:; frame-src * data: blob:; img-src * data: blob:; media-src * data: blob:; object-src * data: blob:; script-src 'self' 'unsafe-eval' ajax.cloudflare.com static.cloudflareinsights.com js.stripe.com api.stripe.com *.braintreegateway.com *.braintree-api.com www.paypalobjects.com *.paypal.com *.google-analytics.com *.googletagmanager.com optimize.google.com www.googleadservices.com www.google.com www.gstatic.com *.facebook.net *.facebook.com www.dropbox.com s.ytimg.com cdn.iframe.ly platform.twitter.com cdn.jwplayer.com *.jwpcdn.com gumroad.us3.list-manage.com analytics.twitter.com beacon-v2.helpscout.net app.gumroad.com assets.gumroad.com; style-src 'self' 'unsafe-inline' s.ytimg.com optimize.google.com fonts.googleapis.com assets.gumroad.com; worker-src * data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 14:41:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
x-permitted-cross-domain-policies
none
content-security-policy
default-src https 'self'; child-src * data: blob:; connect-src 'self' blob: www.dropbox.com api.dropboxapi.com s3.amazonaws.com/gumroad s3.amazonaws.com/gumroad/ gumroad-public-storage.s3.amazonaws.com gumroad-public-storage.s3.amazonaws.com/ s3.amazonaws.com/gumroad-public-storage s3.amazonaws.com/gumroad-public-storage/ www.google.com www.gstatic.com *.facebook.com *.facebook.net *.google-analytics.com *.g.doubleclick.net *.googletagmanager.com analytics.google.com *.analytics.google.com files.gumroad.com/ d1bdh6c3ceakz5.cloudfront.net/ *.braintreegateway.com www.paypalobjects.com *.paypal.com *.braintree-api.com iframe.ly beaconapi.helpscout.net d3hb14vkzrxvla.cloudfront.net app.gumroad.com; font-src * data: blob:; frame-src * data: blob:; img-src * data: blob:; media-src * data: blob:; object-src * data: blob:; script-src 'self' 'unsafe-eval' ajax.cloudflare.com static.cloudflareinsights.com js.stripe.com api.stripe.com *.braintreegateway.com *.braintree-api.com www.paypalobjects.com *.paypal.com *.google-analytics.com *.googletagmanager.com optimize.google.com www.googleadservices.com www.google.com www.gstatic.com *.facebook.net *.facebook.com www.dropbox.com s.ytimg.com cdn.iframe.ly platform.twitter.com cdn.jwplayer.com *.jwpcdn.com gumroad.us3.list-manage.com analytics.twitter.com beacon-v2.helpscout.net app.gumroad.com assets.gumroad.com; style-src 'self' 'unsafe-inline' s.ytimg.com optimize.google.com fonts.googleapis.com assets.gumroad.com; worker-src * data: blob:
x-revision
c079831f9250
x-xss-protection
1; mode=block
x-request-id
c5ecdcaa-9aed-438d-b1dd-c23428ffda39
x-runtime
0.002975
server
cloudflare
etag
W/"c18c997d08765d4ef06721aeae7bc0ad"
x-download-options
noopen
vary
Origin, Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=3600
cf-ray
82917461ab7e91d8-FRA
link
<https://assets.gumroad.com/packs/css/overlay-d3c67aa3.css>; rel=preload; as=style; nopush
x-gr
PROD
expires
Mon, 20 Nov 2023 15:41:35 GMT
css
fonts.googleapis.com/
5 KB
1 KB
Stylesheet
General
Full URL
http://fonts.googleapis.com/css?family=Open+Sans:400,700
Requested by
Host: detexify.kirelabs.org
URL: http://detexify.kirelabs.org/stylesheets/style-211700fe.css
Protocol
HTTP/1.1
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
96c92b0bad6a0f1db2f7cda2ff0cb2435cbf68e885aaeb05fea17d8770ec7063
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 14:41:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Mon, 20 Nov 2023 14:41:21 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Mon, 20 Nov 2023 14:41:35 GMT
draw_here-fb29231f.png
detexify.kirelabs.org/images/
8 KB
8 KB
Image
General
Full URL
http://detexify.kirelabs.org/images/draw_here-fb29231f.png
Requested by
Host: detexify.kirelabs.org
URL: http://detexify.kirelabs.org/stylesheets/style-211700fe.css
Protocol
HTTP/1.1
Server
52.202.168.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-168-65.compute-1.amazonaws.com
Software
thin /
Resource Hash
3b2286e41fb8ddb39d9e34d94255edc34e4d209e23291abf5bcdc17c59df4580

