refb.org Open in urlscan Pro
52.5.5.85 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://refb.org/
Effective URL:
https://refb.org/
Submission: On December 04 via manual (December 4th 2024, 12:41:55 am UTC) from US — Scanned from SE

Summary HTTP 77 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 22 IPs in 2 countries across 16 domains to perform 77 HTTP transactions. The main IP is 52.5.5.85, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is refb.org.
TLS certificate: Issued by R11 on November 6th 2024. Valid for: 3 months.

This is the only time refb.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	52.5.5.85 52.5.5.85	14618 (AMAZON-AES) (AMAZON-AES)
28	18.244.18.5 18.244.18.5	16509 (AMAZON-02) (AMAZON-02)
5	142.250.184.232 142.250.184.232	15169 (GOOGLE) (GOOGLE)
1	172.67.22.212 172.67.22.212	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.203.151.40 34.203.151.40	14618 (AMAZON-AES) (AMAZON-AES)
2	172.67.68.204 172.67.68.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.185.78 142.250.185.78	15169 (GOOGLE) (GOOGLE)
2	65.9.66.25 65.9.66.25	16509 (AMAZON-02) (AMAZON-02)
3	142.250.186.106 142.250.186.106	15169 (GOOGLE) (GOOGLE)
2	104.16.224.240 104.16.224.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
1	216.58.206.42 216.58.206.42	15169 (GOOGLE) (GOOGLE)
2	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
4	142.250.184.195 142.250.184.195	15169 (GOOGLE) (GOOGLE)
5	104.18.9.146 104.18.9.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	172.67.74.220 172.67.74.220	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.67.75.153 172.67.75.153	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.100 142.250.186.100	15169 (GOOGLE) (GOOGLE)
1	54.231.165.169 54.231.165.169	16509 (AMAZON-02) (AMAZON-02)
4	104.26.10.19 104.26.10.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
77	22

3 52.5.5.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-5-85.compute-1.amazonaws.com

refb.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 18.244.18.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-5.fra56.r.cloudfront.net

cdn.firespring.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.22.212 (United States)

ASN13335 (CLOUDFLARENET, US)

redwood-empire-food-bank.givecloud.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.203.151.40 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-151-40.compute-1.amazonaws.com

signup.e2ma.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.68.204 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.gtranslate.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-25.fra56.r.cloudfront.net

embed.e2ma.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dk98ddgl0znzm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.224.240 (None, )

ASN13335 (CLOUDFLARENET, US)

analytics.firespring.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.42 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f10.1e100.net

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.9.146 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.sitesearch360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insights.sitesearch360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.74.220 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

loader.wisepops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.wisepops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracking.wisepops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.75.153 (United States)

ASN13335 (CLOUDFLARENET, US)

wisepops.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.231.165.169 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

emma-content-aggregates-prd.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.26.10.19 (None, )

ASN13335 (CLOUDFLARENET, US)

activity.wisepops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	firespring.com cdn.firespring.com — Cisco Umbrella Rank: 127560 analytics.firespring.com — Cisco Umbrella Rank: 157656	2 MB
8	wisepops.com 1 redirects loader.wisepops.com — Cisco Umbrella Rank: 20946 cdn.wisepops.com — Cisco Umbrella Rank: 36833 activity.wisepops.com — Cisco Umbrella Rank: 18365 tracking.wisepops.com — Cisco Umbrella Rank: 40141	510 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	70 KB
5	sitesearch360.com cdn.sitesearch360.com — Cisco Umbrella Rank: 39114 insights.sitesearch360.com — Cisco Umbrella Rank: 39539	90 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	409 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 translate.googleapis.com — Cisco Umbrella Rank: 912	77 KB
3	wisepops.net wisepops.net — Cisco Umbrella Rank: 14037	34 KB
3	refb.org refb.org	17 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3353
2	google.com translate.google.com — Cisco Umbrella Rank: 1113 www.google.com — Cisco Umbrella Rank: 3	29 KB
2	gtranslate.net cdn.gtranslate.net — Cisco Umbrella Rank: 18899	9 KB
2	e2ma.net signup.e2ma.net — Cisco Umbrella Rank: 148576 embed.e2ma.net — Cisco Umbrella Rank: 288961	9 KB
1	amazonaws.com emma-content-aggregates-prd.s3.amazonaws.com — Cisco Umbrella Rank: 151882	527 B
1	youtube.com www.youtube.com — Cisco Umbrella Rank: 79
1	cloudfront.net dk98ddgl0znzm.cloudfront.net	5 KB
1	givecloud.co redwood-empire-food-bank.givecloud.co	747 KB
77	16

	Domain	Requested by
28	cdn.firespring.com	refb.org cdn.firespring.com
5	www.googletagmanager.com	refb.org www.googletagmanager.com
4	activity.wisepops.com	loader.wisepops.com
4	fonts.gstatic.com	fonts.googleapis.com refb.org
3	wisepops.net	refb.org loader.wisepops.com
3	cdn.sitesearch360.com	refb.org cdn.sitesearch360.com
3	www.gstatic.com	refb.org www.gstatic.com
3	fonts.googleapis.com	cdn.firespring.com redwood-empire-food-bank.givecloud.co cdn.wisepops.com
3	refb.org	signup.e2ma.net cdn.firespring.com
2	cdn.wisepops.com	loader.wisepops.com refb.org
2	insights.sitesearch360.com	cdn.sitesearch360.com
2	region1.google-analytics.com	www.googletagmanager.com
2	analytics.firespring.com	refb.org analytics.firespring.com
2	cdn.gtranslate.net	refb.org
1	tracking.wisepops.com	loader.wisepops.com
1	emma-content-aggregates-prd.s3.amazonaws.com	embed.e2ma.net
1	www.youtube.com	refb.org
1	dk98ddgl0znzm.cloudfront.net	embed.e2ma.net
1	www.google.com	www.googletagmanager.com
1	loader.wisepops.com	1 redirects
1	translate.googleapis.com
1	embed.e2ma.net	refb.org
1	translate.google.com	refb.org
1	signup.e2ma.net	refb.org
1	redwood-empire-food-bank.givecloud.co	refb.org
77	25

This site contains links to these domains. Also see Links.

Domain
interland3.donorperfect.net
getfood.refb.org
simplebooklet.com
signup.e2ma.net
twitter.com
www.facebook.com
www.instagram.com
www.linkedin.com
www.youtube.com
www.211bayarea.org
www.feedingamerica.org
www.mealsonwheelsamerica.org
translate.google.com

Subject Issuer	Validity	Valid
refb.org R11	`2024-11-06` - `2025-02-04`	3 months	crt.sh
cdn.firespring.com Amazon RSA 2048 M03	`2024-10-01` - `2025-10-30`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
givecloud.co WE1	`2024-10-27` - `2025-01-25`	3 months	crt.sh
*.e2ma.net Amazon RSA 2048 M02	`2024-03-05` - `2025-04-02`	a year	crt.sh
gtranslate.net WE1	`2024-11-12` - `2025-02-10`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
analytics.firespring.com E6	`2024-11-23` - `2025-02-21`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
sitesearch360.com WE1	`2024-11-10` - `2025-02-08`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2024-04-22` - `2025-04-07`	a year	crt.sh
wisepops.net WE1	`2024-11-15` - `2025-02-13`	3 months	crt.sh
wisepops.com WE1	`2024-10-19` - `2025-01-17`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://refb.org/
Frame ID: DEE447F19E05B06783CB6643093E52D8
Requests: 73 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4c30/sw_iframe.html?origin=https%3A%2F%2Frefb.org
Frame ID: 89B3CC4C73F249D0A2F2100C5EE57B3E
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/N8z5u5rGwlw?wmode=opaque&rel=0&autoplay=0&controls=1
Frame ID: E6086342C9C68A872DBC5A027DC3B90D
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 4E8FEC848C9B418E7CC4FCED4385EB68
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Redwood Empire Food Bank

Page URL History Show full URLs

http://refb.org/ HTTP 307
https://refb.org/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

77
Requests

97 %
HTTPS

0 %
IPv6

16
Domains

25
Subdomains

22
IPs

2
Countries

4380 kB
Transfer

9068 kB
Size

17
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://interland3.donorperfect.net/weblink/WebLink.aspx?name=redempire&id=134
Title: DONATE

Search URL Search Domain Scan URL

URL: https://getfood.refb.org/
Title: GET FOOD

Search URL Search Domain Scan URL

URL: https://interland3.donorperfect.net/weblink/WebLink.aspx?name=redempire&id=134&_gl=1*9crdf7*_gcl_au*MjE0MzY4NDA1Ny4xNzIxMDc0NzI3*_ga*NzQ2NjEzOTgxLjE2NjYxMTY4MzE.*_ga_FS9KBD02MV*MTcyNzczODY1Ni40MjMuMS4xNzI3NzQwMDE2LjAuMC4w
Title: Nourishing Hope Your donation feeds families in need. Give hope this holiday... DONATE NOW

Search URL Search Domain Scan URL

URL: https://interland3.donorperfect.net/weblink/WebLink.aspx?name=redempire&id=134&_gl=1*1oldjd3*_gcl_au*MjE0MzY4NDA1Ny4xNzIxMDc0NzI3*_ga*NzQ2NjEzOTgxLjE2NjYxMTY4MzE.*_ga_FS9KBD02MV*MTcyNzgyNTI4MC40MjguMS4xNzI3ODI1ODQ4LjAuMC4w
Title: Dignity in Every Meal Your support gives seniors independence. Make a difference this holiday... DONATE NOW

Search URL Search Domain Scan URL

URL: https://simplebooklet.com/2023communityimpactreport
Title: 2023 Impact Report Over 142,000 people across Sonoma County relied on your support in 2023. View the Report

Search URL Search Domain Scan URL

URL: https://signup.e2ma.net/signup/1931774/1922935
Title: Sign up here

Search URL Search Domain Scan URL

URL: https://twitter.com/refb

Search URL Search Domain Scan URL

URL: https://www.facebook.com/redwoodempirefoodbank/?v=wall

Search URL Search Domain Scan URL

URL: https://www.instagram.com/redwoodempirefoodbank/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/the-redwood-empire-food-bank/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCysGlYfTIOIT6f9BHazij7Q?view_as=subscriber

Search URL Search Domain Scan URL

URL: https://www.211bayarea.org/

Search URL Search Domain Scan URL

URL: https://www.feedingamerica.org/

Search URL Search Domain Scan URL

URL: https://www.mealsonwheelsamerica.org/

Search URL Search Domain Scan URL

URL: https://translate.google.com/
Title: Traducere

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://refb.org/ HTTP 307
https://refb.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://loader.wisepops.com/get-loader.js?v=1&site=xmBqhzvX8f HTTP 301
https://wisepops.net/loader.js?v=1&site=xmBqhzvX8f

77 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
refb.org/
Redirect Chain

http://refb.org/
https://refb.org/

66 KB
14 KB

1076ms
862ms

Document
text/html

52.5.5.85
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.5.5.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-5-85.compute-1.amazonaws.com

Software

Apache /

Resource Hash

68c6d5fde1ed801f186eecdc5f1d4b01e5d98669acc7671b3ba3c36201b4d52b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 13079
content-security-policy-report-only: default-src https:;script-src https: 'strict-dynamic' 'nonce-46fa9b48a7b34ae590a515140d34495872e918c179cada96aea3c6134b3f217d' 'unsafe-inline' 'unsafe-eval' 'report-sample';style-src https: 'unsafe-inline';img-src https: data:;connect-src https: wss:;font-src https: data:;object-src 'none';media-src https: blob: data:;frame-src https: null data: blob:;child-src 'self' https:;form-action 'self';frame-ancestors https://my.firespring.com;base-uri 'self' https://insights.sitesearch360.com;worker-src 'self' blob:;manifest-src 'self' https://cdn.firespring.com;report-uri /csp_log
content-type: text/html; charset=UTF-8
date: Wed, 04 Dec 2024 00:41:45 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
firespring-website-id: 10788
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains; preload;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://refb.org/
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK stylesheet.1733272877.css
cdn.firespring.com/core/v2/css/ 255 KB
45 KB 58ms
22ms Stylesheet
text/css 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.firespring.com/core/v2/css/stylesheet.1733272877.css

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

9d124ee9ad6b521c4ead5a81d968865f40057d1b816728257c33942bc618fce6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

