www.wexl.org Open in urlscan Pro
198.185.159.144 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u14608870.ct.sendgrid.net/ls/click?upn=BgVxgPTVr8k9UxUOWvlfqm8S2-2F6BH9yzWYUKj9Y4JjszYWFEr9p8ObGgLQ-2Fgy4GqnWL0_xAaQ0fENsH...
Effective URL:
https://www.wexl.org/tynomite
Submission: On April 27 via api (April 27th 2022, 9:41:36 pm UTC) from US — Scanned from DE

Summary HTTP 164 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 55 IPs in 7 countries across 44 domains to perform 164 HTTP transactions. The main IP is 198.185.159.144, located in United States and belongs to SQUARESPACE, US. The main domain is www.wexl.org.
TLS certificate: Issued by R3 on April 7th 2022. Valid for: 3 months.

This is the only time www.wexl.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.123.122 167.89.123.122	11377 (SENDGRID) (SENDGRID)
7	198.185.159.144 198.185.159.144	53831 (SQUARESPACE) (SQUARESPACE)
7	2a02:26f0:350... 2a02:26f0:3500:7::17d8:4dd1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
12	151.101.64.237 151.101.64.237	54113 (FASTLY) (FASTLY)
5	151.101.192.238 151.101.192.238	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	151.101.128.238 151.101.128.238	54113 (FASTLY) (FASTLY)
6	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1 24	13.32.21.51 13.32.21.51	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:7::17d8:4dc9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2016	15169 (GOOGLE) (GOOGLE)
4	44.231.106.81 44.231.106.81	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	178.250.2.140 178.250.2.140	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
4	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	52.211.18.45 52.211.18.45	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	64.202.112.223 64.202.112.223	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3 4	185.33.220.145 185.33.220.145	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	185.33.221.52 185.33.221.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	3.121.19.101 3.121.19.101	16509 (AMAZON-02) (AMAZON-02)
1	52.210.228.8 52.210.228.8	16509 (AMAZON-02) (AMAZON-02)
1	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	185.86.137.133 185.86.137.133	201081 (SMARTADSE...) (SMARTADSERVER)
1	3.120.83.85 3.120.83.85	16509 (AMAZON-02) (AMAZON-02)
1 2	54.78.175.206 54.78.175.206	16509 (AMAZON-02) (AMAZON-02)
2 2	18.209.3.188 18.209.3.188	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:444... 2600:1f18:444a:4680:5b76:7408:bdd4:1592	14618 (AMAZON-AES) (AMAZON-AES)
1	52.9.210.200 52.9.210.200	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4264:cf98:6d7b:6943:bef0	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (STACKPATH...) (STACKPATH-CDN)
1	3.64.24.144 3.64.24.144	16509 (AMAZON-02) (AMAZON-02)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
164	55

1 167.89.123.122 (Chicago, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789123x122.outbound-mail.sendgrid.net

u14608870.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 198.185.159.144 (United States)

ASN53831 (SQUARESPACE, US)

www.wexl.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:3500:7::17d8:4dd1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.64.237 (United States)

ASN54113 (FASTLY, US)

assets.squarespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.192.238 (United States)

ASN54113 (FASTLY, US)

static1.squarespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.128.238 (United States)

ASN54113 (FASTLY, US)

images.squarespace-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 13.32.21.51 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-21-51.fra56.r.cloudfront.net

www.gofundme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:7::17d8:4dc9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.231.106.81 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-231-106-81.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.140 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.18.45 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-18-45.eu-west-1.compute.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.223 (Leesburg, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