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/stylesheets/style-211700fe.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 14:41:34 GMT
Via
1.1 vegur
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Last-Modified
Tue, 31 Mar 2020 21:31:22 GMT
Server
thin
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700491295&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=EDUAa67Yfo4E3GjYhbujK3IVapMGrpmvKuClWfF%2FEqw%3D"}]}
Content-Type
image/png
Connection
keep-alive
Content-Length
7862
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1700491295&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=EDUAa67Yfo4E3GjYhbujK3IVapMGrpmvKuClWfF%2FEqw%3D
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/
47 KB
48 KB
Font
General
Full URL
http://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:400,700
Protocol
HTTP/1.1
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://detexify.kirelabs.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 05:51:15 GMT
X-Content-Type-Options
nosniff
Age
204620
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
48432
X-XSS-Protection
0
Last-Modified
Thu, 14 Sep 2023 00:40:31 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Sun, 17 Nov 2024 05:51:15 GMT
fontawesome-webfont-638c652d.woff2
detexify.kirelabs.org/fonts/font-awesome/
65 KB
66 KB
Font
General
Full URL
http://detexify.kirelabs.org/fonts/font-awesome/fontawesome-webfont-638c652d.woff2?v=4.5.0
Requested by
Host: detexify.kirelabs.org
URL: http://detexify.kirelabs.org/stylesheets/style-211700fe.css
Protocol
HTTP/1.1
Server
52.202.168.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-168-65.compute-1.amazonaws.com
Software
thin /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Referer
http://detexify.kirelabs.org/stylesheets/style-211700fe.css
Origin
http://detexify.kirelabs.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 14:41:34 GMT
Via
1.1 vegur
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Last-Modified
Tue, 31 Mar 2020 21:31:22 GMT
Server
thin
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700491295&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=EDUAa67Yfo4E3GjYhbujK3IVapMGrpmvKuClWfF%2FEqw%3D"}]}
Content-Type
application/font-woff2
Connection
keep-alive
Content-Length
66624
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1700491295&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=EDUAa67Yfo4E3GjYhbujK3IVapMGrpmvKuClWfF%2FEqw%3D
overlay-d3c67aa3.css
assets.gumroad.com/packs/css/
38 KB
9 KB
Stylesheet
General
Full URL
https://assets.gumroad.com/packs/css/overlay-d3c67aa3.css
Requested by
Host: detexify.kirelabs.org
URL: http://detexify.kirelabs.org/classify.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc77eca18d169fa3d02007c51bc5e22c63652623a8caa5f84910035060049bf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 14:41:35 GMT
via
1.1 a7344d90b7d239a5cade41d3c7a65914.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
SFO53-P5
age
812307
cf-polished
origSize=39452
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cf-bgj
minify
last-modified
Fri, 10 Nov 2023 06:54:04 GMT
server
cloudflare
etag
W/"380aa54e5753c6e7583829cb86f25b98"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
82917463cdf791d8-FRA
x-amz-cf-id
Gjj6Df6HLLDyySryJ3jfeEpZRCOdONVwzD3c2c8W_Y0zhLK5MQ792Q==
expires
Tue, 19 Nov 2024 14:41:35 GMT
overlay-902617c9f13ff823507a.js
assets.gumroad.com/packs/js/
6 KB
3 KB
Script
General
Full URL
https://assets.gumroad.com/packs/js/overlay-902617c9f13ff823507a.js
Requested by
Host: gumroad.com
URL: https://gumroad.com/js/gumroad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf353c7fe4f18193b2d7e76287d8618085e0d5e7485baf93a07f28dcf0db063f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 14:41:35 GMT
via
1.1 0a60df055acf18164b14661cb4d16952.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
SFO53-P5
age
566190
cf-polished
origSize=6670
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 02:36:00 GMT
server
cloudflare
etag
W/"f9fef2bbcd0a738063299a716f10d388"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
82917463cdf991d8-FRA
x-amz-cf-id
DSuIUFUtGToARGEIq3ajcel6rc74aLxSwM1rRHd6Pk9v4zgU8_0pyA==
expires
Tue, 19 Nov 2024 14:41:35 GMT
style-211700fe.css
detexify.kirelabs.org/stylesheets/
181 KB
182 KB
Stylesheet
General
Full URL
http://detexify.kirelabs.org/stylesheets/style-211700fe.css
Requested by
Host: gumroad.com
URL: https://gumroad.com/js/gumroad.js
Protocol
HTTP/1.1
Server
52.202.168.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-168-65.compute-1.amazonaws.com
Software
thin /
Resource Hash
8683569e70ba56fe875c851c0644f88f4addbe753e299a710abc81f965052f71

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/classify.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 14:41:34 GMT
Via
1.1 vegur
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Last-Modified
Tue, 31 Mar 2020 21:31:22 GMT
Server
thin
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700491295&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=EDUAa67Yfo4E3GjYhbujK3IVapMGrpmvKuClWfF%2FEqw%3D"}]}
Content-Type
text/css
Connection
keep-alive
Content-Length
185202
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1700491295&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=EDUAa67Yfo4E3GjYhbujK3IVapMGrpmvKuClWfF%2FEqw%3D
btn_donate_LG.gif
www.paypalobjects.com/en_GB/i/btn/
2 KB
2 KB
Image
General
Full URL
https://www.paypalobjects.com/en_GB/i/btn/btn_donate_LG.gif
Requested by
Host: detexify.kirelabs.org
URL: http://detexify.kirelabs.org/classify.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4D07) /
Resource Hash
4df41d841402fedbee9fb11981ccbc96eb3143097a2a1fcd741e81a6366e1a6c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 14:41:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
e0a5cf07bccb2
dc
ccg11-origin-www-1.paypal.com
content-length
1714
last-modified
Mon, 03 Apr 2023 20:22:08 GMT
server
ECAcc (frc/4D07)
traceparent
00-0000000000000000000e0a5cf07bccb2-8e351439263e10fa-01
etag
"642b3570-6b2"
content-type
image/gif
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Mon, 20 Nov 2023 15:41:35 GMT
pixel.gif
www.paypalobjects.com/de_DE/i/scr/
43 B
95 B
Image
General
Full URL
https://www.paypalobjects.com/de_DE/i/scr/pixel.gif
Requested by
Host: detexify.kirelabs.org
URL: http://detexify.kirelabs.org/classify.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CFA) /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 14:41:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
13c2b544fdf07
dc
ccg11-origin-www-1.paypal.com
content-length
43
last-modified
Fri, 16 Aug 2019 04:57:26 GMT
server
ECAcc (frc/4CFA)
traceparent
00-000000000000000000013c2b544fdf07-57ebc16264b3280e-01
etag
"5d5637b6-2b"
content-type
image/gif
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Mon, 20 Nov 2023 15:41:35 GMT
v1.js
gttp.co/
0
0
Script
General
Full URL
http://gttp.co/v1.js
Requested by
Host: detexify.kirelabs.org
URL: http://detexify.kirelabs.org/classify.html
Protocol
HTTP/1.1
Server
2606:4700:3032::ac43:bafd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