Content-Encoding: gzip
Age: 26
x-content-type-options: nosniff
Expires: Fri, 03 Jan 2025 00:41:19 GMT
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: Q99Uf2DZ329tMlXik7XlL7A8FXQLTRXvFqp0Mm9j0r2brkVyHoebUw==
Date: Wed, 04 Dec 2024 00:41:19 GMT
Content-Type: text/css
Vary: Accept-Encoding
Last-Modified: Mon, 02 Dec 2024 19:07:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
Cache-Control: max-age=2592000
Connection: keep-alive
referrer-policy: no-referrer
Via: 1.1 93f1c701362eb59a676baaac7ea81bd8.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 45774
x-xss-protection: 1; mode=block
X-Amz-Cf-Pop: FRA56-P11
Server: Apache

GET
H/1.1 200
OK design.1733272877.css
cdn.firespring.com/designs/013063_10788/css/ 418 KB
64 KB 482ms
447ms Stylesheet
text/css 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.firespring.com/designs/013063_10788/css/design.1733272877.css

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d216b122e85aaa922b1e9c2340a16e13592afae5c10b7c0cb123bb6280cbb104

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

Content-Encoding: gzip
x-amz-version-id: 7KetjbWHYLrQF8lM8zbRWczXmwv7WKzp
ETag: W/"01286db13cf74bafb3467786f6ec0248"
X-Content-Type-Options: nosniff
X-Cache: Miss from cloudfront
X-Amz-Cf-Id: hwlfMefq2ztwVMV-zTnWLMAoQ2rwt4CVsAOyAJ43ewB9XEkdiSoSng==
Date: Wed, 04 Dec 2024 00:41:47 GMT
Content-Type: text/css
Vary: accept-encoding
Last-Modified: Wed, 17 Jan 2024 19:37:35 GMT
x-amz-id-2: fj53AE+W1J2MUEe6yTO6B0YJMFGOCkfLFDhaOeV5upvB53pcP0GWtPowQimxQn75YgKBfnKzPUA=
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
Connection: keep-alive
Referrer-Policy: no-referrer
Via: 1.1 888b6b44a57f755881c4b0f069225010.cloudfront.net (CloudFront)
x-amz-request-id: 8PFRZPJV5WPZTMPS
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA56-P11
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK jquery.1733272877.js Show response
cdn.firespring.com/core/v2/js/ 85 KB
30 KB 60ms
25ms Script
application/javascript 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.firespring.com/core/v2/js/jquery.1733272877.js

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

Content-Encoding: gzip
Age: 21
x-content-type-options: nosniff
Expires: Fri, 03 Jan 2025 00:41:24 GMT
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: 66DnxcZWQjn7aOfqCrs6XUIcrG6N9xfx9YBPw4dfkQstGi_zdoF34w==
Date: Wed, 04 Dec 2024 00:41:24 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Last-Modified: Mon, 02 Dec 2024 19:07:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
Cache-Control: max-age=2592000
Connection: keep-alive
referrer-policy: no-referrer
Via: 1.1 e4f83d72be7853fbcceb590827a5b68a.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 30305
x-xss-protection: 1; mode=block
X-Amz-Cf-Pop: FRA56-P11
Server: Apache

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 410 KB
132 KB 72ms
31ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FS9KBD02MV

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

cfcab5f6cdf7d7510f7d82c026874dfdaa1ab3e17dbfad1adce009f99ce0a748

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 04 Dec 2024 00:41:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 00:41:46 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 134775
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 259 KB
92 KB 23ms
21ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-346109100

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

5d3e9b2bf8a05e28d204df1cc63cecf3c7c80974024023f71faa6a747dae308a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 04 Dec 2024 00:41:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 00:41:46 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 04 Dec 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 93811
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 widgets.js Show response
redwood-empire-food-bank.givecloud.co/v1/ 3 MB
747 KB 366ms
322ms Script
application/javascript 172.67.22.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redwood-empire-food-bank.givecloud.co/v1/widgets.js
Requested by: Host: refb.org
URL: https://refb.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.22.212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a797b2961f9cba81764edc5068ad04beed8605997d7fc423f152047ca6078c25

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"674f8361-2b0224"
cf-ray: 8ec7c0b31830dcd1-FRA
expires: Wed, 04 Dec 2024 00:46:46 GMT
date: Wed, 04 Dec 2024 00:41:47 GMT
content-type: application/javascript
last-modified: Tue, 03 Dec 2024 22:17:05 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK 11719a96-da8b-47a6-be40-31bc79bbe284.png
cdn.firespring.com/images/ 38 KB
39 KB 44ms
8ms Image
image/png 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.firespring.com/images/11719a96-da8b-47a6-be40-31bc79bbe284.png

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

ba379f3cae03800268ab7bbdde16c23561decb44a05174be07548680b7e54d59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

Age: 15441
x-content-type-options: nosniff
Expires: Wed, 04 Dec 2024 20:24:24 GMT
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: hBehK9LhXkjJdFCdzLUHQ4OwNwMGD1w6L3obqG0zPF7mPn-u77vLsA==
Date: Tue, 03 Dec 2024 20:24:24 GMT
Content-Type: image/png
Vary: Accept
Content-Disposition: inline; filename="redwood-logo.png"
x-frame-options: SAMEORIGIN
Transfer-Encoding: chunked
strict-transport-security: max-age=31536000; includeSubDomains; preload
Cache-Control: must-revalidate, max-age=86400
Connection: keep-alive
content-transfer-encoding: binary
referrer-policy: no-referrer
Via: 1.1 39cfa117a3536e9c0afd90708900b558.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
X-Amz-Cf-Pop: FRA56-P11
Server: Apache

GET
H/1.1 200
OK 2f51b900-1a2b-4af5-9531-bbe8525a475f.png
cdn.firespring.com/images/ 8 KB
8 KB 44ms
9ms Image
image/png 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.firespring.com/images/2f51b900-1a2b-4af5-9531-bbe8525a475f.png

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

21982516c2709d6f0efe58184804044aa685925ae4d550d3d3d1b3a5a49ac390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

Age: 15441
x-content-type-options: nosniff
Expires: Wed, 04 Dec 2024 20:24:24 GMT
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: ZuryFTsCoCyz9Jn9_dss8cKKJ5r6X5z0OfW1XYVpIGwcij9spy4ryQ==
Date: Tue, 03 Dec 2024 20:24:24 GMT
Content-Type: image/png
Vary: Accept
Content-Disposition: inline; filename="logo-2-white.png"
x-frame-options: SAMEORIGIN
Transfer-Encoding: chunked
strict-transport-security: max-age=31536000; includeSubDomains; preload
Cache-Control: must-revalidate, max-age=86400
Connection: keep-alive
content-transfer-encoding: binary
referrer-policy: no-referrer
Via: 1.1 1332d04637e8e8783a277613082f94d8.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
X-Amz-Cf-Pop: FRA56-P11
Server: Apache

GET
H2 200 / Show response
signup.e2ma.net/tts_signup/1931774/764e855f5f7be3b5cc0ab5da69852621/1922935/ 7 KB
7 KB 343ms
137ms Script
text/javascript 34.203.151.40
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://signup.e2ma.net/tts_signup/1931774/764e855f5f7be3b5cc0ab5da69852621/1922935/?v=a

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.203.151.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-151-40.compute-1.amazonaws.com

Software

gunicorn /

Resource Hash

e8b518d89f64243cf8edeb4d1468b5e44af082a370d0c2007562ad01bf7e2092

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-length: 7447
date: Wed, 04 Dec 2024 00:41:46 GMT
content-type: text/javascript
server: gunicorn

GET
H2 200 float.js Show response
cdn.gtranslate.net/widgets/latest/ 22 KB
7 KB 60ms
24ms Script
application/javascript 172.67.68.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gtranslate.net/widgets/latest/float.js
Requested by: Host: refb.org
URL: https://refb.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c763fd08cfad23f2080080f6e863967b026431da17cf580dba4d9531098c7ee1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"644ef5be-5983"
age: 671429
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jGrE56UkELAhr4vCxSLdW3mQuk%2F3syCkpSzaj9ZNQu8yeJX3dg6yAzg%2F3KWDP5cTc4awNPSx6ZiCqM%2BjTohdQkDn5I2w5pwpxLD8qLilTCjathLuFlzOzRrMzcup47AaJ2zQxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ec7c0b32cb1dc9c-FRA
expires: Wed, 26 Nov 2025 06:11:17 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=7079&min_rtt=6138&rtt_var=1715&sent=8&recv=13&lost=0&retrans=0&sent_bytes=3993&recv_bytes=2175&delivery_rate=673024&cwnd=254&unsent_bytes=0&cid=234655fe945e11e7&ts=34&x=0"
date: Wed, 04 Dec 2024 00:41:46 GMT
content-type: application/javascript
last-modified: Sun, 30 Apr 2023 23:11:58 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 84 KB
29 KB 69ms
23ms Script
text/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

86fe081305a9044886f58677d387aa093ab7e9ee8f7ae9f6f10b0c88532646e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 00:41:45 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server: ESF
x-frame-options: SAMEORIGIN

GET
H/1.1 200
OK footer_scripts.1733272877.js Show response
cdn.firespring.com/core/v2/js/ 382 KB
112 KB 22ms
22ms Script
application/javascript 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.firespring.com/core/v2/js/footer_scripts.1733272877.js

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

932ec780f217e520e237ac2278f8998176cfe96dda71432d64e9cb38e8f4becf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

Content-Encoding: gzip
Age: 21
x-content-type-options: nosniff
Expires: Fri, 03 Jan 2025 00:41:24 GMT
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: Xr97blceQjj6loMpBLbxwRLhGZR-UsmFQe1MyhxJOKoXiz5_OSI13w==
Date: Wed, 04 Dec 2024 00:41:24 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Last-Modified: Mon, 02 Dec 2024 19:07:24 GMT
x-frame-options: SAMEORIGIN
Transfer-Encoding: chunked
strict-transport-security: max-age=31536000; includeSubDomains; preload
Cache-Control: max-age=2592000
Connection: keep-alive
referrer-policy: no-referrer
Via: 1.1 93f1c701362eb59a676baaac7ea81bd8.cloudfront.net (CloudFront)
Accept-Ranges: bytes
x-xss-protection: 1; mode=block
X-Amz-Cf-Pop: FRA56-P11
Server: Apache

GET
H2 200 e2ma.js Show response
embed.e2ma.net/ 2 KB
2 KB 61ms
20ms Script
application/javascript 65.9.66.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.e2ma.net/e2ma.js
Requested by: Host: refb.org
URL: https://refb.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aab005e1e9c3d72739f90a0599a16112cd7713958aa506a36fadfc3030e90083

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

content-encoding: gzip
x-amz-version-id: EVTdvh.cjMfGyK99DUWIUQF28TpmAa95
etag: W/"5f4361bbb5893a069002b83b10be287f"
age: 47913
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: NVXDOi7NSv07QvfBjJkWxUuy3q5jn3yx2mP67LsRmqcvNuS_WMQdHQ==
date: Tue, 03 Dec 2024 11:23:14 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding
last-modified: Fri, 07 Feb 2020 16:09:43 GMT
cache-control: max-age=604800
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK velocity.min.js Show response
cdn.firespring.com/core/v2/js/fireSlider/ 48 KB
18 KB 21ms
21ms Script
application/javascript 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.firespring.com/core/v2/js/fireSlider/velocity.min.js

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

6e6b7705b815cac425c8b34117ef8de2c3cec38e853b0094ee6e69018673f5b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

Content-Encoding: gzip
Age: 1675877
x-content-type-options: nosniff
Expires: Sat, 14 Dec 2024 15:10:28 GMT
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: iLl-3TGJT28EHE7SZWpLmfJypW0UfYkNrtsHvHAFZjGlO-3dWL6Mbg==
Date: Thu, 14 Nov 2024 15:10:28 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Last-Modified: Wed, 13 Nov 2024 19:09:42 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
Cache-Control: max-age=2592000
Connection: keep-alive
referrer-policy: no-referrer
Via: 1.1 93f1c701362eb59a676baaac7ea81bd8.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 17672
x-xss-protection: 1; mode=block
X-Amz-Cf-Pop: FRA56-P11
Server: Apache

GET
H/1.1 200
OK jquery.fireSlider.velocity.js Show response
cdn.firespring.com/core/v2/js/fireSlider/ 59 KB
20 KB 20ms
20ms Script
application/javascript 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.firespring.com/core/v2/js/fireSlider/jquery.fireSlider.velocity.js

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

ef5b34e35bdf1f57d8a7affe1ba1bf166c06a40eb7d474e0d30a40b79267fdd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