cw.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.220.145 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.52 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.19.101 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-19-101.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.228.8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-228-8.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.133 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.83.85 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-83-85.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.175.206 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-175-206.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.209.3.188 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-3-188.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:444a:4680:5b76:7408:bdd4:1592 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.9.210.200 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-9-210-200.us-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:cf98:6d7b:6943:bef0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.233 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.64.24.144 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-24-144.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	gofundme.com 1 redirects www.gofundme.com — Cisco Umbrella Rank: 28413	1 MB
18	youtube.com www.youtube.com — Cisco Umbrella Rank: 85	1 MB
17	squarespace.com assets.squarespace.com — Cisco Umbrella Rank: 5342 static1.squarespace.com — Cisco Umbrella Rank: 5009	903 KB
16	gstatic.com fonts.gstatic.com www.gstatic.com	699 KB
12	criteo.com 4 redirects dynamic.criteo.com — Cisco Umbrella Rank: 4507 gum.criteo.com — Cisco Umbrella Rank: 370 mug.criteo.com — Cisco Umbrella Rank: 2985 sslwidget.criteo.com — Cisco Umbrella Rank: 1690 widget.us.criteo.com — Cisco Umbrella Rank: 19418 dis.criteo.com — Cisco Umbrella Rank: 685	19 KB
9	doubleclick.net 4 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 71 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 static.doubleclick.net — Cisco Umbrella Rank: 318 cm.g.doubleclick.net — Cisco Umbrella Rank: 191	3 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39 jnn-pa.googleapis.com — Cisco Umbrella Rank: 260	45 KB
8	typekit.net use.typekit.net — Cisco Umbrella Rank: 447 p.typekit.net — Cisco Umbrella Rank: 549	108 KB
7	adnxs.com 6 redirects secure.adnxs.com — Cisco Umbrella Rank: 377 ib.adnxs.com — Cisco Umbrella Rank: 217	7 KB
7	wexl.org www.wexl.org	35 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2	51 KB
4	yahoo.com 1 redirects ads.yahoo.com — Cisco Umbrella Rank: 1033 sp.analytics.yahoo.com — Cisco Umbrella Rank: 810 ups.analytics.yahoo.com — Cisco Umbrella Rank: 281	1 KB
4	amplitude.com api.amplitude.com — Cisco Umbrella Rank: 1244	334 B
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	40 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	232 KB
3	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 506 i6.liadm.com — Cisco Umbrella Rank: 1611	1 KB
2	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 620 cdn.stickyadstv.com — Cisco Umbrella Rank: 2235	1 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 619	852 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 274	1 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1886	2 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 333	738 B
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 293	627 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 131	85 KB
2	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 106	65 KB
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 216	6 KB
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 738	418 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1354	40 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2020	183 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1016	428 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 563	262 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 572	163 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1249	99 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1756	172 B
1	revcontent.com trends.revcontent.com — Cisco Umbrella Rank: 1927	336 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 486	783 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 568	676 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 313	239 B
1	addthis.com cw.addthis.com — Cisco Umbrella Rank: 1353	427 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 770	476 B
1	mediawallahscript.com partner.mediawallahscript.com — Cisco Umbrella Rank: 1806	232 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 622	13 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 203	28 KB
1	squarespace-cdn.com images.squarespace-cdn.com — Cisco Umbrella Rank: 4073	7 KB
1	sendgrid.net 1 redirects u14608870.ct.sendgrid.net	232 B
164	44

