shepastaway.org Open in urlscan Pro
192.0.78.223 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://shepastaway.org/
Effective URL:
https://shepastaway.org/
Submission: On September 20 via api (September 20th 2022, 11:31:45 pm UTC) from SG — Scanned from DE

Summary HTTP 62 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 16 domains to perform 62 HTTP transactions. The main IP is 192.0.78.223, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is shepastaway.org.
TLS certificate: Issued by R3 on August 18th 2022. Valid for: 3 months.

This is the only time shepastaway.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	192.0.78.223 192.0.78.223	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	192.0.77.32 192.0.77.32	2635 (AUTOMATTIC) (AUTOMATTIC)
3	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
6	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2600:1f18:243... 2600:1f18:243f:2d00:7fb0:8f4d:7c18:1ddf	14618 (AMAZON-AES) (AMAZON-AES)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	92.123.22.86 92.123.22.86	16625 (AKAMAI-AS) (AKAMAI-AS)
6	151.101.65.21 151.101.65.21	54113 (FASTLY) (FASTLY)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
2	151.101.1.35 151.101.1.35	54113 (FASTLY) (FASTLY)
1	3.234.29.110 3.234.29.110	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
62	22

14 192.0.78.223 (San Francisco, United States) 1 redirects

ASN2635 (AUTOMATTIC, US)

shepastaway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

s0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:243f:2d00:7fb0:8f4d:7c18:1ddf (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

analytics.sitewit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.22.86 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-22-86.deploy.static.akamaitechnologies.com

chimpstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.65.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.234.29.110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-29-110.compute-1.amazonaws.com

connect.sitewit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	shepastaway.org 1 redirects shepastaway.org	437 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 142	221 KB
8	paypal.com www.paypal.com — Cisco Umbrella Rank: 2582 t.paypal.com — Cisco Umbrella Rank: 3344	106 KB
6	gstatic.com fonts.gstatic.com	99 KB
5	wp.com s0.wp.com — Cisco Umbrella Rank: 6662 stats.wp.com — Cisco Umbrella Rank: 2621 pixel.wp.com — Cisco Umbrella Rank: 2436 i0.wp.com — Cisco Umbrella Rank: 2875	116 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	131 KB
3	sitewit.com analytics.sitewit.com — Cisco Umbrella Rank: 48189 connect.sitewit.com — Cisco Umbrella Rank: 80892	22 KB
2	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2268	33 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	388 B
2	google.com adservice.google.com — Cisco Umbrella Rank: 75 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	5 KB
2	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 290	17 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40	2 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 9081	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 857	412 B
1	chimpstatic.com chimpstatic.com — Cisco Umbrella Rank: 4861	1 KB
62	16

	Domain	Requested by
14	shepastaway.org	1 redirects shepastaway.org
6	www.paypal.com	www.paypal.com www.paypalobjects.com
6	fonts.gstatic.com	fonts.googleapis.com
6	pagead2.googlesyndication.com	shepastaway.org pagead2.googlesyndication.com tpc.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	connect.facebook.net	shepastaway.org connect.facebook.net
2	t.paypal.com	shepastaway.org
2	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
2	www.facebook.com	shepastaway.org
2	pixel.wp.com	shepastaway.org
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	ssl.google-analytics.com	shepastaway.org
2	analytics.sitewit.com	shepastaway.org
2	fonts.googleapis.com	shepastaway.org
1	www.google.com	tpc.googlesyndication.com
1	connect.sitewit.com	analytics.sitewit.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	i0.wp.com	shepastaway.org
1	chimpstatic.com	shepastaway.org
1	stats.wp.com	shepastaway.org
1	s0.wp.com	shepastaway.org
62	23

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.youtube.com
www.instagram.com
open.spotify.com
shepastawayofficial.bandcamp.com
vimeo.com
vk.com
twitter.com
soundcloud.com
woocommerce.com

Subject Issuer	Validity	Valid
tls.automattic.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-11` - `2023-07-12`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
analytics.sitewit.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-09-30` - `2022-10-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-30` - `2022-09-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
wildcardsan.us15.list-manage.com DigiCert SHA2 Secure Server CA	`2021-11-19` - `2022-11-19`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-04-12` - `2023-04-12`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-03-04` - `2022-11-23`	9 months	crt.sh
*.sitewit.com Sectigo RSA Domain Validation Secure Server CA	`2022-07-22` - `2023-08-22`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://shepastaway.org/
Frame ID: B5460C5411E38D69E3026F1A660ECC9F
Requests: 52 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20190131/zrt_lookup.html
Frame ID: 400C04ABCAD86652F1A4C5175DE1FA33
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1918114966255733&output=html&adk=1812271804&adf=3025194257&lmt=1663716699&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fshepastaway.org%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663716699530&bpp=4&bdt=1109&idt=157&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7870592613627&frm=20&pv=2&ga_vid=1096413903.1663716700&ga_sid=1663716700&ga_hid=972865186&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069632%2C44760911%2C31067826%2C31068919&oid=2&pvsid=464925742384568&tmod=474309934&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=172
Frame ID: FC5B6EB3498A55422A4B8A5F76BEE440
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 05DDF5E54502BB486C528F8058F2A760
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A40485E2E2F3077FF5FCFC50EDA266F4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 47ECA359BC917DDECFA8D4C3C953E1E0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

She Past Away Official Website

Page URL History Show full URLs

http://shepastaway.org/ HTTP 301
https://shepastaway.org/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+s\d+\.wp\.com
/wp-(?:content|includes)/

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

MailChimp (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

chimpstatic\.com/mcjs-connected

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

62
Requests

100 %
HTTPS

57 %
IPv6

16
Domains

23
Subdomains

22
IPs

3
Countries

1194 kB
Transfer

3646 kB
Size

21
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/events/198088425760339/
Title: https://www.facebook.com/events/198088425760339/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/redirect?event=backstage_event&redir_token=QUFFLUhqblFJMzhFa0VjdmRUc1VnR3A4Z05TbHhwMmtSd3xBQ3Jtc0tuRzlxcnVsVVF0Q0xCOFhEQjdpZGdZOWxIZ3k0VGM5Uk9vVTJQUkNsYm0yU0pCLXhtNVpqS1JxeFJDRkk5ZlhNekhhWVlheXI1WFRrZ2preDVzazd1Z3BIbVFUYUR1YWhhRWpUdEZBVTQwVlJmMDZtYw&q=https%3A%2F%2Fvivapsycho.com
Title: https://vivapsycho.com

Search URL Search Domain Scan URL

URL: https://www.facebook.com/shepastaway/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/shepastaway_official/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://open.spotify.com/artist/6paE8ghTau4qwwNzVRSgjR
Title: Spotify

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/shepastaway
Title: YouTube

Search URL Search Domain Scan URL

URL: https://shepastawayofficial.bandcamp.com/
Title: Bandcamp

Search URL Search Domain Scan URL

URL: https://vimeo.com/ondemand/closingin
Title: Vimeo

Search URL Search Domain Scan URL

URL: https://vk.com/shepastaway_official
Title: VK

Search URL Search Domain Scan URL

URL: https://twitter.com/shepastaway_ofl
Title: Twitter

Search URL Search Domain Scan URL

URL: https://soundcloud.com/shepastaway
Title: SoundCloud

Search URL Search Domain Scan URL

URL: https://woocommerce.com/
Title: Built with Storefront & WooCommerce

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://shepastaway.org/ HTTP 301
https://shepastaway.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

62 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
shepastaway.org/
Redirect Chain

http://shepastaway.org/
https://shepastaway.org/

145 KB
43 KB

505ms
489ms

Document
text/html

192.0.78.223
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://shepastaway.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.223 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