Content-Encoding: gzip
Age: 1675877
x-content-type-options: nosniff
Expires: Sat, 14 Dec 2024 15:10:28 GMT
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: W0TQX7smvD6t9C0mT-_cLV0kIQBlD3BvnL2J9WzUMQb6jV0EqKEAlw==
Date: Thu, 14 Nov 2024 15:10:28 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Last-Modified: Wed, 13 Nov 2024 19:09:42 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
Cache-Control: max-age=2592000
Connection: keep-alive
referrer-policy: no-referrer
Via: 1.1 93f1c701362eb59a676baaac7ea81bd8.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 19751
x-xss-protection: 1; mode=block
X-Amz-Cf-Pop: FRA56-P11
Server: Apache

GET
H/1.1 200
OK 8247b22743a1ed8d863be45f83512742ead5361f.1733272877.js Show response
cdn.firespring.com/designs/013063_10788/js/ 57 KB
11 KB 426ms
425ms Script
application/javascript 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.firespring.com/designs/013063_10788/js/8247b22743a1ed8d863be45f83512742ead5361f.1733272877.js

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

370689c31d406bd9a0544097dda11a275247cb914335562692142e98826cf9d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

Content-Encoding: gzip
x-amz-version-id: VdnTfD7xfJIxh7qwO2BkGz0iri8Z.w8y
ETag: W/"f4a474b36ff4062f6b679665f80383b4"
X-Content-Type-Options: nosniff
X-Cache: Miss from cloudfront
X-Amz-Cf-Id: QE4_EyuKa6E_i0BgXKgjvDcNMqkI-tGh1X80S2HBJSLTZMay6ghBsw==
Date: Wed, 04 Dec 2024 00:41:47 GMT
Content-Type: application/javascript
Vary: accept-encoding
Last-Modified: Wed, 17 Jan 2024 19:37:36 GMT
x-amz-id-2: /v4H4TXtAZLMz4FsAXs74OCpp2HmwuWxK8Wuu4nFBV0tdpCPeKbQw7WG6qkZfKcOwzjbMQZXKwo=
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
Connection: keep-alive
Referrer-Policy: no-referrer
Via: 1.1 93f1c701362eb59a676baaac7ea81bd8.cloudfront.net (CloudFront)
x-amz-request-id: 8PFVFN9AP2DDTJ39
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA56-P11
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
1 KB 59ms
17ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,500&display=swap

Requested by

Host: cdn.firespring.com
URL: https://cdn.firespring.com/designs/013063_10788/css/design.1733272877.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

ESF /

Resource Hash

cbff01809407c04ea17a75cfa5bfc9e8e6fcdf63edf6f7a4117efe4ae8bf826f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 04 Dec 2024 00:41:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 00:41:46 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 04 Dec 2024 00:41:46 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 js Show response
analytics.firespring.com/ 15 KB
6 KB 133ms
17ms Script
text/javascript 104.16.224.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.firespring.com/js
Requested by: Host: refb.org
URL: https://refb.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.224.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7840f3fe92ab95556b89225c333a98bcd9313da0d33c1c1a82d145bea5f260e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

cache-control: max-age=604800
content-encoding: gzip
cf-cache-status: HIT
age: 9569
cf-ray: 8ec7c0b398c7d2bb-FRA
x-proxy-cache: MISS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Wed, 04 Dec 2024 00:41:46 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Tue, 03 Dec 2024 22:02:09 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 237 KB
81 KB 30ms
29ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5G7LMBD9

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3c39327a00a12fa4043a1dbc421680ae0e67224d7fc529c3f0935164a83dddd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Wed, 04 Dec 2024 00:41:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 00:41:46 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 82973
x-xss-protection: 0
server: Google Tag Manager

POST
H/1.1 200
OK csp_log
refb.org/ 0
1 KB 197ms
197ms Other
text/html 52.5.5.85
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://refb.org/csp_log

Requested by

Host: signup.e2ma.net
URL: https://signup.e2ma.net/tts_signup/1931774/764e855f5f7be3b5cc0ab5da69852621/1922935/?v=a

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.5.5.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-5-85.compute-1.amazonaws.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/csp-report
Referer: https://refb.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload;
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-security-policy-report-only: default-src https:;script-src https: 'strict-dynamic' 'nonce-cdb93b1575981394cf6358e27b72b765b9bfc95fd360141c9d56b9799f55a890' 'unsafe-inline' 'unsafe-eval' 'report-sample';style-src https: 'unsafe-inline';img-src https: data:;connect-src https: wss:;font-src https: data:;object-src 'none';media-src https: blob: data:;frame-src https: null data: blob:;child-src 'self' https:;form-action 'self';frame-ancestors https://my.firespring.com;base-uri 'self' https://insights.sitesearch360.com;worker-src 'self' blob:;manifest-src 'self' https://cdn.firespring.com;report-uri /csp_log?n=1
x-content-type-options: nosniff
expires: Thu, 19 Nov 1981 08:52:00 GMT
referrer-policy: no-referrer-when-downgrade
content-length: 0
date: Wed, 04 Dec 2024 00:41:46 GMT
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8
server: Apache

GET
H3 200 m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=DAY/d=0/rs=AN8SPfrCcgxoBri2FVMQptvuOBiOsolgBw/ 22 KB
4 KB 28ms
8ms Stylesheet
text/css 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=DAY/d=0/rs=AN8SPfrCcgxoBri2FVMQptvuOBiOsolgBw/m=el_main_css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.ro.WLhdcdtw5Dc.O/am=DAY/d=1/rs=AN8SPfrwNikkmsciTrEhavekzytjbk-ITA/m=el_conf

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

content-encoding: gzip
age: 97868
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
x-content-type-options: nosniff
expires: Tue, 02 Dec 2025 21:30:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 21:30:38 GMT
last-modified: Thu, 04 Apr 2024 07:26:25 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="rosetta"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4144
x-xss-protection: 0
server: sffe

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.ro.WLhdcdtw5Dc.O/am=ACA/d=1/exm=el_conf/ed=1/rs=AN8SPfr39kpnjEk8RPDsCJO3PU1TdQ454Q/ 214 KB
74 KB 43ms
9ms Script
text/javascript 216.58.206.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.ro.WLhdcdtw5Dc.O/am=ACA/d=1/exm=el_conf/ed=1/rs=AN8SPfr39kpnjEk8RPDsCJO3PU1TdQ454Q/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.ro.WLhdcdtw5Dc.O/am=DAY/d=1/rs=AN8SPfrwNikkmsciTrEhavekzytjbk-ITA/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f10.1e100.net

Software

sffe /

Resource Hash

50255a4c0376458ed8ab68b184e1a72708cd763cdbb1f5de98e873ce7759e59d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

content-encoding: gzip
age: 20932
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
x-content-type-options: nosniff
expires: Wed, 03 Dec 2025 18:52:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 18:52:54 GMT
last-modified: Mon, 02 Dec 2024 22:10:31 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="rosetta"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
accept-ranges: bytes
access-control-allow-origin: *
content-length: 75175
x-xss-protection: 0
server: sffe

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 44ms
15ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FS9KBD02MV&gtm=45je4bk0v896731441za200&_p=1733272906692&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485&cid=131470036.1733272907&ul=se-se&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1733272906&sct=1&seg=0&dl=https%3A%2F%2Frefb.org%2F&dt=Redwood%20Empire%20Food%20Bank&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2204
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FS9KBD02MV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://refb.org
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 00:41:46 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 306 KB
104 KB 28ms
25ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3MXD5JNQ3T&l=dataLayer&cx=c&gtm=45je4bk0v896731441za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FS9KBD02MV

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

4e09ea8f5a22fed32024d8956232fd4a813892499c319c8e561fc0612a672e3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 04 Dec 2024 00:41:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 00:41:46 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 106055
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK pattern-light.png
cdn.firespring.com/designs/013063_10788/images/ 31 KB
32 KB 40ms
40ms Image
image/png 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.firespring.com/designs/013063_10788/images/pattern-light.png

Requested by

Host: cdn.firespring.com
URL: https://cdn.firespring.com/designs/013063_10788/css/design.1733272877.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a4506784688eef9181af1d00b31ea717e6386eafb55e5efa597f445a5a11485b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

ETag: "8effed640b5b634f1dd0e6a824e0bd75"
x-amz-version-id: WyBAeS73Bp.m2D.JzRfviedyFov4l5Hl
Age: 538469
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: YRmPsqjMo14r9L8ELWO1vpu8A4VTvRlWgEPQQxG5x-vnCGaRpc8SBg==
Date: Wed, 27 Nov 2024 19:07:18 GMT
Content-Type: image/png
Last-Modified: Wed, 17 Jan 2024 19:37:36 GMT
x-amz-id-2: bVKh0el/pis4m3DyLjkBPyDrS43/3EVCoKQWsvc61cBiu+BvIOTA14ycTGwkU8gvmVk3ikWUiNY=
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Cache-Control: max-age=86400
Connection: keep-alive
Referrer-Policy: no-referrer
Via: 1.1 888b6b44a57f755881c4b0f069225010.cloudfront.net (CloudFront)
x-amz-request-id: FB7EMDAZ63QFVK95
Accept-Ranges: bytes
Content-Length: 31739
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA56-P11
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK pattern.png
cdn.firespring.com/designs/013063_10788/images/ 102 KB
103 KB 22ms
22ms Image
image/png 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.firespring.com/designs/013063_10788/images/pattern.png

Requested by

Host: cdn.firespring.com
URL: https://cdn.firespring.com/designs/013063_10788/css/design.1733272877.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

9b777f388466ed45f703dc3b008a3120717fd280ce1a558622dde56e5056d01f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

ETag: "e9cbefe7d083b13e97001ba6a5d8fefd"
x-amz-version-id: VGlTkwt4TGs7XHovYHa527xDElMF.lqG
Age: 129899
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: DdBEta7ktmaS_tcmjBWmih-7ilWsG39PNWkMAD7vom1O-FlbIwEocA==
Date: Mon, 02 Dec 2024 12:36:48 GMT
Content-Type: image/png
Last-Modified: Wed, 17 Jan 2024 19:37:36 GMT
x-amz-id-2: jCxdnW/HdSaE7vPFqOCCs4EiFCkTnI3nb4V9I7DdhygGxdl3/GT+YVNqOiKftllTNp29yiZ8wTM=
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Cache-Control: max-age=86400
Connection: keep-alive
Referrer-Policy: no-referrer
Via: 1.1 93f1c701362eb59a676baaac7ea81bd8.cloudfront.net (CloudFront)
x-amz-request-id: QGRJGPDZ1WC0B1PJ
Accept-Ranges: bytes
Content-Length: 104895
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA56-P11
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v29/ 37 KB
37 KB 47ms
16ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://refb.org
Referer: https://fonts.googleapis.com/

Response headers

age: 36013
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 03 Dec 2025 14:41:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 14:41:33 GMT
last-modified: Wed, 06 Nov 2024 17:30:37 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 37828
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK fa-solid-900.woff2
cdn.firespring.com/core/v2/fonts/font-awesome/ 153 KB
153 KB 49ms
22ms Font
application/font-woff2 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.firespring.com/core/v2/fonts/font-awesome/fa-solid-900.woff2

Requested by

Host: cdn.firespring.com
URL: https://cdn.firespring.com/core/v2/css/stylesheet.1733272877.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

ae17c16afbea216707b2203ea1cf9bdb45b9bfe47d0f4ae3258ddbc6294dd02f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://refb.org
Referer

Response headers

Age: 1389490
x-content-type-options: nosniff
Expires: Tue, 17 Dec 2024 22:43:36 GMT
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: hTtBC2u9tjqjyo9WhqM05crDIIfm6WHThYe-w-mygOXcmin4sCE8tQ==
Date: Sun, 17 Nov 2024 22:43:36 GMT
Content-Type: application/font-woff2
Last-Modified: Wed, 13 Nov 2024 19:09:42 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
Cache-Control: max-age=2592000
Connection: keep-alive
referrer-policy: no-referrer
Via: 1.1 1332d04637e8e8783a277613082f94d8.cloudfront.net (CloudFront)
Accept-Ranges: bytes
access-control-allow-origin: *
Content-Length: 156400
x-xss-protection: 1; mode=block
X-Amz-Cf-Pop: FRA56-P11
Server: Apache

GET
H/1.1 200
OK fa-brands-400.woff2
cdn.firespring.com/core/v2/fonts/font-awesome/ 115 KB
116 KB 50ms
23ms Font
application/font-woff2 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.firespring.com/core/v2/fonts/font-awesome/fa-brands-400.woff2