	Domain	Requested by
24	www.gofundme.com	1 redirects www.wexl.org www.gofundme.com
18	www.youtube.com	assets.squarespace.com www.youtube.com www.wexl.org
12	assets.squarespace.com	www.wexl.org
10	www.gstatic.com	www.google.com www.gstatic.com www.youtube.com
8	jnn-pa.googleapis.com	www.youtube.com
7	use.typekit.net	www.wexl.org
7	www.wexl.org	assets.squarespace.com
6	www.google.com	assets.squarespace.com www.gstatic.com www.youtube.com www.google.com
6	fonts.gstatic.com	fonts.googleapis.com www.youtube.com www.google.com
5	static1.squarespace.com	www.wexl.org static1.squarespace.com
4	secure.adnxs.com	3 redirects
4	dis.criteo.com
4	gum.criteo.com	3 redirects static.criteo.net
4	api.amplitude.com	www.gofundme.com
4	googleads.g.doubleclick.net	2 redirects www.youtube.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	www.googletagmanager.com	www.wexl.org www.googletagmanager.com www.gofundme.com
3	ib.adnxs.com	3 redirects
2	i.liadm.com	2 redirects
2	ad.360yield.com	1 redirects
2	x.bidswitch.net	1 redirects
2	r.casalemedia.com	1 redirects
2	eb2.3lift.com	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	cm.g.doubleclick.net	2 redirects
2	idsync.rlcdn.com
2	connect.facebook.net	www.gofundme.com connect.facebook.net
2	i.ytimg.com	www.youtube.com
2	yt3.ggpht.com	www.youtube.com
2	static.doubleclick.net	www.youtube.com
1	d.turn.com	1 redirects
1	exchange.mediavine.com
1	cdn.stickyadstv.com
1	ads.stickyadstv.com	1 redirects
1	criteo-partners.tremorhub.com
1	jadserve.postrelease.com
1	i6.liadm.com
1	match.sharethrough.com
1	rtb-csync.smartadserver.com
1	sync-t1.taboola.com
1	criteo-sync.teads.tv
1	trends.revcontent.com
1	contextual.media.net
1	simage2.pubmatic.com
1	pixel.rubiconproject.com
1	cw.addthis.com
1	sync.outbrain.com
1	sp.analytics.yahoo.com
1	ads.yahoo.com
1	partner.mediawallahscript.com
1	widget.us.criteo.com
1	sslwidget.criteo.com	1 redirects
1	mug.criteo.com
1	static.criteo.net	dynamic.criteo.com
1	dynamic.criteo.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	p.typekit.net	www.wexl.org
1	cdnjs.cloudflare.com	www.wexl.org
1	images.squarespace-cdn.com	www.wexl.org
1	fonts.googleapis.com	www.wexl.org
1	u14608870.ct.sendgrid.net	1 redirects
164	61

This site contains links to these domains. Also see Links.

Domain
www.gofundme.com

Subject Issuer	Validity	Valid
www.wexl.org R3	`2022-04-07` - `2022-07-06`	3 months	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2022-03-07` - `2023-04-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.squarespace.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-12` - `2023-03-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.squarespace-cdn.com R3	`2022-04-11` - `2022-07-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.gofundme.com Go Daddy Secure Certificate Authority - G2	`2021-09-12` - `2022-10-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2022-01-28` - `2023-02-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-04` - `2022-05-05`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-07`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.mediawallahscript.com Amazon	`2021-05-19` - `2022-06-17`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
ui.aps.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-21` - `2022-05-11`	2 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-15` - `2022-09-07`	6 months	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2021-10-24` - `2022-11-24`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
revcontent.com Amazon	`2021-08-09` - `2022-09-07`	a year	crt.sh
teads.tv R3	`2022-03-23` - `2022-06-21`	3 months	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
*.postrelease.com Amazon	`2021-12-29` - `2023-01-27`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
exchange.mediavine.com Amazon	`2021-08-05` - `2022-09-03`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.wexl.org/tynomite
Frame ID: 13E0AC52AC71A76A1171E4C5A7CFD595
Requests: 46 HTTP requests in this frame

Frame: https://www.youtube.com/embed/R6cCMpPpq38?wmode=opaque&enablejsapi=1
Frame ID: B61501E269859B6FD1692B0B504FEB8B
Requests: 20 HTTP requests in this frame

Frame: https://www.youtube.com/embed/DfnCTkYYCKI?wmode=opaque&enablejsapi=1
Frame ID: 9F44E9CF2FD8B05D380B4603F42D5CAD
Requests: 20 HTTP requests in this frame