67a3488875985a3f9c8afc4290b59661156f47b9be0df5d150129243e161c151

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 20 Sep 2022 23:31:38 GMT
host-header: WordPress.com
link: <https://shepastaway.org/wp-json/>; rel="https://api.w.org/" <https://wp.me/9np3v>; rel=shortlink
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding Cookie
x-ac: 2.hhn _atomic_ams
x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Tue, 20 Sep 2022 23:31:37 GMT
Location: https://shepastaway.org/
Server: nginx
X-ac: 2.hhn _atomic_ams

GET
H2 200 webfont.js Show response
shepastaway.org/wp-content/mu-plugins/wpcomsh/vendor/automattic/custom-fonts/js/ 12 KB
5 KB 174ms
173ms Script
application/javascript 192.0.78.223
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://shepastaway.org/wp-content/mu-plugins/wpcomsh/vendor/automattic/custom-fonts/js/webfont.js

Requested by

Host: shepastaway.org
URL: https://shepastaway.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.223 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2711b037e078e306e59765e9fc22d9f86867eb26af8c6af72d864a1c52bed8ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shepastaway.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 20 Sep 2022 11:31:22 GMT
server: nginx
etag: W/"6329a48a-30cd"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
date: Tue, 20 Sep 2022 23:31:38 GMT
x-ac: 2.hhn _atomic_ams
expires: Tue, 27 Sep 2022 23:31:38 GMT

GET
H2 200 wp-emoji-release.min.js Show response
shepastaway.org/wp-includes/js/ 18 KB
5 KB 173ms
173ms Script
application/javascript 192.0.78.223
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://shepastaway.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2

Requested by

Host: shepastaway.org
URL: https://shepastaway.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.223 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shepastaway.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
server: nginx
etag: W/"62551487-48b9"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
date: Tue, 20 Sep 2022 23:31:38 GMT
x-ac: 2.hhn _atomic_ams
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 /
shepastaway.org/_static/ 1 MB
149 KB 373ms
373ms Stylesheet
text/css 192.0.78.223
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://shepastaway.org/_static/??-eJydVEGO2zAM/FC1yqJogB6KXhboA/oCWWIcbmRREKl1/fvKsZ11HNh1czMpznBIjdxGZSkIBNHR5xoD63eQaOxFN+SyB9YYThhQQLFN5P0Udy+W+Uv7iK9zCStIta4yeqcrT/aiPFbJpE6zdB6eg8oZmlWoNx1lUXVCd98Dg/XZlTneWTfg0IAvNAU5D2KBQ1IeamO7lwbDP9HlbB7PMUtpLZGlpoFkQfebNTXcJdV1TB5nbu0Yqw8IjhKrzZU9S75JamlEOWQZ1qmmnHpdoq73wqWMEpxSSWrDDFJouPQ1DJ/3OnZfMjRZ3eaJRTmf9TC8NlmoMSJotcAfGXauWnQ1yDDD0GbM9DV7zVX6RAqlgrdNeVvGzQtvEIs6CBZL8IvejHOd/j2IGbi9EeBVJcsXZk2izOA1txiLDasc3LqeVfR4oKbEXgJBD07VxnvoX9l6tJfQ4wVWlvrolZ1lS0thKX3w0SZsUrn4nz3FMdjtof/aQsZyzWTReHXVfhf8l4j5k599r4n5JFEnIun9ZdKcb9P9M/SZGojl/3KtMba8P7CCFJ7higkthlqJqfoFPcGQ4AOh3Q+d7mR2jX3pz+bH6/H49fD92+F4+Aucu7o3

Requested by

Host: shepastaway.org
URL: https://shepastaway.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.223 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

87887bb3cd1a17bee83330437e5f626de9e37161093db1c442b54193f76b66c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shepastaway.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 13 Sep 2022 18:51:00 GMT
server: nginx
x-page-optimize: uncached
etag: W/"89b557560bd38707563fa3b0c7b6126d"
vary: Accept-Encoding
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
date: Tue, 20 Sep 2022 23:31:38 GMT
x-ac: 2.hhn _atomic_ams
host-header: WordPress.com

GET
H2 200 dashicons.min.css
shepastaway.org/wp-includes/css/ 58 KB
34 KB 181ms
179ms Stylesheet
text/css 192.0.78.223
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://shepastaway.org/wp-includes/css/dashicons.min.css?ver=6.0.2

Requested by

Host: shepastaway.org
URL: https://shepastaway.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.223 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shepastaway.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 03 Mar 2021 21:16:22 GMT
server: nginx
etag: W/"603ffca6-e688"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
date: Tue, 20 Sep 2022 23:31:38 GMT
x-ac: 2.hhn _atomic_ams
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 58ms
23ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C300%2C300italic%2C400italic%2C600%2C700%2C900&subset=latin%2Clatin-ext&ver=4.1.3

Requested by

Host: shepastaway.org
URL: https://shepastaway.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a3c9ffafe89199c7863aa836c96d530976ab318eaef1182730eb15cfb1d6f57c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://shepastaway.org/
Origin: https://shepastaway.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Sep 2022 21:33:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 20 Sep 2022 23:31:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Sep 2022 23:31:38 GMT

GET
H2 200 masterbar.css
shepastaway.org/wp-content/mu-plugins/wpcomsh/vendor/automattic/wc-calypso-bridge/store-on-wpcom/assets/css/ 728 B
505 B 176ms
175ms Stylesheet
text/css 192.0.78.223
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://shepastaway.org/wp-content/mu-plugins/wpcomsh/vendor/automattic/wc-calypso-bridge/store-on-wpcom/assets/css/masterbar.css?ver=1.9.3

Requested by

Host: shepastaway.org
URL: https://shepastaway.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.223 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c5964852604fae6fb0997a80858f9f2ee0cb6159896741625306a3a9654d9f78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shepastaway.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 31 Aug 2022 15:22:56 GMT
server: nginx
etag: W/"630f7cd0-2d8"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
date: Tue, 20 Sep 2022 23:31:38 GMT
x-ac: 2.hhn _atomic_ams
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
shepastaway.org/wp-includes/js/jquery/ 87 KB
31 KB 183ms
182ms Script
application/javascript 192.0.78.223
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://shepastaway.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: shepastaway.org
URL: https://shepastaway.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.223 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shepastaway.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: nginx
etag: W/"6048e0ac-15db1"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
date: Tue, 20 Sep 2022 23:31:38 GMT
x-ac: 2.hhn _atomic_ams
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
shepastaway.org/_static/ 14 KB
5 KB 179ms
177ms Script
application/javascript 192.0.78.223
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://shepastaway.org/_static/??wp-includes/js/jquery/jquery-migrate.min.js,wp-content/plugins/jetpack/_inc/build/tiled-gallery/tiled-gallery/tiled-gallery.min.js?m=1638896208

Requested by

Host: shepastaway.org
URL: https://shepastaway.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.223 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

89c5314e12d29bf3bc413ae55b71d08b57919695674b14aed3c4ef8670ed2b2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shepastaway.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 07 Dec 2021 16:56:48 GMT
server: nginx
x-page-optimize: uncached
etag: W/"b8765a7782472af02a67683cabbb586f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
date: Tue, 20 Sep 2022 23:31:38 GMT
x-ac: 2.hhn _atomic_ams
host-header: WordPress.com

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 177 KB
61 KB 94ms
39ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1918114966255733