19db990205089207b039.woff2
assets.gumroad.com/packs/static/
66 KB
66 KB
Font
General
Full URL
https://assets.gumroad.com/packs/static/19db990205089207b039.woff2
Requested by
Host: assets.gumroad.com
URL: https://assets.gumroad.com/packs/css/overlay-d3c67aa3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da3a4a9ffefbd4c563fc28b1cb72a6b2cec089285f571e6c682e35a825d1ff76

Request headers

Referer
https://assets.gumroad.com/packs/css/overlay-d3c67aa3.css
Origin
http://detexify.kirelabs.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 14:41:35 GMT
via
1.1 d6e11dc2ec6f45889d724685e5a0e930.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
ORD51-C2
age
1064040
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
67176
last-modified
Tue, 18 Apr 2023 22:32:08 GMT
server
cloudflare
etag
"d64a48ba0b9752af91d3858d8a95d2ec"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
ETag, Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control
public, max-age=31536000
vary
Origin, Accept-Encoding
accept-ranges
bytes
cf-ray
829174644ea935fe-FRA
x-amz-cf-id
PBfoRZ-JuPPv9DSvtizHFGQNFrW6NHp1dhZFKZ_azP3-bRO7rmHIiA==
expires
Tue, 19 Nov 2024 14:41:35 GMT
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: detexify.kirelabs.org
URL: http://detexify.kirelabs.org/classify.html
Protocol
H2
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 20 Nov 2023 13:49:38 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3117
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 20 Nov 2023 15:49:38 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
loader.js
button.flattr.com/
Redirect Chain
  • http://api.flattr.com/js/0.5.0/load.js?mode=auto
  • https://api.flattr.com/js/0.5.0/load.js?mode=auto
  • https://button.flattr.com/loader.js?mode=auto
0
0
Script
General
Full URL
https://button.flattr.com/loader.js?mode=auto
Requested by
Host: detexify.kirelabs.org
URL: http://detexify.kirelabs.org/classify.html
Protocol
H2
Server
2606:4700:20::681a:bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Redirect headers