Frame: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
Frame ID: 3C35D61600547105F663443D259D385E
Requests: 33 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdS-kUaAAAAAFb999kSImoypXQ48pRzdtfjCoK3&co=aHR0cHM6Ly93d3cud2V4bC5vcmc6NDQz&hl=de&v=QENb_qRrX0-mQMyENQjD6Fuj&theme=dark&size=normal&cb=cpmjz5ned1ep
Frame ID: A62FCA4D72E75FC3E70055EEC641ED3F
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=QENb_qRrX0-mQMyENQjD6Fuj&k=6LdS-kUaAAAAAFb999kSImoypXQ48pRzdtfjCoK3
Frame ID: 8114E437470320E827AF6CB9C500916D
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.wexl.org&origin=onetag
Frame ID: 3BDC7923BDFCD91ECFC5C68D2E79C26C
Requests: 2 HTTP requests in this frame

Frame: https://idsync.rlcdn.com/397596.gif?partner_uid=rkrs9UXd7X1i6VnIRqNG8sLG95snzVaK
Frame ID: 252F5EFF84F3EAA3BD4DB0E3900AAA1E
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TYNOMITE!! — WeXL | Creators For An Equitable World

Page URL History Show full URLs

https://u14608870.ct.sendgrid.net/ls/click?upn=BgVxgPTVr8k9UxUOWvlfqm8S2-2F6BH9yzWYUKj9Y4JjszYWFEr9p8ObGgLQ-2F... HTTP 302
https://www.wexl.org/tynomite Page URL

Detected technologies

Squarespace (CMS) Expand

Overall confidence: 100%
Detected patterns

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

164
Requests

90 %
HTTPS

39 %
IPv6

44
Domains

61
Subdomains

55
IPs

7
Countries

4874 kB
Transfer

17366 kB
Size

53
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.gofundme.com/sign-up?acceptTeamInviteFundUrl=help-bring-tynomite-to-life&alertKey=team_invitation&teamInvite=B8LoE15fNWkXj46J6bt9IUMSLnckGEcd2NMWJYvaQu5vHIaOkq4bhxcbPFvhaQYR&utm_campaign=p_lico%2Bteam-invite&utm_medium=magic_link&utm_source=customer
Title: Advocate

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u14608870.ct.sendgrid.net/ls/click?upn=BgVxgPTVr8k9UxUOWvlfqm8S2-2F6BH9yzWYUKj9Y4JjszYWFEr9p8ObGgLQ-2Fgy4GqnWL0_xAaQ0fENsHjFyXJF5AHJQnSY85rW-2F23s3md16ZMQ5B-2FvQr86fRhRVvx1rWGcaHmSHgiw9oWNaaeGIzHMcl-2Fvc1h40kHOtuNYBacEbeAclpo7megVWyTsSEIMc8nJyiBWu9s2uxREaXP4DGx2R-2FHY12R-2F3rwWv69412dR86ttzOTZztMRvI6Csj1BG4UBxaNq7s-2FrHW6Rfwfo9-2Fzk-2Be0jOYnQaJfFZvhk3ap6-2BHz7wEc9GBaV1NUeMFfJS7zEbKu7CL-2Fzf-2BIIfke-2FvZ2NK3hffiM9Ub5sGJjB1gbcMvdOz-2BmYHYxJu5lzHar00ApzQE-2FyN-2BLjUOJAGA4iQnH-2BcWeCMxN-2BqU9TqtjKwc6iSo-2B3K9k2C2cWYi6QJFdI5yfzODVGazS7jxwo-2BvD80NRQ8qzIps7-2FP7RcFSSKTbcRh-2BWmTMJOHzQ-2BmehvH5InfW1DQ0K6OXGf5-2BbZ3pIMHEq-2F57LmrMSOOpJ0gw4YtsI989gQvwiHUIX7hant2ljHiU4veW3K HTTP 302
https://www.wexl.org/tynomite Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium/ HTTP 301
https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium

Request Chain 61

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 63

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 133

https://gum.criteo.com/sid/json?origin=onetag&domain=www.gofundme.com&sn=ChromeSyncframe&so=0&topUrl=www.wexl.org&lsw=1&topicsavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=7TlrGnxPNVp1ZGxhZGUxZ0Z5Q1QrcndLQXZCV09uNDUwZXpDZ2NMcVpNYlFkZUFXNVBkaHNJVDZtaHpSTVNRdFZwSTg2ZkJ0U3B5eEVDWld3S2RSVC81VkxzbENpVWRoMkJkWGZOUzNCOGJkcEkxS2dBODEzbTRwN1dPNjc0ZDFDeTFxbjhsbjNvcEpEYnpiUU5ZYmpORjJPaGxMMGY3WGtEV29tSzFBckhIOHcwK2xTYVByZkJQRTVqcTkreWhsVm1NaUlDTGUwSjFxS0dFNzVpOCtOMzV3M3F2eG5abUtxUUk3WkwvaWpBVDB5L3NFdG41TW82MmhRcmFYcTVzZ1Q1RUc3UmI2amtEZjJWcnV6TmlXdy9GOVFkZm9jVjZ1VnU3R3h2M0VpTC9DdXpwST18&cppv=2

Request Chain 134

https://sslwidget.criteo.com/event?a=92896&v=5.9.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.wexl.org&p1=e%3Dvl%26p%3D%255B1%255D&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=wEH4aV9kdVNXZyUyQlp3S1JLalRtSm1rR2lJZWoyRnU3aiUyQjhSbm5BYVVnY2NTb0VoN1RGV2U5T0VLaUxtbUdJRFpwbjR5SUhOd01tQmJkTnYxRnpYZjdudFdTVkwwRks3M0dEUkdROFNvYWdQYUhUajNKdnFDamV2T1E0VDJteDFxTlJ0cFo1TkJHelZUZGpNbHF5YllZVmoxeldRJTNEJTNE&tld=www.gofundme.com&dy=1&fu=https%3A%2F%2Fwww.wexl.org&dtycbr=36472 HTTP 302
https://widget.us.criteo.com/event?a=92896&v=5.9.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.wexl.org&p1=e%3Dvl%26p%3D%255B1%255D&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=wEH4aV9kdVNXZyUyQlp3S1JLalRtSm1rR2lJZWoyRnU3aiUyQjhSbm5BYVVnY2NTb0VoN1RGV2U5T0VLaUxtbUdJRFpwbjR5SUhOd01tQmJkTnYxRnpYZjdudFdTVkwwRks3M0dEUkdROFNvYWdQYUhUajNKdnFDamV2T1E0VDJteDFxTlJ0cFo1TkJHelZUZGpNbHF5YllZVmoxeldRJTNEJTNE&tld=www.gofundme.com&dy=1&fu=https%3A%2F%2Fwww.wexl.org&dtycbr=36472

Request Chain 135

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=rkrs9UXd7X1i6VnIRqNG8sLG95snzVaK

Request Chain 136

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay0waERvNkUxU1pIQ3Y0SXhoNmZWMi1WckZIbGZJd00wNkNKaWphZw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&google_hm=ay0waERvNkUxU1pIQ3Y0SXhoNmZWMi1WckZIbGZJd00wNkNKaWphZw&google_tc= HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

Request Chain 141

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-QzD_O01SZHCv4Ixh6fV2-VrFHlcuVGVheLWCQg HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-QzD_O01SZHCv4Ixh6fV2-VrFHlcuVGVheLWCQg&verify=true

Request Chain 145

https://secure.adnxs.com/setuid?entity=52&code=k-vkrBy01SZHCv4Ixh6fV2-VrFHlcZ9onqyDhJ4Q&seg=95287 HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-vkrBy01SZHCv4Ixh6fV2-VrFHlcZ9onqyDhJ4Q%26seg%3D95287

Request Chain 146

https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D95287%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx%253Fappnxsid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8409258397369466874