Requested by

Host: shepastaway.org
URL: https://shepastaway.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9164a9df326768d314927b7e8bb9d99c0e49a6cac4e45ee366f7c9c6abec952a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shepastaway.org/
Origin: https://shepastaway.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 23:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61607
x-xss-protection: 0
server: cafe
etag: 14001203960403844037
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 20 Sep 2022 23:31:38 GMT

GET
H2 200 bilmur.min.js Show response
s0.wp.com/wp-content/js/ 6 KB
2 KB 31ms
7ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/js/bilmur.min.js?m=202238
Requested by: Host: shepastaway.org
URL: https://shepastaway.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 9e038ad8d6f4e0982fc74aa17e251982a487d9e7326ab37ae739d146236593b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shepastaway.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 20 Sep 2022 23:31:38 GMT
content-encoding: br
server: nginx
etag: W/"6246db7c-16da"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-ac: 2.hhn _dca
timing-allow-origin: *
expires: Tue, 19 Sep 2023 00:00:00 GMT

GET
H2 200 / Show response
shepastaway.org/_static/ 33 KB
11 KB 335ms
334ms Script
application/javascript 192.0.78.223
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://shepastaway.org/_static/??-eJydj8FOwzAMhl+I1EWIShwmzjwAZ5Q62eY0sUvsquztGV2ncYCJcfL/2/4/2fPoUNgiG4x52hErpGijxwHeiBH6iXIA4i0xWXSKVXI++0NTiJukd/OfKONeTHgtV6IofRYcFAKpQbo0nGcq3khuT2ba7a2Xj1+CswhKKbFiBK8aTb/S6X2K9eAWxESrbRb7+nLlgZ9p27qsBfAhOBOHvtrNkKTHRRkoHlVzUv8/5Nt4hTyXzX3XPbRPj23XfgKC9c2l

Requested by

Host: shepastaway.org
URL: https://shepastaway.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.223 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b2221cde526f83af39e2e2728ddc7d34c5cf5f9414a2ede4b79f90173ff992d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shepastaway.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 13 Sep 2022 18:51:00 GMT
server: nginx
x-page-optimize: uncached
etag: W/"61e134c64890a20bdd6ef2fae8d4743a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
date: Tue, 20 Sep 2022 23:31:38 GMT
x-ac: 2.hhn _atomic_ams
host-header: WordPress.com

GET
H2 200 cart-fragments.min.js Show response
shepastaway.org/wp-content/plugins/woocommerce/assets/js/frontend/ 3 KB
1 KB 174ms
173ms Script
application/javascript 192.0.78.223
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://shepastaway.org/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.9.3

Requested by

Host: shepastaway.org
URL: https://shepastaway.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.223 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shepastaway.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 23 Nov 2021 22:30:14 GMT
server: nginx
etag: W/"619d6b76-b7a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
date: Tue, 20 Sep 2022 23:31:38 GMT
x-ac: 2.hhn _atomic_ams
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
shepastaway.org/_static/ 271 KB
74 KB 188ms
188ms Script
application/javascript 192.0.78.223
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://shepastaway.org/_static/??-eJytUVtOxDAMvBDZLAIq8YE4yspN3dYliaPYabWcnhS6oggQWokvSzPOPJwlGcdRMapNvgwUxS7MjkPA7NAkOCfw6wh1RWzgrngUm5JLpi2qHC2IYKUmsR/AYZKb5btsAPJupJBMz9nsTGwqrSe3CnzufAnxzh8C/SY9oSZwL/ZE0dUQ5DvrIHMR9BfOXIAfZHTEUDuJcsY+V3BXKcJMAyjVWn/7b/M0Y+w4WyjKAVTXblsKD69nQwGG6teRqKWqlAXd6mC4Fcwz5v+32QFXlN9/0ojQYV7PqFeesGeuHbdHz+Hptmnujo/Hh+b+DWls9Qc=

Requested by

Host: shepastaway.org
URL: https://shepastaway.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.223 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6ccf4118f763cff85f98f427e100914df47d44b6a0f2e8d49c64e4274fa7a456

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shepastaway.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 13 Sep 2022 17:36:04 GMT
server: nginx
x-page-optimize: uncached
etag: W/"2424bfd5797c77af5451100eec58a6d8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
date: Tue, 20 Sep 2022 23:31:38 GMT
x-ac: 2.hhn _atomic_ams
host-header: WordPress.com

GET
H2 200 e-202238.js Show response
stats.wp.com/ 9 KB
3 KB 30ms
6ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202238.js
Requested by: Host: shepastaway.org
URL: https://shepastaway.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shepastaway.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nc: HIT hhn
date: Tue, 20 Sep 2022 23:31:39 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 21:05:18 GMT

GET
H3 200 css
fonts.googleapis.com/ 3 KB
634 B 62ms
26ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Domine:r,i,b,bi%7CEB+Garamond:r&subset=latin,latin-ext,latin,latin-ext

Requested by

Host: shepastaway.org
URL: https://shepastaway.org/wp-content/mu-plugins/wpcomsh/vendor/automattic/custom-fonts/js/webfont.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9b956e819f28b97a44d99d603e01f7af11865c79143cc521eeaf326bcde8302a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shepastaway.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Sep 2022 23:31:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 20 Sep 2022 23:31:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Sep 2022 23:31:38 GMT

GET
H2 200 L0x8DFMnlVwD4h3hu_qn.woff2
fonts.gstatic.com/s/domine/v19/ 27 KB
28 KB 59ms
14ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/domine/v19/L0x8DFMnlVwD4h3hu_qn.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Domine:r,i,b,bi%7CEB+Garamond:r&subset=latin,latin-ext,latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fbcf6cd136ae3bfc98aecbbc0f0b1f348c05d96390d63a89cdc323a6dda70c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shepastaway.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 04:24:08 GMT
x-content-type-options: nosniff
age: 155250
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27624
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:06:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 04:24:08 GMT

GET
H2 200 SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-6_RkBI9_.woff2
fonts.gstatic.com/s/ebgaramond/v26/ 20 KB
20 KB 74ms
28ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ebgaramond/v26/SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-6_RkBI9_.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Domine:r,i,b,bi%7CEB+Garamond:r&subset=latin,latin-ext,latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

142d7e873b9d8d550b53e6e55bac7a11ed1f2c0aa5e2d49966cde5ce3c00faec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shepastaway.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 23:06:18 GMT
x-content-type-options: nosniff
age: 87920
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20512
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:16:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 23:06:18 GMT

GET
H2 200 sw.js Show response
analytics.sitewit.com/v3/67591910/ 20 KB
21 KB 352ms
93ms Script
text/javascript 2600:1f18:243f:2d00:7fb0:8f4d:7c18:1ddf
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.sitewit.com/v3/67591910/sw.js
Requested by: Host: shepastaway.org
URL: https://shepastaway.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:243f:2d00:7fb0:8f4d:7c18:1ddf Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ebbabd1c9e58528c02c1b51ffe29a4995f208d065840206f4e5ef6ef76087ebb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shepastaway.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 23:31:39 GMT
cache-control: private,no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
content-type: text/javascript; charset=utf-8
content-length: 20640
p3p: CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 25ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: shepastaway.org
URL: https://shepastaway.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shepastaway.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26839
x-xss-protection: 0
pragma: public
x-fb-debug: e49AyxX4Ho24GGTxC9O5NfZc7O11hoClrO/Tlu07fJUhLaWH87peu79vVycVyrVgoVVAt3tjBoMYbRVroAkR/Q==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 20 Sep 2022 23:31:39 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 69ms
23ms Script
text/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: shepastaway.org
URL: https://shepastaway.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shepastaway.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6035
date: Tue, 20 Sep 2022 21:51:04 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Tue, 20 Sep 2022 23:51:04 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 41ms
13ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C300%2C300italic%2C400italic%2C600%2C700%2C900&subset=latin%2Clatin-ext&ver=4.1.3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shepastaway.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 19:26:22 GMT
x-content-type-options: nosniff
age: 533117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 19:26:22 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ 346 KB
122 KB 73ms
44ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1918114966255733&plah=shepastaway.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1918114966255733