date
Mon, 20 Nov 2023 14:41:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
497
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2FMzW4AFT9w44wI8xjTo5n9SYyd9ZsQrGn8fAMQG18xXaxcHtn%2FgF90v4yypUwKaqIgJTwy9%2F7oE1JFv3OKZpPrV3%2FYWdOPcUAU%2Fu5vY8eUDbilpj%2F8anQYDEgCiNcW%2BBrWyk%2Fc5CJ863q%2FT"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://button.flattr.com/loader.js?mode=auto
cf-ray
8291746538639bb3-FRA
alt-svc
h3=":443"; ma=86400
content-length
178
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/
397 KB
134 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7217292717360456&plah=detexify.kirelabs.org&bust=31079698
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
79270341b1a108f09e07655f636e7012321755f7f96aee6aab38a4f8d780c3dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 14:41:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137192
x-xss-protection
0
server
cafe
etag
17548683916054026601
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 20 Nov 2023 14:41:35 GMT
css
fonts.googleapis.com/
5 KB
1 KB
Stylesheet
General
Full URL
http://fonts.googleapis.com/css?family=Open+Sans:400,700
Requested by
Host: detexify.kirelabs.org
URL: http://detexify.kirelabs.org/stylesheets/style-211700fe.css
Protocol
HTTP/1.1
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
96c92b0bad6a0f1db2f7cda2ff0cb2435cbf68e885aaeb05fea17d8770ec7063
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 14:41:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Mon, 20 Nov 2023 14:41:35 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Mon, 20 Nov 2023 14:41:35 GMT
collect
www.google-analytics.com/j/
16 B
226 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1229065899&t=pageview&_s=1&dl=http%3A%2F%2Fdetexify.kirelabs.org%2Fclassify.html&ul=en-us&de=UTF-8&dt=Detexify%20LaTeX%20handwritten%20symbol%20recognition&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1809291172&gjid=238016857&cid=1658553127.1700491296&tid=UA-8668142-3&_gid=2120544509.1700491296&_r=1&_slc=1&z=606273177
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9099aeba23edeb9b363856abf07dad409c2319ddc624551d990455573b7b5ac6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://detexify.kirelabs.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 14:41:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://detexify.kirelabs.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
350 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-8668142-3&cid=1658553127.1700491296&jid=1809291172&gjid=238016857&_gid=2120544509.1700491296&_u=IEBAAEAAAAAAACAAI~&z=861761965
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://detexify.kirelabs.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 20 Nov 2023 14:41:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://detexify.kirelabs.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
230 KB
82 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P837L6ZG89&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9e9efbfac0ed1e10a0e2359650ff3a1dfe2867f5a9663b124f3b0d78fac1b5db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 14:41:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83322
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 20 Nov 2023 14:41:35 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame C71C
719 B
526 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7217292717360456&output=html&h=50&slotname=2804888725&adk=3049951324&adf=3076384377&pi=t.ma~as.2804888725&w=320&lmt=1585690282&format=320x50&url=http%3A%2F%2Fdetexify.kirelabs.org%2Fclassify.html&ea=0&wgl=1&dt=1700491295476&bpp=4&bdt=877&idt=432&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&correlator=4655458872957&frm=20&pv=2&ga_vid=1658553127.1700491296&ga_sid=1700491296&ga_hid=1229065899&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=480&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079606%2C31079629%2C42532600%2C44795922%2C44809004%2C44809317%2C31078301%2C31079698%2C44807763%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1054551418885316&tmod=936479947&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=1024&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=494
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7217292717360456&plah=detexify.kirelabs.org&bust=31079698
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ebc32695dce5e1b809b085dbb532aa7f6150ba5389760180a63505e18eedecc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://detexify.kirelabs.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
353
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 20 Nov 2023 14:41:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0300
11 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7217292717360456&output=html&adk=1812271804&adf=3025194257&lmt=1585690282&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C500x675_r&format=0x0&url=http%3A%2F%2Fdetexify.kirelabs.org%2Fclassify.html&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&aslcwct=1&asacwct=1&dt=1700491295480&bpp=2&bdt=881&idt=504&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x50&nras=1&correlator=4655458872957&frm=20&pv=1&ga_vid=1658553127.1700491296&ga_sid=1700491296&ga_hid=1229065899&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079606%2C31079629%2C42532600%2C44795922%2C44809004%2C44809317%2C31078301%2C31079698%2C44807763%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1054551418885316&tmod=936479947&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=557
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7217292717360456&plah=detexify.kirelabs.org&bust=31079698
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ff3d0c4d00494bed52c5bb4c1d140fc03865da2ebe02aaa4e8071aa89c661280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://detexify.kirelabs.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
4520
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 20 Nov 2023 14:41:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/
0
258 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-P837L6ZG89&gtm=45je3b81v9134576085&_p=1700491295737&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1658553127.1700491296&ir=1&_eu=EBAI&_s=1&dl=http%3A%2F%2Fdetexify.kirelabs.org%2Fclassify.html&dt=Detexify%20LaTeX%20handwritten%20symbol%20recognition&sid=1700491296&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1971
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P837L6ZG89&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 14:41:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://detexify.kirelabs.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cart_items_count
app.gumroad.com/ Frame A91E
6 KB
4 KB
Document
General
Full URL
https://app.gumroad.com/cart_items_count
Requested by
Host: assets.gumroad.com
URL: https://assets.gumroad.com/packs/js/overlay-902617c9f13ff823507a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27d09c6ed0bda12463f4bafb522dfac29d0a486df75ead559f8b45f8e2097daa
Security Headers
Name Value
Content-Security-Policy default-src https 'self'; child-src * data: blob:; connect-src 'self' blob: www.dropbox.com api.dropboxapi.com s3.amazonaws.com/gumroad s3.amazonaws.com/gumroad/ gumroad-public-storage.s3.amazonaws.com gumroad-public-storage.s3.amazonaws.com/ s3.amazonaws.com/gumroad-public-storage s3.amazonaws.com/gumroad-public-storage/ www.google.com www.gstatic.com *.facebook.com *.facebook.net *.google-analytics.com *.g.doubleclick.net *.googletagmanager.com analytics.google.com *.analytics.google.com files.gumroad.com/ d1bdh6c3ceakz5.cloudfront.net/ *.braintreegateway.com www.paypalobjects.com *.paypal.com *.braintree-api.com iframe.ly beaconapi.helpscout.net d3hb14vkzrxvla.cloudfront.net app.gumroad.com; font-src * data: blob:; frame-src * data: blob:; img-src * data: blob:; media-src * data: blob:; object-src * data: blob:; script-src 'self' 'unsafe-eval' ajax.cloudflare.com static.cloudflareinsights.com js.stripe.com api.stripe.com *.braintreegateway.com *.braintree-api.com www.paypalobjects.com *.paypal.com *.google-analytics.com *.googletagmanager.com optimize.google.com www.googleadservices.com www.google.com www.gstatic.com *.facebook.net *.facebook.com www.dropbox.com s.ytimg.com cdn.iframe.ly platform.twitter.com cdn.jwplayer.com *.jwpcdn.com gumroad.us3.list-manage.com analytics.twitter.com beacon-v2.helpscout.net app.gumroad.com assets.gumroad.com 'nonce-Ggh1bzPhdic8tf3mdMf6hIeUC26+x+lim9NaRjmJDV0=' 'unsafe-inline'; style-src 'self' 'unsafe-inline' s.ytimg.com optimize.google.com fonts.googleapis.com assets.gumroad.com; worker-src * data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://detexify.kirelabs.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8291746afc2991d8-FRA
content-encoding
br
content-security-policy
default-src https 'self'; child-src * data: blob:; connect-src 'self' blob: www.dropbox.com api.dropboxapi.com s3.amazonaws.com/gumroad s3.amazonaws.com/gumroad/ gumroad-public-storage.s3.amazonaws.com gumroad-public-storage.s3.amazonaws.com/ s3.amazonaws.com/gumroad-public-storage s3.amazonaws.com/gumroad-public-storage/ www.google.com www.gstatic.com *.facebook.com *.facebook.net *.google-analytics.com *.g.doubleclick.net *.googletagmanager.com analytics.google.com *.analytics.google.com files.gumroad.com/ d1bdh6c3ceakz5.cloudfront.net/ *.braintreegateway.com www.paypalobjects.com *.paypal.com *.braintree-api.com iframe.ly beaconapi.helpscout.net d3hb14vkzrxvla.cloudfront.net app.gumroad.com; font-src * data: blob:; frame-src * data: blob:; img-src * data: blob:; media-src * data: blob:; object-src * data: blob:; script-src 'self' 'unsafe-eval' ajax.cloudflare.com static.cloudflareinsights.com js.stripe.com api.stripe.com *.braintreegateway.com *.braintree-api.com www.paypalobjects.com *.paypal.com *.google-analytics.com *.googletagmanager.com optimize.google.com www.googleadservices.com www.google.com www.gstatic.com *.facebook.net *.facebook.com www.dropbox.com s.ytimg.com cdn.iframe.ly platform.twitter.com cdn.jwplayer.com *.jwpcdn.com gumroad.us3.list-manage.com analytics.twitter.com beacon-v2.helpscout.net app.gumroad.com assets.gumroad.com 'nonce-Ggh1bzPhdic8tf3mdMf6hIeUC26+x+lim9NaRjmJDV0=' 'unsafe-inline'; style-src 'self' 'unsafe-inline' s.ytimg.com optimize.google.com fonts.googleapis.com assets.gumroad.com; worker-src * data: blob:
content-type
text/html; charset=utf-8
date
Mon, 20 Nov 2023 14:41:36 GMT
link
<https://assets.gumroad.com/packs/css/design-b65b94a3.css>; rel=preload; as=style; crossorigin=anonymous; nopush,<https://assets.gumroad.com/assets/application-cbf244e9109e70d7b04497041636f00173a1e588f9b879b3a3ef11f8dfb86e5c.js>; rel=preload; as=script; nopush,<https://assets.gumroad.com/assets/i18n/en-4c5c447d72165bc00d58f423889c09f17065c16375655f0e6bf99d16ee1fe7ce.js>; rel=preload; as=script; nopush,<https://assets.gumroad.com/assets/i18n/de-4b11a74e8b22295a156f94e3ee27d6763a4089dd44a1a8b0c6d1fdc8191de2cf.js>; rel=preload; as=script; nopush
server
cloudflare
strict-transport-security
max-age=31536000
vary
Origin
x-content-type-options
nosniff
x-download-options
noopen
x-gr
PROD
x-permitted-cross-domain-policies
none
x-request-id
6d914971-dfa7-4650-85a9-d4aac947daf0
x-revision
c079831f9250
x-runtime
0.006994
x-xss-protection
1; mode=block
design-b65b94a3.css
assets.gumroad.com/packs/css/
397 KB
61 KB
Stylesheet
General
Full URL
https://assets.gumroad.com/packs/css/design-b65b94a3.css
Requested by
Host: assets.gumroad.com
URL: https://assets.gumroad.com/packs/js/overlay-902617c9f13ff823507a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dbfa93a99236942e1885e9a807369e2cb73f5bca51f2dc58df66edea2b1bc5d