Requested by

Host: cdn.firespring.com
URL: https://cdn.firespring.com/core/v2/css/stylesheet.1733272877.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

232c6f6a7678304f9efaa26f30b1610debc2ba9f4cd636b5e6751c8d73761b92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://refb.org
Referer

Response headers

Age: 1332237
x-content-type-options: nosniff
Expires: Wed, 18 Dec 2024 14:37:49 GMT
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: fDE9fPtP3bljelMlJmmF6Fkf54rEJQC1gd45hLPpbeWcZGIHlrDtpw==
Date: Mon, 18 Nov 2024 14:37:49 GMT
Content-Type: application/font-woff2
Last-Modified: Wed, 13 Nov 2024 19:09:42 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
Cache-Control: max-age=2592000
Connection: keep-alive
referrer-policy: no-referrer
Via: 1.1 9a614f9e49eb2bcefba1d54afaaf7f80.cloudfront.net (CloudFront)
Accept-Ranges: bytes
access-control-allow-origin: *
Content-Length: 117852
x-xss-protection: 1; mode=block
X-Amz-Cf-Pop: FRA56-P11
Server: Apache

GET
H/1.1 200
OK d90e2764-8ab0-4232-ba08-0bf90e8d7b1c.jpg
cdn.firespring.com/images/ 59 KB
60 KB 28ms
25ms Image
image/webp 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.firespring.com/images/d90e2764-8ab0-4232-ba08-0bf90e8d7b1c.jpg

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

a03c445fc37151714495aa2b7010f8118a62e4b80b0705c0bf9aaf923c52ec81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

Age: 38382
x-content-type-options: nosniff
Expires: Wed, 04 Dec 2024 14:02:04 GMT
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: LlxcMNraSaE1wlvR4RR28PJd5fPW2-YN7wG-qMgeO_L6VEHqwcxpLw==
Date: Tue, 03 Dec 2024 14:02:04 GMT
Content-Type: image/webp
Vary: Accept
Content-Disposition: inline; filename="mother and son doing homework.jpg.webp"
x-frame-options: SAMEORIGIN
Transfer-Encoding: chunked
strict-transport-security: max-age=31536000; includeSubDomains; preload
Cache-Control: must-revalidate, max-age=86400
Connection: keep-alive
content-transfer-encoding: binary
referrer-policy: no-referrer
Via: 1.1 93f1c701362eb59a676baaac7ea81bd8.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
X-Amz-Cf-Pop: FRA56-P11
Server: Apache

GET
H/1.1 200
OK 48c8fcba-002a-4448-ae23-b6768d49781d.jpg
cdn.firespring.com/images/ 44 KB
45 KB 13ms
12ms Image
image/webp 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.firespring.com/images/48c8fcba-002a-4448-ae23-b6768d49781d.jpg

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

3684295595d28c8d9e233b11953db591407b55581ed390d81e285586d8e6d50c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

Age: 38382
x-content-type-options: nosniff
Expires: Wed, 04 Dec 2024 14:02:04 GMT
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: mR9Nr3eq_gZGCfC17sRLMaQaN2na2GXWVW6EzqUMXlf6W0fvYzS0aA==
Date: Tue, 03 Dec 2024 14:02:04 GMT
Content-Type: image/webp
Vary: Accept
Content-Disposition: inline; filename="senior with groceries.jpg.webp"
x-frame-options: SAMEORIGIN
Transfer-Encoding: chunked
strict-transport-security: max-age=31536000; includeSubDomains; preload
Cache-Control: must-revalidate, max-age=86400
Connection: keep-alive
content-transfer-encoding: binary
referrer-policy: no-referrer
Via: 1.1 888b6b44a57f755881c4b0f069225010.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
X-Amz-Cf-Pop: FRA56-P11
Server: Apache

GET
H2 200 sitesearch360-v13.min.js Show response
cdn.sitesearch360.com/v13/ 222 KB
68 KB 76ms
30ms Script
application/javascript 104.18.9.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sitesearch360.com/v13/sitesearch360-v13.min.js
Requested by: Host: refb.org
URL: https://refb.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.146 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd7f8bfdffe5f7fcab8a0658f2f64a42aee60a884094bd373a530f1a437d1400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

cache-control: public, max-age=2678400
content-encoding: gzip
cf-cache-status: HIT
etag: "3788c-5ee9c406b53b4-gzip"
age: 82182
cf-ray: 8ec7c0b43babdbe0-FRA
expires: Sat, 04 Jan 2025 00:41:46 GMT
access-control-allow-origin: *
date: Wed, 04 Dec 2024 00:41:46 GMT
content-type: application/javascript
last-modified: Tue, 29 Nov 2022 13:49:06 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2

200

loader.js Show response
wisepops.net/
Redirect Chain

https://loader.wisepops.com/get-loader.js?v=1&site=xmBqhzvX8f
https://wisepops.net/loader.js?v=1&site=xmBqhzvX8f

95 KB
32 KB

735ms
586ms

Script
text/javascript

172.67.75.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wisepops.net/loader.js?v=1&site=xmBqhzvX8f
Requested by: Host: refb.org
URL: https://refb.org/
Protocol: H2
Server: 172.67.75.153 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ce84849d28529710ecb0c94f8ea6fb303274579f4a27e1491be0703711f7d74

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xkvX7peCy%2FR%2FGeuSCKWhkmrXuzOXallGoRY8wOAgmhJD%2BvdgPqaZZTFSpSRXHXpto1HZ5n1VtByY2nfmgi%2FdTtrOV7GYc%2FDR6nv64TeuFdx%2BpApM1ILE69hC3hXflw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: OPTIONS, POST, GET
server-timing: cfL4;desc="?proto=TCP&rtt=6192&min_rtt=5953&rtt_var=1085&sent=9&recv=13&lost=0&retrans=0&sent_bytes=4013&recv_bytes=2236&delivery_rate=674331&cwnd=254&unsent_bytes=0&cid=fd751c754fd3b894&ts=704&x=0"
date: Wed, 04 Dec 2024 00:41:47 GMT
content-type: text/javascript
last-modified: Wed, 04 Dec 2024 00:41:47 GMT
vary: Accept-Encoding
access-control-allow-headers: *
cache-control: public, max-age=1800, s-maxage=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ec7c0b678295c02-FRA
access-control-allow-origin: *
server: cloudflare

Redirect headers

cache-control: max-age=3600
location: https://wisepops.net/loader.js?v=1&site=xmBqhzvX8f
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TeyBk3N5KpRsJOqB%2BaJ%2B1WvYLyhPgpxVZeGO2DSnklbrp8Y7tirLLkims%2BW66NBFa5qyhJ0kssgEbDrkU4yt%2FSJJ39Z2xaVoVeBOJb6OX29O8rqVeTInQd8xhtXjEdGpSpySBcU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ec7c0b43d67d233-FRA
expires: Wed, 04 Dec 2024 01:41:46 GMT
content-length: 167
date: Wed, 04 Dec 2024 00:41:46 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare

POST
H3 200 collect
www.google.com/ccm/ 0
0 188ms
41ms Ping
text/plain 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Frefb.org%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=45735455.1733272907&auid=1361804968.1733272907&npa=1&gtm=45be4bk0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485&tft=1733272906938&tfd=2338&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-346109100
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4c30/ Frame 89B3 0
0 18ms
8ms Document
text/html 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4c30/sw_iframe.html?origin=https%3A%2F%2Frefb.org

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-346109100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 15413
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Tue, 03 Dec 2024 20:24:54 GMT
expires: Wed, 03 Dec 2025 20:24:54 GMT
last-modified: Tue, 03 Dec 2024 10:18:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET c2e585fd-ded4-497c-b069-ad80df68fed7
https://refb.org/ Frame 0
0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 21ms
20ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3MXD5JNQ3T&gtm=45je4bk0v868642540za200zb896731441&_p=1733272906692&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485&cid=131470036.1733272907&ul=se-se&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1733272907&sct=1&seg=0&dl=https%3A%2F%2Frefb.org%2F&dt=Redwood%20Empire%20Food%20Bank&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2651
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3MXD5JNQ3T&l=dataLayer&cx=c&gtm=45je4bk0v896731441za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://refb.org
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 00:41:47 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 form-af8d1ecde2947c2491fbb744e17f6653.js Show response
dk98ddgl0znzm.cloudfront.net/ 13 KB
5 KB 100ms
11ms Script
application/javascript 65.9.66.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk98ddgl0znzm.cloudfront.net/form-af8d1ecde2947c2491fbb744e17f6653.js
Requested by: Host: embed.e2ma.net
URL: https://embed.e2ma.net/e2ma.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1932da1682d444e6101f31f7e54079b63b5d4821eddf7acff9326b614b245332

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

content-encoding: gzip
x-amz-version-id: ShAWl5PeBAzoGuGvN6LktpYK5OAGXjv3
etag: W/"af8d1ecde2947c2491fbb744e17f6653"
age: 5704188
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 6_p96GcApNKsGqp1fnD22tmgz8YQ-OJxbDno3dPD0OISHSrIhRT3qw==
date: Sun, 29 Sep 2024 00:12:00 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 07 Feb 2020 16:09:43 GMT
cache-control: max-age=63072000
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 204 session Show response
insights.sitesearch360.com/insights/ 0
35 B 152ms
47ms XHR
text/plain 104.18.9.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insights.sitesearch360.com/insights/session?version=13.3
Requested by: Host: cdn.sitesearch360.com
URL: https://cdn.sitesearch360.com/v13/sitesearch360-v13.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.146 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://refb.org/

Response headers

access-control-allow-headers: *
cf-cache-status: DYNAMIC
allow-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cf-ray: 8ec7c0b78ffa0493-FRA
access-control-allow-origin: *
date: Wed, 04 Dec 2024 00:41:47 GMT
server: cloudflare
allow-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT

POST
H2 204 session Show response
insights.sitesearch360.com/insights/ 0
239 B 150ms
47ms XHR
text/plain 104.18.9.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insights.sitesearch360.com/insights/session?version=13.3
Requested by: Host: cdn.sitesearch360.com
URL: https://cdn.sitesearch360.com/v13/sitesearch360-v13.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.146 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://refb.org/

Response headers

access-control-allow-headers: *
cf-cache-status: DYNAMIC
allow-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cf-ray: 8ec7c0b78ff90493-FRA
access-control-allow-origin: *
date: Wed, 04 Dec 2024 00:41:47 GMT
server: cloudflare
allow-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT

GET
H2 200 N8z5u5rGwlw
www.youtube.com/embed/ Frame E608 0
0 118ms
70ms Document
text/html 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/N8z5u5rGwlw?wmode=opaque&rel=0&autoplay=0&controls=1

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://refb.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Wed, 04 Dec 2024 00:41:47 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=ro for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK 49aed7f2-ea6e-41cd-8ae2-0cc044e8e0c1.jpg
cdn.firespring.com/images/ 58 KB
59 KB 29ms
28ms Image
image/webp 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.firespring.com/images/49aed7f2-ea6e-41cd-8ae2-0cc044e8e0c1.jpg

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

cf5b6042462efb5af6e84aa58f5d1216b8fcc4041151f1ecb18e3babd4ea6080

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

Age: 15421
x-content-type-options: nosniff
Expires: Wed, 04 Dec 2024 20:24:46 GMT
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: kWyEFRYbSp4p1zJg8Q4Ly0Sh7bYMpXJM68ZzS6JZR9mNd2dIZE0nrQ==
Date: Tue, 03 Dec 2024 20:24:46 GMT
Content-Type: image/webp
Vary: Accept
Content-Disposition: inline; filename="sweater-boy-celery-1000.jpg.webp"
x-frame-options: SAMEORIGIN
Transfer-Encoding: chunked
strict-transport-security: max-age=31536000; includeSubDomains; preload
Cache-Control: must-revalidate, max-age=86400
Connection: keep-alive
content-transfer-encoding: binary
referrer-policy: no-referrer
Via: 1.1 93f1c701362eb59a676baaac7ea81bd8.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
X-Amz-Cf-Pop: FRA56-P11
Server: Apache

GET
H/1.1 200
OK 2be2f7ff-ef6b-4f06-8909-42bfb38c2954.jpg
cdn.firespring.com/images/ 170 KB
171 KB 29ms
28ms Image
image/webp 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.firespring.com/images/2be2f7ff-ef6b-4f06-8909-42bfb38c2954.jpg