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b7648f196516186e81f7018f420992e92cda2acc994e50ab669492380a5999c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shepastaway.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 23:31:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124742
x-xss-protection: 0
server: cafe
etag: 15069143614511573104
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 20 Sep 2022 23:31:39 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220915/r20190131/ Frame 400C 10 KB
5 KB 57ms
13ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220915/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1918114966255733

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shepastaway.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 12019
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 20:11:20 GMT
etag: 9671129459699598864
expires: Tue, 04 Oct 2022 20:11:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fa-solid-900.woff2
shepastaway.org/wp-content/themes/storefront/assets/fonts/ 78 KB
78 KB 700ms
699ms Font
application/font-woff2 192.0.78.223
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://shepastaway.org/wp-content/themes/storefront/assets/fonts/fa-solid-900.woff2

Requested by

Host: shepastaway.org
URL: https://shepastaway.org/_static/??-eJydVEGO2zAM/FC1yqJogB6KXhboA/oCWWIcbmRREKl1/fvKsZ11HNh1czMpznBIjdxGZSkIBNHR5xoD63eQaOxFN+SyB9YYThhQQLFN5P0Udy+W+Uv7iK9zCStIta4yeqcrT/aiPFbJpE6zdB6eg8oZmlWoNx1lUXVCd98Dg/XZlTneWTfg0IAvNAU5D2KBQ1IeamO7lwbDP9HlbB7PMUtpLZGlpoFkQfebNTXcJdV1TB5nbu0Yqw8IjhKrzZU9S75JamlEOWQZ1qmmnHpdoq73wqWMEpxSSWrDDFJouPQ1DJ/3OnZfMjRZ3eaJRTmf9TC8NlmoMSJotcAfGXauWnQ1yDDD0GbM9DV7zVX6RAqlgrdNeVvGzQtvEIs6CBZL8IvejHOd/j2IGbi9EeBVJcsXZk2izOA1txiLDasc3LqeVfR4oKbEXgJBD07VxnvoX9l6tJfQ4wVWlvrolZ1lS0thKX3w0SZsUrn4nz3FMdjtof/aQsZyzWTReHXVfhf8l4j5k599r4n5JFEnIun9ZdKcb9P9M/SZGojl/3KtMba8P7CCFJ7higkthlqJqfoFPcGQ4AOh3Q+d7mR2jX3pz+bH6/H49fD92+F4+Aucu7o3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.223 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://shepastaway.org/_static/??-eJydVEGO2zAM/FC1yqJogB6KXhboA/oCWWIcbmRREKl1/fvKsZ11HNh1czMpznBIjdxGZSkIBNHR5xoD63eQaOxFN+SyB9YYThhQQLFN5P0Udy+W+Uv7iK9zCStIta4yeqcrT/aiPFbJpE6zdB6eg8oZmlWoNx1lUXVCd98Dg/XZlTneWTfg0IAvNAU5D2KBQ1IeamO7lwbDP9HlbB7PMUtpLZGlpoFkQfebNTXcJdV1TB5nbu0Yqw8IjhKrzZU9S75JamlEOWQZ1qmmnHpdoq73wqWMEpxSSWrDDFJouPQ1DJ/3OnZfMjRZ3eaJRTmf9TC8NlmoMSJotcAfGXauWnQ1yDDD0GbM9DV7zVX6RAqlgrdNeVvGzQtvEIs6CBZL8IvejHOd/j2IGbi9EeBVJcsXZk2izOA1txiLDasc3LqeVfR4oKbEXgJBD07VxnvoX9l6tJfQ4wVWlvrolZ1lS0thKX3w0SZsUrn4nz3FMdjtof/aQsZyzWTReHXVfhf8l4j5k599r4n5JFEnIun9ZdKcb9P9M/SZGojl/3KtMba8P7CCFJ7higkthlqJqfoFPcGQ4AOh3Q+d7mR2jX3pz+bH6/H49fD92+F4+Aucu7o3
Origin: https://shepastaway.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 23:31:40 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Tue, 15 Dec 2020 22:33:38 GMT
server: nginx
etag: "5fd939c2-13654"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 79444
expires: Tue, 27 Sep 2022 23:31:39 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C300%2C300italic%2C400italic%2C600%2C700%2C900&subset=latin%2Clatin-ext&ver=4.1.3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shepastaway.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 19:26:22 GMT
x-content-type-options: nosniff
age: 533117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 19:26:22 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C300%2C300italic%2C400italic%2C600%2C700%2C900&subset=latin%2Clatin-ext&ver=4.1.3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shepastaway.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 08:45:28 GMT
x-content-type-options: nosniff
age: 53171
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12956
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:54:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Sep 2023 08:45:28 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK d22495a98bba93186b25e26d8.js Show response
chimpstatic.com/mcjs-connected/js/users/312a7deeddf0cb0a5ca23b533/ 2 KB
1 KB 353ms
144ms Script
application/javascript 92.123.22.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://chimpstatic.com/mcjs-connected/js/users/312a7deeddf0cb0a5ca23b533/d22495a98bba93186b25e26d8.js
Requested by: Host: shepastaway.org
URL: https://shepastaway.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.22.86 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-22-86.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9e7eb0c036a4aa626811ae4868c6398a8253d4daaaf679da8f5cbb4b32aecbbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shepastaway.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency: 115, 106, 420
Date: Tue, 20 Sep 2022 23:31:39 GMT
Content-Encoding: gzip
x-amz-request-id: ZPPFPSDZ9JCPR7YE
X-EdgeConnect-MidMile-RTT: 10, 10, 10
Connection: keep-alive
Content-Length: 653
x-amz-id-2: 7U358vPHwEQ1jn/cn/wuZtYTRNO5GgYGyHsY1Q6zP+AN3u1ncyvnkpewNHJXUw54AJzX/8MSwPE=
Last-Modified: Fri, 02 Oct 2020 12:55:36 GMT
Server: AmazonS3
ETag: "4b60d3ea13c42468679685c32a1680ac"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1794
Accept-Ranges: bytes
Expires: Wed, 21 Sep 2022 00:01:33 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C300%2C300italic%2C400italic%2C600%2C700%2C900&subset=latin%2Clatin-ext&ver=4.1.3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shepastaway.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 08:45:42 GMT
x-content-type-options: nosniff
age: 53157
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Sep 2023 08:45:42 GMT

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 19ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.83

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shepastaway.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20715
x-xss-protection: 0
pragma: public
x-fb-debug: R+wUXhFpPWgGXoVBSOQQG74bkGFBJf4eqhHR+bikg7ce158Iij3oCFZg7vyuxds5wBSw02HgfiY+/89oklWV8g==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 20 Sep 2022 23:31:39 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 311878493581685 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 64ms
53ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/311878493581685?v=2.9.83&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1bc09cb344cf7f57e07951403ee40970dc4f93d6e514d3a3da0973892022e126