Request Chain 148

https://eb2.3lift.com/xuid?mid=2711&xuid=k-LhY1w01SZHCv4Ixh6fV2-VrFHlcBiZFFY1wTlg&dongle=013b HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-LhY1w01SZHCv4Ixh6fV2-VrFHlcBiZFFY1wTlg&dongle=013b&gdpr=1&cmp_cs=&us_privacy=

Request Chain 150

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-n7uxaU1SZHCv4Ixh6fV2-VrFHlewXkesNPiwSg HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-n7uxaU1SZHCv4Ixh6fV2-VrFHlewXkesNPiwSg&C=1

Request Chain 151

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-G39HKk1SZHCv4Ixh6fV2-VrFHle-JfY5SsBRMA&expires=30&user_group=5 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-G39HKk1SZHCv4Ixh6fV2-VrFHle-JfY5SsBRMA&expires=30&user_group=5

Request Chain 157

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-8mXtv01SZHCv4Ixh6fV2-VrFHlczoCTPK5bR4A HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-8mXtv01SZHCv4Ixh6fV2-VrFHlczoCTPK5bR4A

Request Chain 158

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-yYr7401SZHCv4Ixh6fV2-VrFHle8SVZwa9TgoQ HTTP 303
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-yYr7401SZHCv4Ixh6fV2-VrFHle8SVZwa9TgoQ&_li_chk=true&previous_uuid=bf38c95e456c42b990c864a0bbc0b907 HTTP 303
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-yYr7401SZHCv4Ixh6fV2-VrFHle8SVZwa9TgoQ

Request Chain 161

https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-Qpr4mk1SZHCv4Ixh6fV2-VrFHleueXVjEOF_-Q&redirectId=69 HTTP 302
https://cdn.stickyadstv.com/one-shot/empty.gif

Request Chain 163

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fcdb%252Fcookiematch.aspx%253F%2526extid%253D%2524!%7BTURN_UUID%7D HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/1UpYJxEC7GjbCji3y8hyfAUJeHOJ4RVb/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=4166246031684784998

Request Chain 164

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8409258397369466874

164 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request tynomite Show response
www.wexl.org/
Redirect Chain

https://u14608870.ct.sendgrid.net/ls/click?upn=BgVxgPTVr8k9UxUOWvlfqm8S2-2F6BH9yzWYUKj9Y4JjszYWFEr9p8ObGgLQ-2Fgy4GqnWL0_xAaQ0fENsHjFyXJF5AHJQnSY85rW-2F23s3md16ZMQ5B-2FvQr86fRhRVvx1rWGcaHmSHgiw9oWNa...
https://www.wexl.org/tynomite

330 KB
35 KB

371ms
112ms

Document
text/html

198.185.159.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wexl.org/tynomite

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.185.159.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

856a731aae8bd0a2a66994734407c0adf8c49778fe7d38017e3aeb3c14d6f888

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7937
content-encoding: gzip
content-length: 35302
content-type: text/html;charset=utf-8
date: Wed, 27 Apr 2022 19:29:12 GMT
etag: W/"bba6d10aaca79109e6ff2640a73f6786--gzip"
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: Squarespace
strict-transport-security: max-age=0
vary: Accept-Encoding
x-content-type-options: nosniff
x-contextid: Xwz0x8Na/2TB8NVXM