Request headers

Referer
http://detexify.kirelabs.org/
Origin
http://detexify.kirelabs.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 14:41:36 GMT
via
1.1 0a4b38fa4b7e435c9572519905d42268.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
AMS58-P1
age
245643
cf-polished
origSize=424777
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
cf-bgj
minify
last-modified
Fri, 17 Nov 2023 17:52:49 GMT
server
cloudflare
etag
W/"9d04214476285259534dba7a4c736b89"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
ETag, Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control
public, max-age=31536000
vary
Origin, Accept-Encoding
cf-ray
8291746acde235fe-FRA
x-amz-cf-id
UVupGdebzpCh5kZOKw4bU0Ih8Yj6SznUq0dRfBx4jX-z2pQlb-UXqg==
expires
Tue, 19 Nov 2024 14:41:36 GMT
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7217292717360456&plah=detexify.kirelabs.org&bust=31079698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d249db9345e80a40f4681735a6c99f7e03e0f0ccb28de2de02a2389bb9d7b301
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 14:41:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12174
x-xss-protection
0
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2065258c5093f1e788ba7c67392446216e7280565a620edafc1badb0e0a1d229

Request headers

Referer
Origin
http://detexify.kirelabs.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
design-b65b94a3.css
assets.gumroad.com/packs/css/ Frame A91E
397 KB
61 KB
Stylesheet
General
Full URL
https://assets.gumroad.com/packs/css/design-b65b94a3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dbfa93a99236942e1885e9a807369e2cb73f5bca51f2dc58df66edea2b1bc5d

Request headers

Referer
https://app.gumroad.com/
Origin
https://app.gumroad.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 14:41:36 GMT
via
1.1 592fdb72142153f4ac204b48e22d9036.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
LIS50-C1
age
246101
cf-polished
origSize=424777
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
cf-bgj
minify
last-modified
Fri, 17 Nov 2023 17:52:49 GMT
server
cloudflare
etag
W/"9d04214476285259534dba7a4c736b89"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
ETag, Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control
public, max-age=31536000
vary
Origin, Accept-Encoding
cf-ray
8291746bef1835fe-FRA
x-amz-cf-id
lBNTU7KCRZ9KiRjpDxdc41juxTLhUyZucPFB8kDkRZUGN1Uwj-Ozhw==
expires
Tue, 19 Nov 2024 14:41:36 GMT
application-cbf244e9109e70d7b04497041636f00173a1e588f9b879b3a3ef11f8dfb86e5c.js
assets.gumroad.com/assets/ Frame A91E
106 KB
38 KB
Script
General
Full URL
https://assets.gumroad.com/assets/application-cbf244e9109e70d7b04497041636f00173a1e588f9b879b3a3ef11f8dfb86e5c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dce389757d0e9cebc13ab01e21a987b51032bf51535b2a11289eef11517c2bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.gumroad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 14:41:36 GMT
via
1.1 60e55687f4f0ad988a569a499b543a0e.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
SFO53-P5
age
1082648
cf-polished
origSize=108231
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cf-bgj
minify
last-modified
Tue, 24 Oct 2023 03:26:46 GMT
server
cloudflare
etag
W/"3a0bda30ac6db6c82afddd80c7aec986"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8291746bed2291d8-FRA
x-amz-cf-id
iPY5d4m7Q-P0bg3maL7TetyLUsYscNv6a3bhLRFZ496xMxiNvhsUtw==
expires
Tue, 19 Nov 2024 14:41:36 GMT
en-4c5c447d72165bc00d58f423889c09f17065c16375655f0e6bf99d16ee1fe7ce.js
assets.gumroad.com/assets/i18n/ Frame A91E
358 KB
103 KB
Script
General
Full URL
https://assets.gumroad.com/assets/i18n/en-4c5c447d72165bc00d58f423889c09f17065c16375655f0e6bf99d16ee1fe7ce.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d0d21b5027cf77abb4990f042d024fd2a66afba02513159293b16c9955aa4b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.gumroad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 14:41:36 GMT
via
1.1 a27ed8d6378690064461588aa8a785d2.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
TPA52-P2
age
5863
cf-polished
origSize=366327
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
cf-bgj
minify
last-modified
Mon, 20 Nov 2023 10:19:30 GMT
server
cloudflare
etag
W/"c47076f157fe0fe53ca5d52c979d2140"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8291746bed2491d8-FRA
x-amz-cf-id
hwP0m2wXxi7UOyMWylK3JSWxJvcGRdIKaAFsoF1dHfcZHOraioj3dQ==
expires
Tue, 19 Nov 2024 14:41:36 GMT
de-4b11a74e8b22295a156f94e3ee27d6763a4089dd44a1a8b0c6d1fdc8191de2cf.js
assets.gumroad.com/assets/i18n/ Frame A91E
354 KB
103 KB
Script
General
Full URL
https://assets.gumroad.com/assets/i18n/de-4b11a74e8b22295a156f94e3ee27d6763a4089dd44a1a8b0c6d1fdc8191de2cf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6671e9a982ac04cc42d08c643b83a043d2d567844a6b9280c2116b001ddd5528