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shepastaway.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: WUEjLtn4VXtU0AIbVQy1hwkPAXbMWNvFNm9Jp7RzIuhzwcxiksVpTl0+3wE8H/mCwWz8n7FEwhHXDXS26reiEg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 20 Sep 2022 23:31:39 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
54 B 49ms
21ms Image
image/gif 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=31097422&utmhn=shepastaway.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=She%20Past%20Away%20Official%20Website&utmhid=972865186&utmr=-&utmp=%2F&utmht=1663716699644&utmac=UA-171453016-1&utmcc=__utma%3D124838984.1096413903.1663716700.1663716700.1663716700.1%3B%2B__utmz%3D124838984.1663716700.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=523495364&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: shepastaway.org
URL: https://shepastaway.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shepastaway.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 23:31:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 20ms
6ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A11.4-a.3&blog=138564885&post=0&tz=2&srv=shepastaway.org&hp=atomic&ac=2&amp=0&host=shepastaway.org&ref=&fcp=1692&rand=0.9858363576005362
Requested by: Host: shepastaway.org
URL: https://shepastaway.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shepastaway.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 20 Sep 2022 23:31:39 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 js Show response
www.paypal.com/sdk/ 315 KB
95 KB 117ms
12ms Script
application/javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=ATW5IwJePXMzO2aU3R5M1F6kX2S2_L6G5Bx4QSVhy9bbAOL-KajsjqHQggx_f-y86mEl2EcqLLhcal60&currency=EUR&integration-date=2022-04-13&components=buttons,funding-eligibility&vault=false&commit=false&intent=capture&disable-funding=card&enable-funding=venmo,paylater

Requested by

Host:
URL: webpack-internal:///536

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

abd4997d93fafd773489552f39b8dca9e995cca6748c4a66f98c6def1eb41f2e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-X4IjQrWK+u1gt0H1l/cqit8kj2J9BxAV7xZO8NeDu6i3hcHo' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-X4IjQrWK+u1gt0H1l/cqit8kj2J9BxAV7xZO8NeDu6i3hcHo' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shepastaway.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-X4IjQrWK+u1gt0H1l/cqit8kj2J9BxAV7xZO8NeDu6i3hcHo' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-X4IjQrWK+u1gt0H1l/cqit8kj2J9BxAV7xZO8NeDu6i3hcHo' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
age: 9573
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
p3p: true
paypal-debug-id: f2095960493aa
server-timing: "traceparent;desc="00-0000000000000000000f2095960493aa-b9a0a3fb1774c03e-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 95656
x-xss-protection: 1; mode=block
x-served-by: cache-hhn11537-HHN, cache-fra19121-FRA
traceparent: 00-0000000000000000000f2095960493aa-7f0e3a7e8e3b9c8b-01
x-timer: S1663716700.761407,VS0,VE5
x-frame-options: SAMEORIGIN
date: Tue, 20 Sep 2022 23:31:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
etag: W/"175a8-lNS432vfnYzlp5BxF97/YUvIwPg"
accept-ranges: bytes
x-cache-hits: 2, 0

POST
H2 200 / Show response
shepastaway.org/ 712 B
520 B 415ms
414ms XHR
application/json 192.0.78.223
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://shepastaway.org/?wc-ajax=get_refreshed_fragments

Requested by

Host: shepastaway.org
URL: https://shepastaway.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.223 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a5a158f829228bea657cbf364dccde690f3379634e78a26a0a2bed4e8f08362d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://shepastaway.org/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
server: nginx
date: Tue, 20 Sep 2022 23:31:40 GMT
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://shepastaway.org
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 2.hhn _atomic_ams
host-header: WordPress.com
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 PLV22-SHE-PAST-AWAY-SQ.jpg
i0.wp.com/shepastaway.org/wp-content/uploads/2022/04/ 110 KB
111 KB 29ms
7ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/shepastaway.org/wp-content/uploads/2022/04/PLV22-SHE-PAST-AWAY-SQ.jpg?resize=1024%2C1024&ssl=1

Requested by

Host: shepastaway.org
URL: https://shepastaway.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

b1d86b993110ded35954e97c656b62777a70fcf01f86946336fc81615283e7a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shepastaway.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 20 Sep 2022 23:31:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 10 Apr 2022 18:58:29 GMT
server: nginx
etag: "411b4610c3824120"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://shepastaway.org/wp-content/uploads/2022/04/PLV22-SHE-PAST-AWAY-SQ.jpg>; rel="canonical"
content-length: 113116
expires: Wed, 10 Apr 2024 06:58:29 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 219 B
412 B 23ms
22ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=shepastaway.org&callback=_gfp_s_&client=ca-pub-1918114966255733

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1918114966255733&plah=shepastaway.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43d93e46a9f2b2dfdd277a06c47db078675b8f43b7f09592dd5e92051af20621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shepastaway.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 23:31:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 87ms
25ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=shepastaway.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shepastaway.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Sep 2022 23:31:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 81ms
23ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=shepastaway.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shepastaway.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Sep 2022 23:31:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FC5B 603 B
68 B 63ms
34ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1918114966255733&output=html&adk=1812271804&adf=3025194257&lmt=1663716699&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fshepastaway.org%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663716699530&bpp=4&bdt=1109&idt=157&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7870592613627&frm=20&pv=2&ga_vid=1096413903.1663716700&ga_sid=1663716700&ga_hid=972865186&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069632%2C44760911%2C31067826%2C31068919&oid=2&pvsid=464925742384568&tmod=474309934&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=172

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shepastaway.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 23:31:39 GMT
expires: Tue, 20 Sep 2022 23:31:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 26ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=311878493581685&ev=PageView&dl=https%3A%2F%2Fshepastaway.org%2F&rl=&if=false&ts=1663716699715&cd[source]=woocommerce&cd[version]=6.9.3&cd[pluginVersion]=2.6.23&sw=1600&sh=1200&v=2.9.83&r=stable&a=woocommerce-6.9.3-2.6.23&ec=0&o=30&fbp=fb.1.1663716699714.1376142629&it=1663716699600&coo=false&rqm=GET

Requested by

Host: shepastaway.org
URL: https://shepastaway.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shepastaway.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 23:31:39 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Tue, 20 Sep 2022 23:31:39 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 13 KB
6 KB 13ms
13ms Script
application/x-javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=shepastaway.org&t=xo&v=5.0.332&source=payments_sdk&client_id=ATW5IwJePXMzO2aU3R5M1F6kX2S2_L6G5Bx4QSVhy9bbAOL-KajsjqHQggx_f-y86mEl2EcqLLhcal60&comp=buttons,funding-eligibility&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=ATW5IwJePXMzO2aU3R5M1F6kX2S2_L6G5Bx4QSVhy9bbAOL-KajsjqHQggx_f-y86mEl2EcqLLhcal60&currency=EUR&integration-date=2022-04-13&components=buttons,funding-eligibility&vault=false&commit=false&intent=capture&disable-funding=card&enable-funding=venmo,paylater

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c4f40123c25abfe4f929546051cd32136b286e01ff2430f40c1741afdd3b24a4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-gLNPK5hQ5WXNBr+8IonB2MpDH5bNTcQwiqBy541nJ2c8tPCo' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shepastaway.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-gLNPK5hQ5WXNBr+8IonB2MpDH5bNTcQwiqBy541nJ2c8tPCo' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
age: 127280
x-cache: HIT, HIT
paypal-debug-id: f608666eda4c5
server-timing: "traceparent;desc="00-0000000000000000000f608666eda4c5-f2cc928b3975a85e-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 4761
x-xss-protection: 1; mode=block
x-served-by: cache-hhn11577-HHN, cache-fra19121-FRA
traceparent: 00-0000000000000000000f608666eda4c5-696f092f8aeb702c-01
x-timer: S1663716700.805602,VS0,VE3
x-frame-options: SAMEORIGIN
date: Tue, 20 Sep 2022 23:31:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/x-javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
etag: W/"3552-GGVf0exzEd6TsuA9U2SAvMAl0PM"
accept-ranges: bytes
x-cache-hits: 6, 1