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

93a24598aa20095b884a75ad052a4e17d4ec5bb917dd709d6ce3357fa2bcde14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

Age: 38382
x-content-type-options: nosniff
Expires: Wed, 04 Dec 2024 14:02:05 GMT
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: cipdiRdBTS-TU_J9gkfaT1k-TFtDVEOj3_xFGlxI3mpkl-fxs8jluQ==
Date: Tue, 03 Dec 2024 14:02:05 GMT
Content-Type: image/webp
Vary: Accept
Content-Disposition: inline; filename="2023 Impact Report Hero.jpg.webp"
x-frame-options: SAMEORIGIN
Transfer-Encoding: chunked
strict-transport-security: max-age=31536000; includeSubDomains; preload
Cache-Control: must-revalidate, max-age=86400
Connection: keep-alive
content-transfer-encoding: binary
referrer-policy: no-referrer
Via: 1.1 888b6b44a57f755881c4b0f069225010.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
X-Amz-Cf-Pop: FRA56-P11
Server: Apache

GET
H2 200 in.php Show response
analytics.firespring.com/ 131 B
282 B 197ms
195ms Script
text/javascript 104.16.224.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.firespring.com/in.php?site_id=101299712&href=%2F&title=Redwood%20Empire%20Food%20Bank&res=1600x1200&lang=se-SE&tz=Europe%2FStockholm&tc=&ck=1&x=jpct2
Requested by: Host: analytics.firespring.com
URL: https://analytics.firespring.com/js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.224.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d6c2aa0a446364169fba9251e31da41e2f618a09e3cceae2fccd617508e372f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

cache-control: max-age=0, must-revalidate, no-cache, no-store, private
content-encoding: gzip
cf-cache-status: DYNAMIC
cf-ray: 8ec7c0b79deed2bb-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Wed, 04 Dec 2024 00:41:47 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 2 KB
746 B 28ms
26ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter:wght@200;300;400;500;600;700;800;900

Requested by

Host: redwood-empire-food-bank.givecloud.co
URL: https://redwood-empire-food-bank.givecloud.co/v1/widgets.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

ESF /

Resource Hash

8388481607e5b1622155b0ca4a3914725f1ba2a52b57ff2239130c8a183a12b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 04 Dec 2024 00:41:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 00:41:47 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 04 Dec 2024 00:41:47 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H/1.1 200
OK forms.js Show response
emma-content-aggregates-prd.s3.amazonaws.com/account/1922935/ 126 B
527 B 390ms
120ms Script
application/json 54.231.165.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://emma-content-aggregates-prd.s3.amazonaws.com/account/1922935/forms.js
Requested by: Host: embed.e2ma.net
URL: https://embed.e2ma.net/e2ma.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.231.165.169 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 35cd9d8f8d50cce54b63dd0ae6f929f690bc81e8b618952706b1bf12e8e13713

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

x-amz-id-2: RGymEwA/IZaoOprE8Dz61HSbd7JihdlEe+km4MiuxlW4LPXTUpCMaEFsxSBDwIzU64tZDNMVBNw=
ETag: "4e53359f5dd0ae3ddb95ce9028178395"
x-amz-request-id: KNW09AY6VYER8B5K
Accept-Ranges: bytes
Content-Length: 126
Date: Wed, 04 Dec 2024 00:41:48 GMT
Last-Modified: Wed, 30 Jun 2021 14:28:36 GMT
Content-Type: application/json
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 en-us.svg
cdn.gtranslate.net/flags/svg/ 6 KB
2 KB 19ms
19ms Image
image/svg+xml 172.67.68.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gtranslate.net/flags/svg/en-us.svg
Requested by: Host: refb.org
URL: https://refb.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c64c14fa68916dba409ddf0e38ca5dc8bd262b959a5814ecb6667096b35efa5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"639d0089-17c0"
age: 2751982
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NQvFJfWRvvPD%2FAHxoxMcx%2Bw2xvhNzNDmntm%2FttYykifuLEJN92iC8BcPIJ5seekPz5v%2Buij5KFVBVITmV5s5eWVNy7Opzf9D%2BSmHcHmkv%2FX1ML1fF3JiCwr06Wl96WAqMbos7w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ec7c0b9dc38dc9c-FRA
expires: Sun, 02 Nov 2025 04:15:25 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=7405&min_rtt=6138&rtt_var=420&sent=16&recv=22&lost=0&retrans=0&sent_bytes=11488&recv_bytes=2305&delivery_rate=1453022&cwnd=257&unsent_bytes=0&cid=234655fe945e11e7&ts=1107&x=0"
date: Wed, 04 Dec 2024 00:41:47 GMT
content-type: image/svg+xml
last-modified: Fri, 16 Dec 2022 23:34:33 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 ss360-unibox-v13.chunk.27665f6cc18723c8c279.js Show response
cdn.sitesearch360.com/v13/ 49 KB
14 KB 21ms
21ms Script
application/javascript 104.18.9.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sitesearch360.com/v13/ss360-unibox-v13.chunk.27665f6cc18723c8c279.js
Requested by: Host: cdn.sitesearch360.com
URL: https://cdn.sitesearch360.com/v13/sitesearch360-v13.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.146 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62db744adb365b3f34dc423c5a427500b77ecf056b541a87706dad1392e0bf35

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://refb.org
Referer: https://refb.org/

Response headers

cache-control: public, max-age=2678400
content-encoding: gzip
cf-cache-status: HIT
etag: "c25d-5ee9c406ba1d4-gzip"
age: 15411
cf-ray: 8ec7c0b9d90b0493-FRA
expires: Sat, 04 Jan 2025 00:41:47 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13773
date: Wed, 04 Dec 2024 00:41:47 GMT
content-type: application/javascript
last-modified: Tue, 29 Nov 2022 13:49:06 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 ss360-styles-v13.chunk.6ae25745a22b6f76ba5b.js Show response
cdn.sitesearch360.com/v13/ 35 KB
8 KB 20ms
19ms Script
application/javascript 104.18.9.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sitesearch360.com/v13/ss360-styles-v13.chunk.6ae25745a22b6f76ba5b.js
Requested by: Host: cdn.sitesearch360.com
URL: https://cdn.sitesearch360.com/v13/sitesearch360-v13.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.146 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1e4a4968e02c18d03ac98083e3fdfee6a5a2514a59d3e8474b3c5fccdb72313

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://refb.org
Referer: https://refb.org/

Response headers

cache-control: public, max-age=2678400
content-encoding: gzip
cf-cache-status: HIT
etag: "8df4-5ee9c406b8294-gzip"
age: 158720
cf-ray: 8ec7c0b9d90e0493-FRA
expires: Sat, 04 Jan 2025 00:41:47 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8394
date: Wed, 04 Dec 2024 00:41:47 GMT
content-type: application/javascript
last-modified: Tue, 29 Nov 2022 13:49:06 GMT
vary: Accept-Encoding
server: cloudflare

GET
DATA 200
OK truncated
/ 270 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f0e74ef11fded5b721296335b5fe6eb516cfee12091deb90bfd4f35fec3f1c1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4E8F 0
0 Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Content-Type: text/html;charset=UTF-8

GET
H3 200 24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 6 KB
3 KB 39ms
17ms Image
image/svg+xml 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

content-encoding: gzip
age: 129566
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 02 Dec 2025 12:42:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 12:42:21 GMT
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3340
x-xss-protection: 0
server: sffe

GET
H3 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
934 B 33ms
16ms Image
image/png 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

age: 264179
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options: nosniff
expires: Sun, 30 Nov 2025 23:18:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 23:18:48 GMT
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/png
vary: Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
content-length: 910
x-xss-protection: 0
server: sffe

GET
H3 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 33ms
16ms Image
image/png 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=DAY/d=0/rs=AN8SPfrCcgxoBri2FVMQptvuOBiOsolgBw/m=el_main_css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=DAY/d=0/rs=AN8SPfrCcgxoBri2FVMQptvuOBiOsolgBw/m=el_main_css

Response headers

age: 23782
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options: nosniff
expires: Wed, 03 Dec 2025 18:05:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 18:05:25 GMT
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
vary: Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
content-length: 1842
x-xss-protection: 0
server: sffe

POST
H/1.1 200
OK content_image_gallery_items Show response
refb.org/ajax/ 3 KB
2 KB 202ms
198ms XHR
application/json 52.5.5.85
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://refb.org/ajax/content_image_gallery_items?token=AmkW87jNxyEUSu9UingBYkMVa7AiRnm3plwm4cJKmaF03lXvJHEE4pGKr3Z%252Fxnd23jZ%252F7CPE%252BCS8fA%252FVGiEGA2E6NTp7czo5OiJ3ZWJzaXRlSWQiO2k6MTA3ODg7czoxNjoid2Vic2l0ZUNvbnRlbnRJZCI7aTozNTExMTA5NztzOjk6ImFqYXhfdHlwZSI7czoyNzoiY29udGVudF9pbWFnZV9nYWxsZXJ5X2l0ZW1zIjtzOjQ6ImRhdGUiO3M6MTQ6IjIwMjQxMjA0MDA0MTQ1IjtzOjc6ImV4cGlyZXMiO2k6MDt9

Requested by

Host: cdn.firespring.com
URL: https://cdn.firespring.com/core/v2/js/jquery.1733272877.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.5.5.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-5-85.compute-1.amazonaws.com

Software

Apache /

Resource Hash

316c5fa4b045e20e79ae7d2ce447f7076a7201174466e45ce82641600bc24494

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://refb.org/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: */*
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload;
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
expires: Thu, 19 Nov 1981 08:52:00 GMT
content-length: 1091
date: Wed, 04 Dec 2024 00:41:48 GMT
x-xss-protection: 1; mode=block
content-type: application/json
vary: Accept-Encoding
server: Apache

GET
H/1.1 200
OK 705442c5-d216-4cfc-bed7-6b0743b6b82d.jpg
cdn.firespring.com/images/ 76 KB
76 KB 17ms
12ms Image
image/webp 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.firespring.com/images/705442c5-d216-4cfc-bed7-6b0743b6b82d.jpg

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

37ddc63d434ec21d14f778f51ef6016971058ecd79e8f09d106b950948da2dda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

Age: 39396
x-content-type-options: nosniff
Expires: Wed, 04 Dec 2024 13:45:10 GMT
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: eHoMpgjNlZNP3kXDZ56cEAtUzfntFWeTLw6ZF39vpa9zh6MUEYMo6Q==
Date: Tue, 03 Dec 2024 13:45:10 GMT
Content-Type: image/webp
Vary: Accept
Content-Disposition: inline; filename="mother and son doing homework.jpg.webp"
x-frame-options: SAMEORIGIN
Transfer-Encoding: chunked
strict-transport-security: max-age=31536000; includeSubDomains; preload
Cache-Control: must-revalidate, max-age=86400
Connection: keep-alive
content-transfer-encoding: binary
referrer-policy: no-referrer
Via: 1.1 888b6b44a57f755881c4b0f069225010.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
X-Amz-Cf-Pop: FRA56-P11
Server: Apache

GET
H/1.1 200
OK 09c68889-13b6-4666-a8c7-3d87f4e8d333.jpg
cdn.firespring.com/images/ 54 KB
55 KB 17ms
11ms Image
image/webp 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.firespring.com/images/09c68889-13b6-4666-a8c7-3d87f4e8d333.jpg

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

50decce7098bef17e5b1567f936117d4cc7dd0d476c5423e0a4bb268a7c02b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

Age: 39396
x-content-type-options: nosniff
Expires: Wed, 04 Dec 2024 13:45:11 GMT
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: ppwKc4NyDduJfnTsbcAKH1Ta_1itsWIOKsJhuB9V7VasIxN8oLgwuw==
Date: Tue, 03 Dec 2024 13:45:11 GMT
Content-Type: image/webp
Vary: Accept
Content-Disposition: inline; filename="senior with groceries.jpg.webp"
x-frame-options: SAMEORIGIN
Transfer-Encoding: chunked
strict-transport-security: max-age=31536000; includeSubDomains; preload
Cache-Control: must-revalidate, max-age=86400
Connection: keep-alive
content-transfer-encoding: binary
referrer-policy: no-referrer
Via: 1.1 93f1c701362eb59a676baaac7ea81bd8.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
X-Amz-Cf-Pop: FRA56-P11
Server: Apache

GET
H/1.1 200
OK ac0088ca-5dcc-48c4-9915-77035073de2b.jpg
cdn.firespring.com/images/ 213 KB
214 KB 17ms
11ms Image
image/webp 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.firespring.com/images/ac0088ca-5dcc-48c4-9915-77035073de2b.jpg