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.gumroad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 14:41:36 GMT
via
1.1 818fd5af033e15165f0e7cde0c631ba6.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
DUS51-P3
age
5860
cf-polished
origSize=362114
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
cf-bgj
minify
last-modified
Mon, 20 Nov 2023 10:19:24 GMT
server
cloudflare
etag
W/"4c425e80f7bf9c49820c34c5156932de"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8291746bed2591d8-FRA
x-amz-cf-id
orD_uwI7mJiWo-dfxejXsjqgJQTgEl6P2SnGSqJwOPIFtb4qF06NRQ==
expires
Tue, 19 Nov 2024 14:41:36 GMT
rocket-loader.min.js
app.gumroad.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame A91E
12 KB
4 KB
Script
General
Full URL
https://app.gumroad.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: app.gumroad.com
URL: https://app.gumroad.com/cart_items_count
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.gumroad.com/cart_items_count
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 14:41:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 16 Nov 2023 21:55:48 GMT
server
cloudflare
etag
W/"65568fe4-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
8291746bfd3591d8-FRA
expires
Wed, 22 Nov 2023 14:41:36 GMT
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ Frame A91E
20 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: app.gumroad.com
URL: https://app.gumroad.com/cart_items_count
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://app.gumroad.com/
Origin
https://app.gumroad.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 14:41:36 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8291746c4bc62c4e-FRA
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7217292717360456&plah=detexify.kirelabs.org&bust=31079698
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 14:41:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 20 Nov 2023 14:41:36 GMT
product-0653bf940519607580c5.js
assets.gumroad.com/packs/js/ Frame A91E
25 KB
5 KB
Script
General
Full URL
https://assets.gumroad.com/packs/js/product-0653bf940519607580c5.js
Requested by
Host: app.gumroad.com
URL: https://app.gumroad.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36d66754b4e1f2a6c6a8ab1d5deec0ac61c5b5cb60f93a32411b8cc407b62920

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.gumroad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 14:41:36 GMT
via
1.1 f42ffbcae499c78a2420149a88d4dd98.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
ATL52-C1
age
5861
cf-polished
origSize=25261
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
cf-bgj
minify
last-modified
Mon, 20 Nov 2023 10:21:58 GMT
server
cloudflare
etag
W/"77ed662b0b73d0c47c7971f9816a0bb2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8291746caddd91d8-FRA
x-amz-cf-id
Gn7Tq4Eq7ke_G0ZVQtCdLDYGgW0AAohV3g-vPfYYSzvZD7SfoDj_HA==
expires
Tue, 19 Nov 2024 14:41:36 GMT
3311-30b7866b24ce441e95d9.js
assets.gumroad.com/packs/js/ Frame A91E
96 KB
35 KB
Script
General
Full URL
https://assets.gumroad.com/packs/js/3311-30b7866b24ce441e95d9.js
Requested by
Host: app.gumroad.com
URL: https://app.gumroad.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06aabfc4207191ce48bfb6faa97f1678cb8395455d001f6d546bf4e58f2d335e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.gumroad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 14:41:36 GMT
via
1.1 a686e72b9757a599d684131328e4a952.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
ATL52-C1
age
5861
cf-polished
origSize=98305
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
cf-bgj
minify
last-modified
Mon, 20 Nov 2023 12:02:38 GMT
server
cloudflare
etag
W/"73e6438e971bebc81c1f3f757f020f65"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8291746caddf91d8-FRA
x-amz-cf-id
6ORdomN-_-bOHmboWKCqddHZuzCg4GkOdtbcNA5rn4sQpjG0T77u4w==
expires
Tue, 19 Nov 2024 14:41:36 GMT
webpack-commons-f65d819a411a7ce746cc.js
assets.gumroad.com/packs/js/ Frame A91E
1 MB
0
Script
General
Full URL
https://assets.gumroad.com/packs/js/webpack-commons-f65d819a411a7ce746cc.js
Requested by
Host: app.gumroad.com
URL: https://app.gumroad.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.gumroad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 14:41:36 GMT
via
1.1 6503a4af08a1126fe0f20f95c7ca4d6a.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
ATL52-C1
age
5863
cf-polished
origSize=1941664
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
cf-bgj
minify
last-modified
Mon, 20 Nov 2023 12:04:37 GMT
server
cloudflare
etag
W/"d7a6aaa0430500bafddbb10e08ebdc75"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8291746cade191d8-FRA
x-amz-cf-id
5sWGDbgGZTxZdanxkLY96Ygry76jmxH0u9LJvz2aZ0d0EDvSAQgTWw==
expires
Tue, 19 Nov 2024 14:41:36 GMT
webpack-runtime-315e536ac0a1b1708962.js
assets.gumroad.com/packs/js/ Frame A91E
4 KB
2 KB
Script
General
Full URL
https://assets.gumroad.com/packs/js/webpack-runtime-315e536ac0a1b1708962.js
Requested by
Host: app.gumroad.com
URL: https://app.gumroad.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ba3980c1c92553aad436a0769747d1ec93cc90b3c1946286d1eab696bf1b9b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.gumroad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 14:41:36 GMT
via
1.1 f859b61d83a10a92ae1fdd4b4f56d598.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
TLV50-C1
age
401729
cf-polished
origSize=4567
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
cf-bgj
minify
last-modified
Wed, 15 Nov 2023 22:44:05 GMT
server
cloudflare
etag
W/"06a74cca18ea4270bd5f32a454716e39"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8291746cade391d8-FRA
x-amz-cf-id
U_N-Ei0-S_ZsdI47VsEZYDXzRCc7YZOQuvka5jYeoZ2-JY2mwujRFg==
expires
Tue, 19 Nov 2024 14:41:36 GMT
webpack-commons-f65d819a411a7ce746cc.js
assets.gumroad.com/packs/js/ Frame A91E
2 MB
534 KB
Script
General
Full URL
https://assets.gumroad.com/packs/js/webpack-commons-f65d819a411a7ce746cc.js
Requested by
Host: app.gumroad.com
URL: https://app.gumroad.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ae24e5dc9a8e82bf19e3f9731bf13b3fccef3042e7cd522d9cfad56c38ec269