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 55 KB
17 KB 70ms
7ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=shepastaway.org&t=xo&v=5.0.332&source=payments_sdk&client_id=ATW5IwJePXMzO2aU3R5M1F6kX2S2_L6G5Bx4QSVhy9bbAOL-KajsjqHQggx_f-y86mEl2EcqLLhcal60&comp=buttons,funding-eligibility&vault=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shepastaway.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 23:31:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: 84840867de170
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 16464
x-served-by: cache-sjc10051-SJC, cache-fra19165-FRA
last-modified: Tue, 03 May 2022 17:28:29 GMT
x-timer: S1663716700.881145,VS0,VE0
etag: W/"6271663d-da91"
strict-transport-security: max-age=31557600
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 1, 123772

GET
H2 200 ts
t.paypal.com/ 42 B
839 B 259ms
169ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AFMX92MCLR9Y26-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AFMX92MCLR9Y26-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=922d538d-8871-4ce8-8ff4-8c9e408c9f10&fltp=analytics&mrid=FMX92MCLR9Y26&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=She%20Past%20Away%20Official%20Website&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1663716699816&g=0&completeurl=https%3A%2F%2Fshepastaway.org%2F

Requested by

Host: shepastaway.org
URL: https://shepastaway.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shepastaway.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 23:31:40 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: ecfc1a2591c7f
x-cache-hits: 0, 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-hhn4029-HHN, cache-fra19128-FRA
pragma: no-cache
traceparent: 00-0000000000000000000ecfc1a2591c7f-5fe82771e554deac-01
x-timer: S1663716700.909196,VS0,VE162
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Sep 2022 23:31:39 GMT

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame 05DD 54 KB
17 KB 7ms
7ms Document
text/html 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://shepastaway.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 16791
content-type: text/html
date: Tue, 20 Sep 2022 23:31:39 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"6271663d-d994"
last-modified: Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id: 50b39f10d2761
strict-transport-security: max-age=31557600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 13, 133975
x-content-type-options: nosniff
x-served-by: cache-sjc10023-SJC, cache-fra19165-FRA
x-timer: S1663716700.898836,VS0,VE0

GET
H2 200 ts
t.paypal.com/ 42 B
511 B 168ms
168ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AFMX92MCLR9Y26-1&page=muse%3Aoffer%3A%3A%3AFMX92MCLR9Y26-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=922d538d-8871-4ce8-8ff4-8c9e408c9f10&es=visitorInfoFlowStarted&mrid=FMX92MCLR9Y26&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=She%20Past%20Away%20Official%20Website&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1663716699931&g=0&completeurl=https%3A%2F%2Fshepastaway.org%2F

Requested by

Host: shepastaway.org
URL: https://shepastaway.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shepastaway.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 23:31:40 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 9b5640b9b426f
x-cache-hits: 0, 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-hhn11554-HHN, cache-fra19128-FRA
pragma: no-cache
traceparent: 00-00000000000000000009b5640b9b426f-caf8238827aa0c98-01
x-timer: S1663716700.934947,VS0,VE161
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Sep 2022 23:31:40 GMT

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame 05DD 435 B
2 KB 273ms
272ms Fetch
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d74a7d9d8287f93f01eea4806dd935f0cb3ac5f73695516a9b972d459b1854bb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-YHTIAj03LhPmHqus2tpCF2ULUe0wIv7vXGtn6ozulwe/wFrQ' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-YHTIAj03LhPmHqus2tpCF2ULUe0wIv7vXGtn6ozulwe/wFrQ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
x-cache: MISS, MISS
paypal-debug-id: f1323458dc073
date: Tue, 20 Sep 2022 23:31:40 GMT
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4049-HHN, cache-fra19121-FRA
traceparent: 00-0000000000000000000f1323458dc073-5bd5ff13ae0f3aa6-01
x-timer: S1663716700.141505,VS0,VE263
x-frame-options: SAMEORIGIN
etag: W/W/"1b3-iEu0lgXp0XDjTRlQ7fVIQrvx78U"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
content-encoding: br
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0, 0

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 200ms
186ms Preflight 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.paypalobjects.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Tue, 20 Sep 2022 23:31:40 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f1323454e4ce5
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f1323454e4ce5-54af74ca5383a5ee-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-served-by: cache-hhn4021-HHN, cache-fra19162-FRA
x-timer: S1663716700.955456,VS0,VE176

GET
H2 200 sw_connect.js Show response
connect.sitewit.com/js/67591910/ 23 B
646 B 333ms
96ms Script
text/javascript 3.234.29.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.sitewit.com/js/67591910/sw_connect.js?&ns=sw
Requested by: Host: analytics.sitewit.com
URL: https://analytics.sitewit.com/v3/67591910/sw.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.29.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-29-110.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: c71b243fedf9d5386f4b0d649991e7612c2f6405b13ffad130553f05b692f194

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shepastaway.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 23:31:40 GMT
cache-control: private
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
content-type: text/javascript; charset=utf-8
content-length: 23
p3p: CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"

GET
H2 200 cq_blank.gif
analytics.sitewit.com/images/ 35 B
625 B 96ms
96ms Image
image/gif 2600:1f18:243f:2d00:7fb0:8f4d:7c18:1ddf
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.sitewit.com/images/cq_blank.gif?_sw_id=67591910&_sw_uid=40958579-4f2a-4358-b7b9-6412e67dfaea&_sw_fp=9a2e9789b26d33e837ab5805cceb71ee30e0f0c3&_sw_pl=306&_sw_pc=3&_sw_dat=MXxzaGVwYXN0YXdheS5vcmd8aHR0cHM6Ly9zaGVwYXN0YXdheS5vcmcvfGVuLVVTfDE2MDB8MTIwMHwyNHxDaHJvbWUvMTA1LjAuNTE5NS4xMjV8eDY0fDF8MHwxfDB8LXx8LXwtfC18MmEwMDpjOTg6MjAzMDphMDA0OjE6OjV8MA==&to=942
Requested by: Host: shepastaway.org
URL: https://shepastaway.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:243f:2d00:7fb0:8f4d:7c18:1ddf Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shepastaway.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 23:31:39 GMT
last-modified: Thu, 24 Jun 2010 20:21:15 GMT
server: Microsoft-IIS/10.0
etag: "9f8deacbda13cb1:0"
p3p: CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"
cache-control: no-cache
accept-ranges: bytes
content-type: image/gif
content-length: 35