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

0f522619f4e6a9910a4ebeea654f5bd051c7f02dd91ce4898d6332539bcf5c6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

Age: 39396
x-content-type-options: nosniff
Expires: Wed, 04 Dec 2024 13:45:11 GMT
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: _dapbHwrCT1s_Qe2XKM0vUeKKZaIXo0x7_pXz1A4fp7sLti2Py_7yA==
Date: Tue, 03 Dec 2024 13:45:11 GMT
Content-Type: image/webp
Vary: Accept
Content-Disposition: inline; filename="2023 Impact Report Hero.jpg.webp"
x-frame-options: SAMEORIGIN
Transfer-Encoding: chunked
strict-transport-security: max-age=31536000; includeSubDomains; preload
Cache-Control: must-revalidate, max-age=86400
Connection: keep-alive
content-transfer-encoding: binary
referrer-policy: no-referrer
Via: 1.1 e4f83d72be7853fbcceb590827a5b68a.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
X-Amz-Cf-Pop: FRA56-P11
Server: Apache

GET
H/1.1 200
OK 49aed7f2-ea6e-41cd-8ae2-0cc044e8e0c1.jpg
cdn.firespring.com/images/ 58 KB
0 13ms
13ms Image
image/webp 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.firespring.com/images/49aed7f2-ea6e-41cd-8ae2-0cc044e8e0c1.jpg

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

cf5b6042462efb5af6e84aa58f5d1216b8fcc4041151f1ecb18e3babd4ea6080

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

Age: 15421
x-content-type-options: nosniff
Expires: Wed, 04 Dec 2024 20:24:46 GMT
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: kWyEFRYbSp4p1zJg8Q4Ly0Sh7bYMpXJM68ZzS6JZR9mNd2dIZE0nrQ==
Date: Tue, 03 Dec 2024 20:24:46 GMT
Content-Type: image/webp
Vary: Accept
Content-Disposition: inline; filename="sweater-boy-celery-1000.jpg.webp"
x-frame-options: SAMEORIGIN
Cache-Control: must-revalidate, max-age=86400
content-transfer-encoding: binary
referrer-policy: no-referrer
Via: 1.1 93f1c701362eb59a676baaac7ea81bd8.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
X-Amz-Cf-Pop: FRA56-P11
Server: Apache

GET
H/1.1 200
OK 0ea2f230-1cb4-49df-b695-37e670e9aa12.jpg
cdn.firespring.com/images/ 345 KB
345 KB 15ms
7ms Image
image/webp 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.firespring.com/images/0ea2f230-1cb4-49df-b695-37e670e9aa12.jpg

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

08d204103ce29a0c1becbf57c9ca86eae48a2d075088a1fcbee93002953235d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

Age: 15420
x-content-type-options: nosniff
Expires: Wed, 04 Dec 2024 20:24:47 GMT
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: 3LK5VinI8XxMXGsQr7xJYVNrIXVBgRP8pfNCF0thrULYV243BEZzrw==
Date: Tue, 03 Dec 2024 20:24:47 GMT
Content-Type: image/webp
Vary: Accept
Content-Disposition: inline; filename="programs-map.jpg.webp"
x-frame-options: SAMEORIGIN
Transfer-Encoding: chunked
strict-transport-security: max-age=31536000; includeSubDomains; preload
Cache-Control: must-revalidate, max-age=86400
Connection: keep-alive
content-transfer-encoding: binary
referrer-policy: no-referrer
Via: 1.1 39cfa117a3536e9c0afd90708900b558.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
X-Amz-Cf-Pop: FRA56-P11
Server: Apache

GET
H/1.1 200
OK 05660165-3f79-4d81-a021-551f236e21bb.jpg
cdn.firespring.com/images/ 263 KB
263 KB 46ms
37ms Image
image/webp 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.firespring.com/images/05660165-3f79-4d81-a021-551f236e21bb.jpg

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

fe662c7af89b86d5286d5240689ce8845d7931e1a800e229183beb580863113d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

Age: 39395
x-content-type-options: nosniff
Expires: Wed, 04 Dec 2024 13:45:11 GMT
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: gBUBVNVenwT3oIcgeAihWR-KY1GGsGdbkHC4jrHeDmWsGvdmgpTqlg==
Date: Tue, 03 Dec 2024 13:45:11 GMT
Content-Type: image/webp
Vary: Accept
Content-Disposition: inline; filename="engine one.jpg.webp"
x-frame-options: SAMEORIGIN
Transfer-Encoding: chunked
strict-transport-security: max-age=31536000; includeSubDomains; preload
Cache-Control: must-revalidate, max-age=86400
Connection: keep-alive
content-transfer-encoding: binary
referrer-policy: no-referrer
Via: 1.1 1332d04637e8e8783a277613082f94d8.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
X-Amz-Cf-Pop: FRA56-P11
Server: Apache

GET
H/1.1 200
OK b846cd4a-f37b-48a7-a7fb-f65f2475c34c.jpg
cdn.firespring.com/images/ 121 KB
122 KB 60ms
34ms Image
image/webp 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.firespring.com/images/b846cd4a-f37b-48a7-a7fb-f65f2475c34c.jpg

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

43ff665b98ca93cc9dc6fafde6c375f9d6a6413c142dce02f0a3b0582a7629d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

Age: 39396
x-content-type-options: nosniff
Expires: Wed, 04 Dec 2024 13:45:11 GMT
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: 9e9v6lHJ5qSOAsd4Qs_TvV2WvjTrlymVw_sripMYKRrP4m-Acq8Vrg==
Date: Tue, 03 Dec 2024 13:45:11 GMT
Content-Type: image/webp
Vary: Accept
Content-Disposition: inline; filename="Vegetables-1000.jpg.webp"
x-frame-options: SAMEORIGIN
Transfer-Encoding: chunked
strict-transport-security: max-age=31536000; includeSubDomains; preload
Cache-Control: must-revalidate, max-age=86400
Connection: keep-alive
content-transfer-encoding: binary
referrer-policy: no-referrer
Via: 1.1 93f1c701362eb59a676baaac7ea81bd8.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
X-Amz-Cf-Pop: FRA56-P11
Server: Apache

GET
H3 200 UcCO3FwrK3iLTeHuS_nVMrMxCp50SjIw2boKoduKmMEVuLyfAZ9hiA.woff2
fonts.gstatic.com/s/inter/v18/ 23 KB
23 KB 43ms
42ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v18/UcCO3FwrK3iLTeHuS_nVMrMxCp50SjIw2boKoduKmMEVuLyfAZ9hiA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:wght@200;300;400;500;600;700;800;900

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

dd05e326cf8eac3b55acecf29c842ed73e6e6dd06491cf47f7e8800680ab3e33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://refb.org
Referer: https://fonts.googleapis.com/

Response headers

age: 49318
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 03 Dec 2025 10:59:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 10:59:50 GMT
last-modified: Mon, 29 Jul 2024 22:45:22 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23692
x-xss-protection: 0
server: sffe

POST
H2 200 id Show response
wisepops.net/ 139 B
753 B 137ms
102ms Fetch
application/json 172.67.75.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wisepops.net/id?h=xmBqhzvX8f&vid=&eid=
Requested by: Host: loader.wisepops.com
URL: https://loader.wisepops.com/get-loader.js?v=1&site=xmBqhzvX8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.153 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37aa0653c9d00cb2c2ac0c207f78f204df1dd2ff1ddc1e957e8d76bd02652d32

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://refb.org/

Response headers

access-control-max-age: 86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ru75uo4XbT5jrhAlD0jqg2G2Pa76ERK7dXZ5FwiBABHLbxy%2FUefq%2FMprgg9kqGPG1sKhAaw0u8IwheY0qacrLAe4NluQxfOh34w4rbFSRXM6QEJpUXZbESs38R%2FWng%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: OPTIONS, POST, GET
cf-ray: 8ec7c0bc28e33813-FRA
access-control-allow-origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=6425&min_rtt=6160&rtt_var=1127&sent=9&recv=14&lost=0&retrans=0&sent_bytes=4013&recv_bytes=2414&delivery_rate=664432&cwnd=246&unsent_bytes=0&cid=f99debc21f7b2d18&ts=116&x=0"
date: Wed, 04 Dec 2024 00:41:48 GMT
content-type: application/json
server: cloudflare
access-control-allow-headers: *

GET
H/1.1 200
OK c985164b-9db7-4c95-8136-5919f0f260ad.jpg
cdn.firespring.com/images/ 59 KB
60 KB 19ms
14ms Image
image/webp 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.firespring.com/images/c985164b-9db7-4c95-8136-5919f0f260ad.jpg

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

c6fc04cd3a90574e03544ec8a55f753120398cf078173638eeb0f49d0ccb4392

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

Age: 39396
x-content-type-options: nosniff
Expires: Wed, 04 Dec 2024 13:45:12 GMT
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: m0ucfpzTEE8C0YME0n4DrQXoD-UOaVirUazepVJIIsQjuRvoaEjohQ==
Date: Tue, 03 Dec 2024 13:45:12 GMT
Content-Type: image/webp
Vary: Accept
Content-Disposition: inline; filename="Mother and son with food.jpg.webp"
x-frame-options: SAMEORIGIN
Transfer-Encoding: chunked
strict-transport-security: max-age=31536000; includeSubDomains; preload
Cache-Control: must-revalidate, max-age=86400
Connection: keep-alive
content-transfer-encoding: binary
referrer-policy: no-referrer
Via: 1.1 888b6b44a57f755881c4b0f069225010.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
X-Amz-Cf-Pop: FRA56-P11
Server: Apache

GET
H/1.1 200
OK c3494e51-ad8f-415a-98b1-e502be8952ca.jpg
cdn.firespring.com/images/ 84 KB
85 KB 18ms
13ms Image
image/webp 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.firespring.com/images/c3494e51-ad8f-415a-98b1-e502be8952ca.jpg

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

8fb203c88f2e3b5d8a0f5a7ef6df8276a37b11d8de8d672e7779aa5a914e31e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

Age: 39396
x-content-type-options: nosniff
Expires: Wed, 04 Dec 2024 13:45:12 GMT
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: E9eQ128oxMh2EpNhnGxZKOYvK0U2nu9_-R8qlber43XwZKNBEd_SsQ==
Date: Tue, 03 Dec 2024 13:45:12 GMT
Content-Type: image/webp
Vary: Accept
Content-Disposition: inline; filename="volunteer with apples.jpg.webp"
x-frame-options: SAMEORIGIN
Transfer-Encoding: chunked
strict-transport-security: max-age=31536000; includeSubDomains; preload
Cache-Control: must-revalidate, max-age=86400
Connection: keep-alive
content-transfer-encoding: binary
referrer-policy: no-referrer
Via: 1.1 11c65b00bf7f76c861a15dcad5558b9c.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
X-Amz-Cf-Pop: FRA56-P11
Server: Apache

GET
H/1.1 200
OK cb48313f-04c0-4e03-8a1a-6ca9fda09123.png
cdn.firespring.com/images/ 57 KB
57 KB 12ms
10ms Image
image/webp 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.firespring.com/images/cb48313f-04c0-4e03-8a1a-6ca9fda09123.png

Requested by

Host: refb.org
URL: https://refb.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

e8bac59d898eaab24656017f54e456ce8a6e5ec322fe7430ad61e5bd6c7be636

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

Age: 39396
x-content-type-options: nosniff
Expires: Wed, 04 Dec 2024 13:45:12 GMT
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: j0bUHPBN63gooLh2q-QUU5ufptkXCacfulRd7bUNy0DpDmoR1urA_A==
Date: Tue, 03 Dec 2024 13:45:12 GMT
Content-Type: image/webp
Vary: Accept
Content-Disposition: inline; filename="Donated Food.png.webp"
x-frame-options: SAMEORIGIN
Transfer-Encoding: chunked
strict-transport-security: max-age=31536000; includeSubDomains; preload
Cache-Control: must-revalidate, max-age=86400
Connection: keep-alive
content-transfer-encoding: binary
referrer-policy: no-referrer
Via: 1.1 93f1c701362eb59a676baaac7ea81bd8.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
X-Amz-Cf-Pop: FRA56-P11
Server: Apache