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.gumroad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 14:41:36 GMT
via
1.1 6503a4af08a1126fe0f20f95c7ca4d6a.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
ATL52-C1
age
5863
cf-polished
origSize=1941664
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
cf-bgj
minify
last-modified
Mon, 20 Nov 2023 12:04:37 GMT
server
cloudflare
etag
W/"d7a6aaa0430500bafddbb10e08ebdc75"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8291746d6e9d91d8-FRA
x-amz-cf-id
5sWGDbgGZTxZdanxkLY96Ygry76jmxH0u9LJvz2aZ0d0EDvSAQgTWw==
expires
Tue, 19 Nov 2024 14:41:36 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AA52
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://detexify.kirelabs.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
5703
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 20 Nov 2023 13:06:34 GMT
expires
Tue, 19 Nov 2024 13:06:34 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C871
829 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e59ec8d2162c6582841d48ae22fea75245200662d96940af99f3295c95ac887c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YQep9ZAqZ1CRl454Q18dkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://detexify.kirelabs.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-YQep9ZAqZ1CRl454Q18dkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 20 Nov 2023 14:41:37 GMT
expires
Mon, 20 Nov 2023 14:41:37 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
rum
app.gumroad.com/cdn-cgi/ Frame A91E
0
0

rum
app.gumroad.com/cdn-cgi/ Frame A91E
0
0

truncated
/
619 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
97c81e535043773b88b91fda8c3d8c910c248cb72cfd6f5824880e255f9315ce

Request headers

Referer
Origin
http://detexify.kirelabs.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
sodar
pagead2.googlesyndication.com/pagead/ Frame C871
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=1054551418885316&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame AA52
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 13:06:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
5704
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Nov 2024 13:06:33 GMT
generate_204
tpc.googlesyndication.com/ Frame AA52
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?gd_Hvw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 14:41:37 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=1054551418885316&bg=!2Nul25TNAAZxrfrxUa07ADQBe5WfOOKjYw-n3nUQXnCxpVeTGl3Rt4RhiRfBhSIvAqK66bNQp9xXmPa2AskHqRgRT0rSAgAAAOxSAAAABmgBB5kCu4Gj2JnBYdOA1yv-QHIoi1sC2sSaEy6Cv1LqQw-7LZmg9cZrPii6pfEGz-fIWWxjbkegNF956SFAO9T5--OiMbwvt2IIdOunXKDxGaHKnmvUamdtQ6KhJWdq920ve6Vt8ifFAEDjnNBwTLJ2ZDxd4j0ZzWoN3-3pX1jKHplqQ8yGPhzh8WBxfz-WdvYfPsw1_YkHU1NCeNVpU7Tlk69CNOZkqxNXjTQy5dOVRtWvH10hfXlLX4zAk76Vig1Cm9eYj_7MgbSmaq9AxB-AWG144NqQBKKNnGFrHyn4dSphIKB1QaUsZ0OewVRiw6qTE43hP-Oi-BEmSRqbJuUNBTMfjBP6gsRHs5nItIjR9yCYf3jaZJcvfRAAm1tTg-eeCDaxD5yo2YdiGnG-CkrrKRwWVYR3vr43dWXZUuNoqG5lvh_jeIO-TVLvPi0i8S4z0alFNFjflyJHAEaT-STgKLf_Do2YPAx_Du0A5PRv6-MrCNCv-xtVCYTqaQiV9f3lQu3I97Eop3z5hfifzur3eyyX3IeDcObc_GTxuddIX9aiE7qqs_jHLrCMAAJtJhuFsD-lBo8eQt_hi6AEZzI6q9mH8Iv4IGOeo9ZzrjWO5Lv2khaY8oJ3fYWIb48xUnAfnRJ-4Fuvz8XJD8YioArgs1tYwFQVijHPIERsENoE0ECfXSKq0iaVAgC9_n7r-u7uqJvQRJQAHP7TWnyuYRZBHYLxVbZQTWJuYs4ZPiZP6a4wROlgy1dzSGU60c6AiynDf-R7PA1Tp1oqQTr850QGBJTT9OASVw22l91nlOmEMx2oP60A4MlIZ4c4psQZcbRRPvTiQ7szi472jLz03LOMfB9W3o8wnsd05xC9brunCLN8eUUxamj8FV6qhBFftgO5XLlnK1KAy2BHWMvBULmZttfyzw4eTWPKoisKZZANLg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://detexify.kirelabs.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
app.gumroad.com
URL
https://app.gumroad.com/cdn-cgi/rum?
Domain
app.gumroad.com
URL
https://app.gumroad.com/cdn-cgi/rum?