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 24ms
10ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=311878493581685&ev=Microdata&dl=https%3A%2F%2Fshepastaway.org%2F&rl=&if=false&ts=1663716700223&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22She%20Past%20Away%20Official%20Website%22%2C%22meta%3Adescription%22%3A%22She%20Past%20Away%20is%20dark-wave%20with%20a%20reworked%2080%27s%20sound.%20Signature%20guitar%20sound%20of%20the%20post-punk%20era%2C%20combined%20with%20minimalist%20poetry%20in%20Turkish.%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22She%20Past%20Away%20Official%20Website%22%2C%22og%3Adescription%22%3A%22She%20Past%20Away%20is%20dark-wave%20with%20a%20reworked%2080%27s%20sound.%20Signature%20guitar%20sound%20of%20the%20post-punk%20era%2C%20combined%20with%20minimalist%20poetry%20in%20Turkish.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fshepastaway.org%2F%22%2C%22og%3Asite_name%22%3A%22She%20Past%20Away%20Official%20Website%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fi0.wp.com%2Fshepastaway.org%2Fwp-content%2Fuploads%2F2020%2F03%2Fcropped-logo.jpg%3Ffit%3D512%252C512%26ssl%3D1%22%2C%22og%3Aimage%3Awidth%22%3A%22512%22%2C%22og%3Aimage%3Aheight%22%3A%22512%22%2C%22og%3Aimage%3Aalt%22%3A%22%22%2C%22og%3Alocale%22%3A%22en_US%22%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A0%2C%22w%22%3A0%7D%2C%22properties%22%3A%7B%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22https%3A%2F%2Fschema.org%2FImageGallery%22%7D%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%2F%22%2C%22%40type%22%3A%22BreadcrumbList%22%2C%22itemListElement%22%3A%5B%7B%22%40type%22%3A%22ListItem%22%2C%22position%22%3A1%2C%22item%22%3A%7B%22name%22%3A%22Home%22%2C%22%40id%22%3A%22https%3A%2F%2Fshepastaway.org%22%7D%7D%5D%7D%5D&sw=1600&sh=1200&v=2.9.83&r=stable&a=woocommerce-6.9.3-2.6.23&ec=1&o=30&fbp=fb.1.1663716699714.1376142629&it=1663716699600&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: shepastaway.org
URL: https://shepastaway.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shepastaway.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 23:31:40 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 20 Sep 2022 23:31:40 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 83ms
31ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220915&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c08d077d4627d329b96b6d210c4dceb09fc59a7a19f3258661b32ce3815ae6bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shepastaway.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Sep 2022 23:31:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11175
x-xss-protection: 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1014 B
2 KB 183ms
182ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f0beac0bfc407474e3dc3637130ca1e00bfb4bd70865361fc4f062b32090c87f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://shepastaway.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
content-type: application/json

Response headers

date: Tue, 20 Sep 2022 23:31:40 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: f944544ceacb4
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn11580-HHN, cache-fra19162-FRA
traceparent: 00-0000000000000000000f944544ceacb4-d22ccfe7021457e8-01
x-timer: S1663716701.541173,VS0,VE175
etag: W/W/"3f6-0CKhcFQ47Q9h5PmHyDzx4ogEMeM"
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://shepastaway.org
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0, 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 176ms
176ms Preflight 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://shepastaway.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://shepastaway.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Tue, 20 Sep 2022 23:31:40 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f132345a9e9dc
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f132345a9e9dc-1068e143710e03fb-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-hhn4024-HHN, cache-fra19162-FRA
x-timer: S1663716700.363246,VS0,VE169

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 96ms
29ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shepastaway.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 23:31:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Sep 2022 23:31:40 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A404 13 KB
5 KB 48ms
14ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shepastaway.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 15638
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 19:11:02 GMT
expires: Wed, 20 Sep 2023 19:11:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 47EC 783 B
1 KB 72ms
24ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8cf9cd7432439c3fc015d4b1f767ba66bb1d59b413c44a507b7357219c9946c1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XYQRqb0AFy93bi6O9JUQrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shepastaway.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-XYQRqb0AFy93bi6O9JUQrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 23:31:40 GMT
expires: Tue, 20 Sep 2022 23:31:40 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js Show response
pagead2.googlesyndication.com/bg/ Frame A404 36 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

208a9fd6f39dfbaa56f79d8d951b1b9f8337c16e4fa992556afd4622d9ba5bcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 09:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16029
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Sep 2023 09:28:25 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 47EC 0
0 48ms
47ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220915&jk=464925742384568&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A404 0
10 B 14ms
13ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?cjgZtA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 23:31:40 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 52ms
50ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220915&jk=464925742384568&bg=!SkmlSQ3NAAZqQh0mSkI7ACkAdvg8Wo48mklqese5T7zKIP1ZWFw0jCCz22LRp9F2AhHBenC7uy3lbgIAAABMUgAAAAhoAQeZAq6CmE5OcdpH2DFB_F6k16xS6qSRYvDMigfZkp9qbg1IsI3IbZTcBIv5vbgP5EIJ255w6I_FhCagxwX2DwrJMENecYxug7ZcXW3Gu4RL9EzByp8zSJi0Zv-dxfupgRQzSMLXLh1-DA1sDOyVhHUuOAVWyTlOOvpUfahulIYZ95iy10IPaAETu79YQgbAejNpjabLLmZFh2oCjWMCrGyZOCZIFFpfKB_IciSBeT7dP6JQB62gDQuD-1wdHdnat7qrXOUv-YEnuKAVrOXMgQG5RlvjMfs5TELKIB80qBnERl3nFjPe5S3VEIHl6R6sAjje8bQcausD6qK2boIjZ4wpJ0DG3OpfApKLPb_a1fUqrZYCc9W9fOKAils9l0c91t9BLdtSHGlmuEpXT29zVLy9XB4Cxu5530v6Kywh_soxpYleTjZM4fNSAHEzEYwWz2vyRw3mdA1FfivQpPLhVsgcWkU28tt2WUK-ihliMB_qErAXdm2wC9yxtVX6azVPypTpOinI4r4VzaSFqwpv2_V8zlU_lXslPPNAiTc-gkRPhiNQmefTknt5MRaIHOP14LUAUnb1lskaE823H4CLcApgUKXViHjEtxx02wv0t1KYGAnLrFrMhHMPj4QEEiHcpoK_YKvlA4B6MfDQi2Z82KGsRqsHUjVtdeRHOVIiVifOc230-9agzIaNXIpAchvwNkicX_YIbLvvnjAeGBTuHh1rBOvKGJdmGaFhPB-AiUVsMMlkByVadWNLt3nPC6Cptbu2eVHfcDrq_ddsrS0y6KzvtWq9pyEi_ghr4xpKPktrwudNAW0rOUxAzj_hLDzIH85V9jQJ7ZijigIG585sfWCOPrNfFHcXi27JA5ujuzylQZGIFxnZGR0ad1dV_Zb6BCKhHZY3FjyIXeqdZqLER3SYsA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shepastaway.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 204 boom.gif
pixel.wp.com/ 0
37 B 7ms
6ms Image
text/plain 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/boom.gif?bilmur=1&cumulative_layout_shift=0&largest_contentful_paint=1860&batcache_hit=0&provider=wordpress.com&service=atomic&effective_connection_type=4g&host_name=shepastaway.org&url_path=%2F&nt_fetchStart=30&nt_domainLookupStart=30&nt_domainLookupEnd=30&nt_connectStart=30&nt_connectEnd=46&nt_secureConnectionStart=35&nt_requestStart=46&nt_responseStart=535&nt_responseEnd=614&nt_domLoading=544&nt_domInteractive=1771&nt_domContentLoadedEventStart=1772&nt_domContentLoadedEventEnd=1777&nt_domComplete=2426&nt_loadEventStart=2426&nt_loadEventEnd=2433&nt_redirectCount=0&nt_api_level=2&start_render=1641&first_contentful_paint=1692&resource_size=1958090&resource_transferred=498100&js_size=636325&js_transferred=200951&resource_cache_percent=0&js_cache_percent=0&last_resource_end=3392
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shepastaway.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 20 Sep 2022 23:31:43 GMT
cache-control: no-cache
server: nginx