POST
H2 200 my-wisepop Show response
wisepops.net/ 411 B
974 B 307ms
231ms XHR
application/json 172.67.75.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wisepops.net/my-wisepop
Requested by: Host: loader.wisepops.com
URL: https://loader.wisepops.com/get-loader.js?v=1&site=xmBqhzvX8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.153 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85f06956adeffeabb7d1a3a6a86e6a7a961a77a603dad136b8a7b4e980088349

Request headers

Referer: https://refb.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-max-age: 86400
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l3vXoQxfel1SBmudLQZz827u2ZcuL%2B22Yzs8cl5y7MkhWN2MdicVGJZMUDATgxawexA%2BUHRI2os5GZvMedMErKLq5o%2BxEPjquI%2F5Ulz0h5FGnYfwDY1HZl9k1xV%2BprOadPO5Ew%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: OPTIONS, POST, GET
server-timing: cfL4;desc="?proto=TCP&rtt=1777&min_rtt=1673&rtt_var=117&sent=1975&recv=2549&lost=0&retrans=0&sent_bytes=1214667&recv_bytes=1574185&delivery_rate=3413081&cwnd=257&unsent_bytes=0&cid=a70620be63536f21&ts=245062&x=0", cfL4;desc="?proto=TCP&rtt=6692&min_rtt=6160&rtt_var=1378&sent=14&recv=17&lost=0&retrans=0&sent_bytes=4832&recv_bytes=2678&delivery_rate=664432&cwnd=249&unsent_bytes=0&cid=f99debc21f7b2d18&ts=468&x=0"
date: Wed, 04 Dec 2024 00:41:48 GMT
content-type: application/json
vary: Accept-Encoding
x-cloud-trace-context: 49770c625ad73a8eaccacf50627ed896
access-control-allow-headers: *
cache-control: no-store
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ec7c0bd894d3813-FRA
access-control-allow-origin: *
content-length: 316
server: cloudflare

GET
H2 200 525769.js Show response
cdn.wisepops.com/shared/wisepops/FGEamfZT8CVQcppeKaft/ 268 KB
81 KB 696ms
632ms Script
application/javascript 172.67.74.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.wisepops.com/shared/wisepops/FGEamfZT8CVQcppeKaft/525769.js?v=1733257612000
Requested by: Host: loader.wisepops.com
URL: https://loader.wisepops.com/get-loader.js?v=1&site=xmBqhzvX8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.220 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9d185480bf328bba6181d1230ad159de95547e5bf48fc72f766b864293934e3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: *
x-goog-hash: crc32c=mWDDnw==, md5=YhnooCQlvKbVB23f9+kGXQ==
cf-cache-status: MISS
etag: W/"6219e8a02425bca6d5076ddff7e9065d"
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KxFv6cc9cnHIwX4QmD3h1959UNJvyClMDy2l7JwWOfvdg4TKlWbYDOgXOP5qMZZ45FFkzKLSnzstkYTBWOEeJnrvtn6linaclq9k7J7P7goFC9V5wV1VU1A6io6bkvnpB84%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding: identity
expires: Wed, 04 Dec 2024 01:41:48 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=6834&min_rtt=5916&rtt_var=1489&sent=11&recv=17&lost=0&retrans=0&sent_bytes=4738&recv_bytes=2391&delivery_rate=630049&cwnd=257&unsent_bytes=0&cid=ffa983a85e554e87&ts=2473&x=0"
x-goog-stored-content-length: 274106
date: Wed, 04 Dec 2024 00:41:49 GMT
content-type: application/javascript
last-modified: Tue, 03 Dec 2024 20:26:51 GMT
vary: Accept-Encoding
x-guploader-uploadid: AFiumC4AevxzyAVXwLvNkZpnKPPJ-_idnnBkKKc9vEygJVn8qYiykx4ux7GpngUgU-RpVySPUD0
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class: STANDARD
cf-ray: 8ec7c0bfb930d233-FRA
access-control-allow-origin: *
x-goog-generation: 1733257611179845
server: cloudflare

POST
H2 200 /
activity.wisepops.com/ 0
0 113ms
112ms Fetch 104.26.10.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://activity.wisepops.com/?v=2.1.57&site=xmBqhzvX8f
Requested by: Host: loader.wisepops.com
URL: https://loader.wisepops.com/get-loader.js?v=1&site=xmBqhzvX8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

source: loader
Referer: https://refb.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5bkizhY6CiaeyryWn89lP23ggqFuxttaxIgDSH9Ob0K%2BPJz6Z3EEkUW4TjBYOtrtWwj9jgqyUPLll5GUYcfG0v%2FEisQuHuMCyVE5DLeZsEJ7veqYGczpcbIjOsvc7YSicjwzEjhpbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ec7c0c4accc0487-FRA
access-control-allow-origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=15673&min_rtt=6172&rtt_var=7454&sent=12&recv=16&lost=0&retrans=1&sent_bytes=5292&recv_bytes=2814&delivery_rate=515346&cwnd=254&unsent_bytes=0&cid=1b86d36e63c006a1&ts=263&x=0"
content-length: 0
date: Wed, 04 Dec 2024 00:41:49 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: cloudflare

OPTIONS
H2 200 /
activity.wisepops.com/ Frame 0
0 200ms
126ms Preflight 104.26.10.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://activity.wisepops.com/?v=2.1.57&site=xmBqhzvX8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,source
Access-Control-Request-Method: POST
Origin: https://refb.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type, source
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
cf-cache-status: DYNAMIC
cf-ray: 8ec7c0c3fc950487-FRA
content-length: 0
date: Wed, 04 Dec 2024 00:41:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=58MZ7gVnyX7%2FblklckFR8Uby%2FMYLoa0ketPA%2BvG0%2ByV0jhA4p62IbpphqHDrsUPihyT%2FToRBnzJZKieMUXIfH5DIKZMRNdeCLXEfDuD4LWXMqeX3JHqv6cKgrKNBYQ5HMB%2B7szNDvg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=17030&min_rtt=8068&rtt_var=7344&sent=9&recv=13&lost=0&retrans=1&sent_bytes=4548&recv_bytes=2289&delivery_rate=515346&cwnd=253&unsent_bytes=0&cid=1b86d36e63c006a1&ts=149&x=0"
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 200 css
fonts.googleapis.com/ 5 KB
631 B 20ms
18ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,700

Requested by

Host: cdn.wisepops.com
URL: https://cdn.wisepops.com/shared/wisepops/FGEamfZT8CVQcppeKaft/525769.js?v=1733257612000

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

ESF /

Resource Hash

92df48ae58271b2d3bd2aae9c396549ed647e7df9d833411037bffb22010e31f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 04 Dec 2024 00:41:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 04 Dec 2024 00:41:49 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 03 Dec 2024 23:15:05 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 35af9c7e89b71df562719d8a3af7040e.png
cdn.wisepops.com/shared/images/wisepops/c.57434/ 427 KB
428 KB 511ms
510ms Image
image/png 172.67.74.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.wisepops.com/shared/images/wisepops/c.57434/35af9c7e89b71df562719d8a3af7040e.png
Requested by: Host: refb.org
URL: https://refb.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.220 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ad2694cb0f58d2aff8a2904e48ee2b0fd9215b36bc0415ad4f52ece0af93d28

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: *
x-goog-hash: crc32c=rxz3UQ==, md5=Na+cfom3HfVicZ2KOvcEDg==
cf-cache-status: MISS
etag: "35af9c7e89b71df562719d8a3af7040e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p5RCuZ0picCZUuFZ1sjJJ256JDavSqJqOD16SwRggiE5Xyhy8Jm5V0Ztrgu2zFq79XAjvH%2FdlmaQOjQkbw0wWXsqiuwkGAAbhAn9tROP1qPU9UIybWFSml6wi8dNpufVfi8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding: identity
expires: Wed, 04 Dec 2024 01:41:49 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=10360&min_rtt=5916&rtt_var=1796&sent=84&recv=53&lost=0&retrans=1&sent_bytes=88796&recv_bytes=2555&delivery_rate=3343479&cwnd=257&unsent_bytes=0&cid=ffa983a85e554e87&ts=3195&x=0"
x-goog-stored-content-length: 437224
date: Wed, 04 Dec 2024 00:41:50 GMT
content-type: image/png
last-modified: Tue, 03 Dec 2024 20:26:22 GMT
vary: Accept-Encoding
x-guploader-uploadid: AFiumC5yhiAXFeQkyArvcKcjbcu2aSzT9p2G4p6Nvz3b4KFbeXfvFjNw6d--P0cmsqWz_xid4AdYruZhHA
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class: STANDARD
cf-ray: 8ec7c0c4fe87d233-FRA
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1733257582728992
content-length: 437224
server: cloudflare

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v29/ 37 KB
0 0ms
0ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://refb.org
Referer: https://fonts.googleapis.com/

Response headers

age: 36013
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 03 Dec 2025 14:41:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 14:41:33 GMT
last-modified: Wed, 06 Nov 2024 17:30:37 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 37828
x-xss-protection: 0
server: sffe

POST
H2 200 _.gif
tracking.wisepops.com/ 2 B
591 B 177ms
161ms Ping
application/json 172.67.74.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.wisepops.com/_.gif?e=d&p=525769&site=xmBqhzvX8f&url=https%3A%2F%2Frefb.org%2F
Requested by: Host: loader.wisepops.com
URL: https://loader.wisepops.com/get-loader.js?v=1&site=xmBqhzvX8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.220 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

cache-control: no-store
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J2Q1m3B5tH7VZ6ZouVPA%2FW3yctPQyUGyq5U1A%2F2FwqerMUxFWvz0SMcWsKAD5ML1KjjrgSZU%2BXw5oZG4R%2Bb1mEzny9rljQgruj%2FS0UQtFZaH2chBsDiNg7FGjBpWJSIpe0DVerUYxw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ec7c0c9dbeed233-FRA
access-control-allow-origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=8553&min_rtt=5916&rtt_var=87&sent=424&recv=382&lost=0&retrans=2&sent_bytes=529226&recv_bytes=2707&delivery_rate=7927600&cwnd=257&unsent_bytes=0&cid=ffa983a85e554e87&ts=3631&x=0"
content-length: 28
date: Wed, 04 Dec 2024 00:41:50 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
x-cloud-trace-context: f2932d6d5bd561c98372597ec79b6335

GET
H/1.1 200
OK daab4c61-3a38-4490-a901-35e49ff30a48
cdn.firespring.com/images/ 15 KB
4 KB 9ms
8ms Other
image/x-icon 18.244.18.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.firespring.com/images/daab4c61-3a38-4490-a901-35e49ff30a48

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

0e775d96ce6a9d75084a0e59800b97a824743f572c61a6806d1c68e8178f0eab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://refb.org/

Response headers

Content-Encoding: gzip
Age: 7180
x-content-type-options: nosniff
Expires: Wed, 04 Dec 2024 22:42:10 GMT
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: oSaJVGpCCeLnIZ2ebe9uy4jjbcnlbx94ZmzRmt2yWWqh_29WLnR3UQ==
Date: Tue, 03 Dec 2024 22:42:10 GMT
Content-Type: image/x-icon
Vary: Accept,Accept-Encoding
Content-Disposition: inline; filename="favicon.ico"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
Cache-Control: must-revalidate, max-age=86400
Connection: keep-alive
content-transfer-encoding: binary
referrer-policy: no-referrer
Via: 1.1 39cfa117a3536e9c0afd90708900b558.cloudfront.net (CloudFront)
Content-Length: 3616
x-xss-protection: 1; mode=block
X-Amz-Cf-Pop: FRA56-P11
Server: Apache

POST
H2 200 /
activity.wisepops.com/ 0
0 113ms
111ms Fetch 104.26.10.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://activity.wisepops.com/?v=2.1.57&site=xmBqhzvX8f
Requested by: Host: loader.wisepops.com
URL: https://loader.wisepops.com/get-loader.js?v=1&site=xmBqhzvX8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

source: loader
Referer: https://refb.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3C011yf7abS%2BQo05gkRiV%2FRIZtqo0GrDG0hB9z%2F2J2aPxnZABqDE%2BhPjgJMl4UCUrauO12ds%2BNtKIfAdH9IHRTzyDoPJnWiOHg%2BHKIFJvse1u7myqmDPJC%2BL49e3pWRaLZ3x2%2FApZg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ec7c0d0b9f30487-FRA
access-control-allow-origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=17821&min_rtt=6082&rtt_var=13247&sent=17&recv=21&lost=0&retrans=1&sent_bytes=6181&recv_bytes=3683&delivery_rate=515346&cwnd=256&unsent_bytes=0&cid=1b86d36e63c006a1&ts=2186&x=0"
content-length: 0
date: Wed, 04 Dec 2024 00:41:51 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: cloudflare