Redirect headers

Connection: keep-alive
Content-Length: 52
Content-Type: text/html; charset=utf-8
Date: Wed, 27 Apr 2022 21:41:29 GMT
Location: https://www.wexl.org/tynomite
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H2 200 wHuZerUJ8L_A45XmJExD4BJTe0H-jaXWh0mAEcjZAntfezS2fFHN4UJLFRbh52jhWDjUw2qawDSk5AIkwhJXwesRFhFyFQ63Zyn-MKG0jAFu-WsoShFGZAsude80ZkoRdhXCHKoyjamTiY8Djhy8ZYmC-Ao1Oco8if37OcBDOcu8OfG0SaBujW48SagyjhmDjhy8Z... Show response
use.typekit.net/ik/ 18 KB
7 KB 82ms
18ms Script
text/javascript 2a02:26f0:3500:7::17d8:4dd1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ik/wHuZerUJ8L_A45XmJExD4BJTe0H-jaXWh0mAEcjZAntfezS2fFHN4UJLFRbh52jhWDjUw2qawDSk5AIkwhJXwesRFhFyFQ63Zyn-MKG0jAFu-WsoShFGZAsude80ZkoRdhXCHKoyjamTiY8Djhy8ZYmC-Ao1Oco8if37OcBDOcu8OfG0SaBujW48SagyjhmDjhy8ZYmC-Ao1OcFzdP37O1i8pe30SaBujW48Sagyjh90jhNlOeBRiA8XpWFR-emqiAUTdcS0jhNlOeBRiA8XpWFR-emqiAUTdcS0dcmXOeBDOcu8OeUzjhBC-eNDifUDSWmyScmDSeBRZWFR-emqiAUTdcS0jhNlOYi8pe30da41OYi8pe30SaBujW48Sagyjh90jhNlOYiaikoyjamTiY8Djhy8ZYmC-Ao1OcFzdPUaiaS0jAFu-WsoShFGZAsude80Zko0ZWbCiaiaOcBDOcu8OYiaikoDSWmyScmDSeBRZWFR-emqiAUTdcS0jhNlOYiaikoaZWyCOcNkZkUaiaS0ihmtdfoDSWmyScmDSeBRZPoRdhXK2YgkdayTdAIldcNhjPJZdcmuZPuGjABDOAikdas8ShClZe8DSeUypPG4f5J7IMMjMkMfH6GJCwbgIMMjgPMfH6qJK3IbMg6YJMJ7f6KUUMIbMg6VJMJ7fbKwMsMMegI6MKGHfwKXMyMgeM96MTMgh_OFqbj.js

Requested by

Host: www.wexl.org
URL: https://www.wexl.org/tynomite

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:7::17d8:4dd1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

d6a336496e10def9cadfac527aaaeb74c84c5f16d15adfaf247d1f571c6203a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wexl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Wed, 27 Apr 2022 21:41:30 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6833

GET
H2 200 css2
fonts.googleapis.com/ 16 KB
1 KB 39ms
18ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,700;1,300;1,700&family=Raleway:ital,wght@0,300;0,700;1,300;1,700

Requested by

Host: www.wexl.org
URL: https://www.wexl.org/tynomite

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fc4f04722298649f4225633e241779243eb23dafe5701fc118be40e5cc0322e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wexl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 21:41:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 27 Apr 2022 21:41:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Apr 2022 21:41:30 GMT

GET
H2 200 modern.js Show response
assets.squarespace.com/@sqs/polyfiller/1.2.2/ 80 KB
29 KB 32ms
9ms Script
text/javascript 151.101.64.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/@sqs/polyfiller/1.2.2/modern.js
Requested by: Host: www.wexl.org
URL: https://www.wexl.org/tynomite
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6a801f781b109838b64c593ffbabaeb97e553d349540a9636cb63e23a8479423

Request headers

Referer: https://www.wexl.org/
Origin: https://www.wexl.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:30 GMT
via: 1.1 varnish, 1.1 varnish
age: 14554698
x-cache: HIT, HIT
x-cache-hits: 1, 11127
content-encoding: gzip
content-length: 29224
x-served-by: cache-bwi5144-BWI, cache-hhn4079-HHN
last-modified: Wed, 08 Sep 2021 20:21:24 GMT
server: UploadServer
x-timer: S1651095690.155989,VS0,VE0
etag: "03e5ef7c77d113abf6178fce61ec6344"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 10:43:13 GMT