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
shepastaway.org/	1970-01-20 06:48:55	Name: mailchimp_landing_site Value: https%3A%2F%2Fshepastaway.org%2F
.shepastaway.org/	1970-01-20 15:44:36	Name: __utma Value: 124838984.1096413903.1663716700.1663716700.1663716700.1
.shepastaway.org/	1969-12-31 23:59:59	Name: __utmc Value: 124838984
.shepastaway.org/	1970-01-20 10:31:24	Name: __utmz Value: 124838984.1663716700.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.shepastaway.org/	1970-01-20 06:08:37	Name: __utmt Value: 1
.shepastaway.org/	1970-01-20 06:08:38	Name: __utmb Value: 124838984.1.10.1663716700
.shepastaway.org/	1970-01-20 08:18:12	Name: _fbp Value: fb.1.1663716699714.1376142629
.shepastaway.org/	1970-01-20 15:30:12	Name: __gads Value: ID=5cf04b1b57266751-2274962529ce00b7:T=1663716699:RT=1663716699:S=ALNI_MYlAvH8P-dbKkcCC9tagXUn4r7edQ
.doubleclick.net/	1970-01-20 06:08:37	Name: test_cookie Value: CheckForPermission
.shepastaway.org/	1970-01-20 15:44:36	Name: _swa_u Value: 40958579-4f2a-4358-b7b9-6412e67dfaea
analytics.sitewit.com/	1970-01-20 06:18:41	Name: AWSALBCORS Value: gLMCk77BtsuS+g0zPKCHa9N4PNXlNeXdTKcEVtlhl6gfZlSHEMVUMErOpJSOucMTdf5lXiMVIcupoCZ/OfCGxqju/p97T6mvscbaAXW9+YJeAX6pPJMdIRqWcHK0
.paypal.com/	1970-01-20 15:44:36	Name: ts_c Value: vr%3D5d3e2f761830a57030b22f19ffffffff%26vt%3D5d3e2f761830a57030b22f19fffffffe
connect.sitewit.com/	1970-01-20 06:18:41	Name: AWSALBCORS Value: T5g7bzdnUJFaFZvR1JSk21J+HtwBzjRD2bMmbPd4AGGGSKV84jrmG/LASp6GmRKpQK/pSWqfbQ7CZWpYDaY+GPGlU5JdCHtwifquOCPpW4oiDy85yTJgZt23ZnK7
.paypal.com/	1970-01-20 14:54:12	Name: enforce_policy Value: gdpr_v2.1
.paypal.com/	1970-01-20 06:09:08	Name: LANG Value: de_DE%3BDE
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY2MzcxNjcwMDMxNCIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/	1970-01-20 06:12:55	Name: tsrce Value: targetingnodeweb
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3AKQkAFb-yB2Z45eFqmzrrdxx6IZMfLhO_.0pKE1dWSu6Z3br%2BkwvTK%2FyrwuwVrXQMXxBUVXuZRrHA
.paypal.com/	1970-01-20 06:08:38	Name: l7_az Value: dcg13.slc
.paypal.com/	1970-01-20 15:44:36	Name: ts Value: vreXpYrS%3D1758411100%26vteXpYrS%3D1663718500%26vr%3D5d3e2f761830a57030b22f19ffffffff%26vt%3D5d3e2f761830a57030b22f19fffffffe%26vtyp%3D
.paypalobjects.com/	1970-01-20 06:10:03	Name: paypal-offers--cust Value: null:null:null

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
analytics.sitewit.com
chimpstatic.com
connect.facebook.net
connect.sitewit.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i0.wp.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.wp.com
s0.wp.com
shepastaway.org
ssl.google-analytics.com
stats.wp.com
t.paypal.com
tpc.googlesyndication.com
www.facebook.com
www.google.com
www.paypal.com
www.paypalobjects.com
151.101.1.35
151.101.65.21
151.101.66.133
192.0.76.3
192.0.77.2
192.0.77.32
192.0.78.223
2600:1f18:243f:2d00:7fb0:8f4d:7c18:1ddf
2a00:1450:4001:802::2002
2a00:1450:4001:803::200a
2a00:1450:4001:80e::2008
2a00:1450:4001:810::2002
2a00:1450:4001:813::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:82a::2003
2a00:1450:4001:831::2002
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.234.29.110
92.123.22.86
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
02fbcf6cd136ae3bfc98aecbbc0f0b1f348c05d96390d63a89cdc323a6dda70c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
142d7e873b9d8d550b53e6e55bac7a11ed1f2c0aa5e2d49966cde5ce3c00faec
1bc09cb344cf7f57e07951403ee40970dc4f93d6e514d3a3da0973892022e126
208a9fd6f39dfbaa56f79d8d951b1b9f8337c16e4fa992556afd4622d9ba5bcb
2711b037e078e306e59765e9fc22d9f86867eb26af8c6af72d864a1c52bed8ac
2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1
43d93e46a9f2b2dfdd277a06c47db078675b8f43b7f09592dd5e92051af20621
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566
67a3488875985a3f9c8afc4290b59661156f47b9be0df5d150129243e161c151
6b7648f196516186e81f7018f420992e92cda2acc994e50ab669492380a5999c
6ccf4118f763cff85f98f427e100914df47d44b6a0f2e8d49c64e4274fa7a456
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
87887bb3cd1a17bee83330437e5f626de9e37161093db1c442b54193f76b66c1
89c5314e12d29bf3bc413ae55b71d08b57919695674b14aed3c4ef8670ed2b2a
8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638
8cf9cd7432439c3fc015d4b1f767ba66bb1d59b413c44a507b7357219c9946c1
9164a9df326768d314927b7e8bb9d99c0e49a6cac4e45ee366f7c9c6abec952a
9b956e819f28b97a44d99d603e01f7af11865c79143cc521eeaf326bcde8302a
9e038ad8d6f4e0982fc74aa17e251982a487d9e7326ab37ae739d146236593b3
9e7eb0c036a4aa626811ae4868c6398a8253d4daaaf679da8f5cbb4b32aecbbe
a3c9ffafe89199c7863aa836c96d530976ab318eaef1182730eb15cfb1d6f57c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5a158f829228bea657cbf364dccde690f3379634e78a26a0a2bed4e8f08362d
abd4997d93fafd773489552f39b8dca9e995cca6748c4a66f98c6def1eb41f2e
b1d86b993110ded35954e97c656b62777a70fcf01f86946336fc81615283e7a4
b2221cde526f83af39e2e2728ddc7d34c5cf5f9414a2ede4b79f90173ff992d4
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c08d077d4627d329b96b6d210c4dceb09fc59a7a19f3258661b32ce3815ae6bc
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c4f40123c25abfe4f929546051cd32136b286e01ff2430f40c1741afdd3b24a4
c5964852604fae6fb0997a80858f9f2ee0cb6159896741625306a3a9654d9f78
c71b243fedf9d5386f4b0d649991e7612c2f6405b13ffad130553f05b692f194
d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23
d74a7d9d8287f93f01eea4806dd935f0cb3ac5f73695516a9b972d459b1854bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebbabd1c9e58528c02c1b51ffe29a4995f208d065840206f4e5ef6ef76087ebb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0beac0bfc407474e3dc3637130ca1e00bfb4bd70865361fc4f062b32090c87f
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

shepastaway.org Open in urlscan Pro 192.0.78.223 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

62 Requests

100 %HTTPS

57 %IPv6

16 Domains

23 Subdomains

22 IPs

3 Countries

1194 kBTransfer

3646 kBSize

21 Cookies

12 Outgoing links

Page URL History

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

shepastaway.org Open in urlscan Pro
192.0.78.223 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

100 %
HTTPS

57 %
IPv6

16
Domains

23
Subdomains

22
IPs

3
Countries

1194 kB
Transfer

3646 kB
Size

21
Cookies

62 HTTP transactions
1 data transactions