OPTIONS
H2 200 /
activity.wisepops.com/ Frame 0
0 107ms
105ms Preflight 104.26.10.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://activity.wisepops.com/?v=2.1.57&site=xmBqhzvX8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,source
Access-Control-Request-Method: POST
Origin: https://refb.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type, source
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
cf-cache-status: DYNAMIC
cf-ray: 8ec7c0d009b80487-FRA
content-length: 0
date: Wed, 04 Dec 2024 00:41:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MyVm6wl%2F%2Fc8x5bmngOPPBIaIL5D%2BnTb5egnTH8iQBPicTr5EhWvH9L%2FPIgvSrcOLLDStmE7Pdu6WbkGS0BbHEOYm3zVUQaT0NO6S94JzoR0iG1NoY5gwPpJMYQn%2FSkvtA2IafC0Xyg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=19499&min_rtt=6172&rtt_var=13241&sent=14&recv=18&lost=0&retrans=1&sent_bytes=5720&recv_bytes=2896&delivery_rate=515346&cwnd=255&unsent_bytes=0&cid=1b86d36e63c006a1&ts=2074&x=0"
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: refb.org
URL: blob:https://refb.org/c2e585fd-ded4-497c-b069-ad80df68fed7

Verdicts & Comments Add Verdict or Comment

118 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
refb.org/	1970-01-21 01:28:07	Name: fdp_session Value: ne3a45s9omfndtsp1sc1apo1pa
.refb.org/	1970-01-21 11:03:52	Name: _ga Value: GA1.1.131470036.1733272907
.refb.org/	1970-01-21 03:37:28	Name: _gcl_au Value: 1.1.1361804968.1733272907
refb.org/	1970-01-21 10:13:28	Name: ssi--sessionId Value: 4f0a86ea-f912-acbe-9444-c294ff553825
refb.org/	1970-01-21 01:27:53	Name: ssi--lastInteraction Value: 1733272907336
refb.org/	1970-01-21 10:13:28	Name: ssi--sessionId--ss360_1 Value: cf6462e9-619c-8c2a-20dc-1c5a9525407e
refb.org/	1970-01-21 01:27:53	Name: ssi--lastInteraction--ss360_1 Value: 1733272907339
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: kWaVU-Ftnb4
.youtube.com/	1970-01-21 05:47:04	Name: VISITOR_INFO1_LIVE Value: j8o7y7ivppA
.youtube.com/	1970-01-21 05:47:04	Name: VISITOR_PRIVACY_METADATA Value: CgJJUhIEGgAgOA%3D%3D
refb.org/	1970-01-21 01:29:19	Name: givecloud_utms Value: {%22http_referer%22:%22%22%2C%22utm_source%22:%22%22%2C%22utm_medium%22:%22%22%2C%22utm_campaign%22:%22%22%2C%22utm_term%22:%22%22%2C%22utm_content%22:%22%22}
.refb.org/	1970-01-21 11:03:52	Name: wisepops_visitor Value: %7B%22xmBqhzvX8f%22%3A%22d72d2163-adaa-485a-aee5-c7dc21f05602%22%7D
.refb.org/	1970-01-21 11:03:52	Name: wisepops_visits Value: %5B%222024-12-04T00%3A41%3A46.867Z%22%5D
.refb.org/	1970-01-21 11:03:52	Name: wisepops Value: %7B%22popups%22%3A%7B%22525769%22%3A%7B%22dc%22%3A1%2C%22d%22%3A1733272910333%7D%7D%2C%22sub%22%3A0%2C%22ucrn%22%3A5%2C%22cid%22%3A%2257434%22%2C%22v%22%3A5%2C%22bandit%22%3A%7B%22recos%22%3A%7B%7D%7D%7D
.refb.org/	1969-12-31 23:59:59	Name: wisepops_session Value: %7B%22arrivalOnSite%22%3A%222024-12-04T00%3A41%3A46.867Z%22%2C%22mtime%22%3A1733272910336%2C%22pageviews%22%3A1%2C%22popups%22%3A%7B%22525769%22%3A0%7D%2C%22bars%22%3A%7B%7D%2C%22sticky%22%3A%7B%7D%2C%22countdowns%22%3A%7B%7D%2C%22src%22%3Anull%2C%22utm%22%3A%7B%7D%2C%22testIp%22%3Anull%7D
.refb.org/	1970-01-21 11:03:52	Name: _ga_FS9KBD02MV Value: GS1.1.1733272906.1.0.1733272910.0.0.0
.refb.org/	1970-01-21 11:03:52	Name: _ga_3MXD5JNQ3T Value: GS1.1.1733272907.1.0.1733272910.0.0.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://signup.e2ma.net/tts_signup/1931774/764e855f5f7be3b5cc0ab5da69852621/1922935/?v=a(Line 15) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https: 'strict-dynamic' 'nonce-46fa9b48a7b34ae590a515140d34495872e918c179cada96aea3c6134b3f217d' 'unsafe-inline' 'unsafe-eval' 'report-sample'". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

activity.wisepops.com
analytics.firespring.com
cdn.firespring.com
cdn.gtranslate.net
cdn.sitesearch360.com
cdn.wisepops.com
dk98ddgl0znzm.cloudfront.net
embed.e2ma.net
emma-content-aggregates-prd.s3.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
insights.sitesearch360.com
loader.wisepops.com
redwood-empire-food-bank.givecloud.co
refb.org
region1.google-analytics.com
signup.e2ma.net
tracking.wisepops.com
translate.google.com
translate.googleapis.com
wisepops.net
www.google.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
refb.org
104.16.224.240
104.18.9.146
104.26.10.19
142.250.184.195
142.250.184.232
142.250.185.131
142.250.185.78
142.250.186.100
142.250.186.106
172.67.22.212
172.67.68.204
172.67.74.220
172.67.75.153
18.244.18.5
216.239.34.36
216.58.206.42
34.203.151.40
52.5.5.85
54.231.165.169
65.9.66.25
08d204103ce29a0c1becbf57c9ca86eae48a2d075088a1fcbee93002953235d4
0d6c2aa0a446364169fba9251e31da41e2f618a09e3cceae2fccd617508e372f
0e775d96ce6a9d75084a0e59800b97a824743f572c61a6806d1c68e8178f0eab
0f522619f4e6a9910a4ebeea654f5bd051c7f02dd91ce4898d6332539bcf5c6d
1932da1682d444e6101f31f7e54079b63b5d4821eddf7acff9326b614b245332
1c64c14fa68916dba409ddf0e38ca5dc8bd262b959a5814ecb6667096b35efa5
21982516c2709d6f0efe58184804044aa685925ae4d550d3d3d1b3a5a49ac390
232c6f6a7678304f9efaa26f30b1610debc2ba9f4cd636b5e6751c8d73761b92
2f0e74ef11fded5b721296335b5fe6eb516cfee12091deb90bfd4f35fec3f1c1
316c5fa4b045e20e79ae7d2ce447f7076a7201174466e45ce82641600bc24494
35cd9d8f8d50cce54b63dd0ae6f929f690bc81e8b618952706b1bf12e8e13713
3684295595d28c8d9e233b11953db591407b55581ed390d81e285586d8e6d50c
370689c31d406bd9a0544097dda11a275247cb914335562692142e98826cf9d8
37aa0653c9d00cb2c2ac0c207f78f204df1dd2ff1ddc1e957e8d76bd02652d32
37ddc63d434ec21d14f778f51ef6016971058ecd79e8f09d106b950948da2dda
43ff665b98ca93cc9dc6fafde6c375f9d6a6413c142dce02f0a3b0582a7629d3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4ce84849d28529710ecb0c94f8ea6fb303274579f4a27e1491be0703711f7d74
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4e09ea8f5a22fed32024d8956232fd4a813892499c319c8e561fc0612a672e3f
50255a4c0376458ed8ab68b184e1a72708cd763cdbb1f5de98e873ce7759e59d
50decce7098bef17e5b1567f936117d4cc7dd0d476c5423e0a4bb268a7c02b6b
5ad2694cb0f58d2aff8a2904e48ee2b0fd9215b36bc0415ad4f52ece0af93d28
5d3e9b2bf8a05e28d204df1cc63cecf3c7c80974024023f71faa6a747dae308a
62db744adb365b3f34dc423c5a427500b77ecf056b541a87706dad1392e0bf35
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
68c6d5fde1ed801f186eecdc5f1d4b01e5d98669acc7671b3ba3c36201b4d52b
6e6b7705b815cac425c8b34117ef8de2c3cec38e853b0094ee6e69018673f5b9
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
8388481607e5b1622155b0ca4a3914725f1ba2a52b57ff2239130c8a183a12b6
85f06956adeffeabb7d1a3a6a86e6a7a961a77a603dad136b8a7b4e980088349
86fe081305a9044886f58677d387aa093ab7e9ee8f7ae9f6f10b0c88532646e2
8fb203c88f2e3b5d8a0f5a7ef6df8276a37b11d8de8d672e7779aa5a914e31e6
92df48ae58271b2d3bd2aae9c396549ed647e7df9d833411037bffb22010e31f
932ec780f217e520e237ac2278f8998176cfe96dda71432d64e9cb38e8f4becf
93a24598aa20095b884a75ad052a4e17d4ec5bb917dd709d6ce3357fa2bcde14
9b777f388466ed45f703dc3b008a3120717fd280ce1a558622dde56e5056d01f
9d124ee9ad6b521c4ead5a81d968865f40057d1b816728257c33942bc618fce6
a03c445fc37151714495aa2b7010f8118a62e4b80b0705c0bf9aaf923c52ec81
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
a4506784688eef9181af1d00b31ea717e6386eafb55e5efa597f445a5a11485b
a797b2961f9cba81764edc5068ad04beed8605997d7fc423f152047ca6078c25
aab005e1e9c3d72739f90a0599a16112cd7713958aa506a36fadfc3030e90083
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
ae17c16afbea216707b2203ea1cf9bdb45b9bfe47d0f4ae3258ddbc6294dd02f
b1e4a4968e02c18d03ac98083e3fdfee6a5a2514a59d3e8474b3c5fccdb72313
ba379f3cae03800268ab7bbdde16c23561decb44a05174be07548680b7e54d59
c6fc04cd3a90574e03544ec8a55f753120398cf078173638eeb0f49d0ccb4392
c763fd08cfad23f2080080f6e863967b026431da17cf580dba4d9531098c7ee1
c9d185480bf328bba6181d1230ad159de95547e5bf48fc72f766b864293934e3
cbff01809407c04ea17a75cfa5bfc9e8e6fcdf63edf6f7a4117efe4ae8bf826f
cf5b6042462efb5af6e84aa58f5d1216b8fcc4041151f1ecb18e3babd4ea6080
cfcab5f6cdf7d7510f7d82c026874dfdaa1ab3e17dbfad1adce009f99ce0a748
d216b122e85aaa922b1e9c2340a16e13592afae5c10b7c0cb123bb6280cbb104
dd05e326cf8eac3b55acecf29c842ed73e6e6dd06491cf47f7e8800680ab3e33
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c39327a00a12fa4043a1dbc421680ae0e67224d7fc529c3f0935164a83dddd
e7840f3fe92ab95556b89225c333a98bcd9313da0d33c1c1a82d145bea5f260e
e8b518d89f64243cf8edeb4d1468b5e44af082a370d0c2007562ad01bf7e2092
e8bac59d898eaab24656017f54e456ce8a6e5ec322fe7430ad61e5bd6c7be636
ef5b34e35bdf1f57d8a7affe1ba1bf166c06a40eb7d474e0d30a40b79267fdd4
fd7f8bfdffe5f7fcab8a0658f2f64a42aee60a884094bd373a530f1a437d1400
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1
fe662c7af89b86d5286d5240689ce8845d7931e1a800e229183beb580863113d

refb.org Open in urlscan Pro 52.5.5.85 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

77 Requests

97 %HTTPS

0 %IPv6

16 Domains

25 Subdomains

22 IPs

2 Countries

4380 kBTransfer

9068 kBSize

17 Cookies

15 Outgoing links

Page URL History

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

refb.org Open in urlscan Pro
52.5.5.85 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

97 %
HTTPS

0 %
IPv6

16
Domains

25
Subdomains

22
IPs

2
Countries

4380 kB
Transfer

9068 kB
Size

17
Cookies

77 HTTP transactions
2 data transactions