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| Detexify function| $ function| jQuery function| Canvassified function| Raphael function| _ function| populateSymbolList object| adsbygoogle function| trackOutboundLink string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map object| google_ama_state number| google_rum_task_id_counter object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_tag_manager object| googletag object| GoogleGcLKhOms object| google_image_requests

7 Cookies

Domain/Path Name / Value
.kirelabs.org/ Name: _ga
Value: GA1.2.1658553127.1700491296
.kirelabs.org/ Name: _gid
Value: GA1.2.2120544509.1700491296
.kirelabs.org/ Name: _gat
Value: 1
.kirelabs.org/ Name: _ga_P837L6ZG89
Value: GS1.2.1700491296.1.0.1700491296.0.0.0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.kirelabs.org/ Name: __gads
Value: ID=1236885106fe3ab0:T=1700491296:RT=1700491296:S=ALNI_Ma7dPRaoYjwaFmUY-9DHG0K6XvVeQ
.kirelabs.org/ Name: __gpi
Value: UID=00000ccebdc9ca73:T=1700491296:RT=1700491296:S=ALNI_MbvqoG4iPiuc217D1_dqqi82hQBMw

5 Console Messages

Source Level URL
Text
network error URL: http://gttp.co/v1.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://gttp.co/v1.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://button.flattr.com/loader.js?mode=auto
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7217292717360456&output=html&adk=1812271804&adf=3025194257&lmt=1585690282&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C500x675_r&format=0x0&url=http%3A%2F%2Fdetexify.kirelabs.org%2Fclassify.html&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&aslcwct=1&asacwct=1&dt=1700491295480&bpp=2&bdt=881&idt=504&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x50&nras=1&correlator=4655458872957&frm=20&pv=1&ga_vid=1658553127.1700491296&ga_sid=1700491296&ga_hid=1229065899&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079606%2C31079629%2C42532600%2C44795922%2C44809004%2C44809317%2C31078301%2C31079698%2C44807763%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1054551418885316&tmod=936479947&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=557
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7217292717360456&output=html&h=50&slotname=2804888725&adk=3049951324&adf=3076384377&pi=t.ma~as.2804888725&w=320&lmt=1585690282&format=320x50&url=http%3A%2F%2Fdetexify.kirelabs.org%2Fclassify.html&ea=0&wgl=1&dt=1700491295476&bpp=4&bdt=877&idt=432&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&correlator=4655458872957&frm=20&pv=2&ga_vid=1658553127.1700491296&ga_sid=1700491296&ga_hid=1229065899&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=480&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079606%2C31079629%2C42532600%2C44795922%2C44809004%2C44809317%2C31078301%2C31079698%2C44807763%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1054551418885316&tmod=936479947&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=1024&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=494
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.flattr.com
app.gumroad.com
assets.gumroad.com
button.flattr.com
detexify.kirelabs.org
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gttp.co
gumroad.com
pagead2.googlesyndication.com
region1.google-analytics.com
static.cloudflareinsights.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.paypalobjects.com
app.gumroad.com
192.229.221.25
2001:4860:4802:34::36
2606:4700:20::681a:bfb
2606:4700:20::ac43:4642
2606:4700:3032::ac43:bafd
2606:4700::6810:3965
2606:4700::6810:c119
2a00:1450:4001:802::2004
2a00:1450:4001:80e::200a
2a00:1450:4001:811::2002
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2003
2a00:1450:400c:c07::9a
52.202.168.65
06aabfc4207191ce48bfb6faa97f1678cb8395455d001f6d546bf4e58f2d335e
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1ba3980c1c92553aad436a0769747d1ec93cc90b3c1946286d1eab696bf1b9b5
1dce389757d0e9cebc13ab01e21a987b51032bf51535b2a11289eef11517c2bb
2065258c5093f1e788ba7c67392446216e7280565a620edafc1badb0e0a1d229
27d09c6ed0bda12463f4bafb522dfac29d0a486df75ead559f8b45f8e2097daa
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
36d66754b4e1f2a6c6a8ab1d5deec0ac61c5b5cb60f93a32411b8cc407b62920
37c48d82d0ba43adc99686a5575f9c5e0887729d3f191e7b0cbdc14d201e65bd
3b2286e41fb8ddb39d9e34d94255edc34e4d209e23291abf5bcdc17c59df4580
4ae24e5dc9a8e82bf19e3f9731bf13b3fccef3042e7cd522d9cfad56c38ec269
4df41d841402fedbee9fb11981ccbc96eb3143097a2a1fcd741e81a6366e1a6c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c49c777807286f6b0703df8e7deca98556e8b4585244d766c59cd4b6c38d424
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6671e9a982ac04cc42d08c643b83a043d2d567844a6b9280c2116b001ddd5528
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72112388fedc8d52c9056e2b947553d7e5b1bb79a78a936be2465ab20fbffbba
79270341b1a108f09e07655f636e7012321755f7f96aee6aab38a4f8d780c3dd
7dbfa93a99236942e1885e9a807369e2cb73f5bca51f2dc58df66edea2b1bc5d
8683569e70ba56fe875c851c0644f88f4addbe753e299a710abc81f965052f71
8d0d21b5027cf77abb4990f042d024fd2a66afba02513159293b16c9955aa4b5
9099aeba23edeb9b363856abf07dad409c2319ddc624551d990455573b7b5ac6
96c92b0bad6a0f1db2f7cda2ff0cb2435cbf68e885aaeb05fea17d8770ec7063
97c81e535043773b88b91fda8c3d8c910c248cb72cfd6f5824880e255f9315ce
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9e9efbfac0ed1e10a0e2359650ff3a1dfe2867f5a9663b124f3b0d78fac1b5db
c18c997d08765d4ef06721aeae7bc0adac6b9d968b7dc236f87c4038f856b448
c6309b8d07470d8662dfa822f4f5aabd278ae570e4907a5e44299a6f1795d26f
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf353c7fe4f18193b2d7e76287d8618085e0d5e7485baf93a07f28dcf0db063f
d249db9345e80a40f4681735a6c99f7e03e0f0ccb28de2de02a2389bb9d7b301
da3a4a9ffefbd4c563fc28b1cb72a6b2cec089285f571e6c682e35a825d1ff76
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59ec8d2162c6582841d48ae22fea75245200662d96940af99f3295c95ac887c
ebc32695dce5e1b809b085dbb532aa7f6150ba5389760180a63505e18eedecc1
fc77eca18d169fa3d02007c51bc5e22c63652623a8caa5f84910035060049bf0
ff3d0c4d00494bed52c5bb4c1d140fc03865da2ebe02aaa4e8071aa89c661280
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995