GET
H2 200 style-loader-runtime-3b32196fd63237cb77125-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 4 KB
2 KB 17ms
9ms Script
text/javascript 151.101.64.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/style-loader-runtime-3b32196fd63237cb77125-min.en-US.js
Requested by: Host: www.wexl.org
URL: https://www.wexl.org/tynomite
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7dc2181f67db2cb889c9500a17d0244e21c8cfaecf4eb00f0a3f60426638ea46

Request headers

Referer: https://www.wexl.org/
Origin: https://www.wexl.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:30 GMT
via: 1.1 varnish, 1.1 varnish
age: 2347170
x-cache: HIT, HIT
x-cache-hits: 1, 9719
content-encoding: br
content-length: 1807
x-served-by: cache-iad-kiad7000160-IAD, cache-hhn4079-HHN
last-modified: Thu, 31 Mar 2022 17:08:21 GMT
server: UploadServer
x-timer: S1651095690.155984,VS0,VE0
etag: "96f84f1dd8f6c2db628000c299729db2"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Mar 2023 17:41:59 GMT

GET
H2 200 extract-css-runtime-df0bcb3fb161c9761a2a8-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 183 B
317 B 9ms
8ms Script
text/javascript 151.101.64.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/extract-css-runtime-df0bcb3fb161c9761a2a8-min.en-US.js
Requested by: Host: www.wexl.org
URL: https://www.wexl.org/tynomite
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 037709da281376828e43211b173f1f202861ff95fcfd8c32948bae02c66092e4

Request headers

Referer: https://www.wexl.org/
Origin: https://www.wexl.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:30 GMT
via: 1.1 varnish, 1.1 varnish
age: 1935243
x-cache: HIT, HIT
x-cache-hits: 1, 9753
content-encoding: br
content-length: 131
x-served-by: cache-iad-kiad7000178-IAD, cache-hhn4079-HHN
last-modified: Fri, 25 Mar 2022 17:01:12 GMT
server: UploadServer
x-timer: S1651095690.201750,VS0,VE0
etag: "233fdb6f2944bccc7d89e7aa073f6d3a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Apr 2023 12:07:26 GMT

GET
H2 200 extract-css-moment-js-vendor-0c99b8bf7f3dd5358b2f5-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 562 KB
85 KB 9ms
7ms Script
text/javascript 151.101.64.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/extract-css-moment-js-vendor-0c99b8bf7f3dd5358b2f5-min.en-US.js
Requested by: Host: www.wexl.org
URL: https://www.wexl.org/tynomite
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a335034c7cafef2c77fcbf69ab399efbaa0fb72fa405b2d92c502c6b64d21edc

Request headers

Referer: https://www.wexl.org/
Origin: https://www.wexl.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:30 GMT
via: 1.1 varnish, 1.1 varnish
age: 2347170
x-cache: HIT, HIT
x-cache-hits: 1, 9885
content-encoding: br
content-length: 86355
x-served-by: cache-iad-kcgs7200085-IAD, cache-hhn4079-HHN
last-modified: Thu, 31 Mar 2022 17:08:00 GMT
server: UploadServer
x-timer: S1651095690.201958,VS0,VE0
etag: "66b1de3aaf9e6685ccb40f11c2b9a9a6"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Mar 2023 17:41:59 GMT

GET
H2 200 moment-js-vendor-ac5d1bbd5d874f86c9e4f-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 381 KB
63 KB 10ms
8ms Script
text/javascript 151.101.64.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/moment-js-vendor-ac5d1bbd5d874f86c9e4f-min.en-US.js
Requested by: Host: www.wexl.org
URL: https://www.wexl.org/tynomite
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f890ccc79170bbc968c2c2052553b8f7a6b300d10a7181d6c6993dc016fdbce0

Request headers

Referer: https://www.wexl.org/
Origin: https://www.wexl.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:30 GMT
via: 1.1 varnish, 1.1 varnish
age: 2347169
x-cache: HIT, HIT
x-cache-hits: 1, 9707
content-encoding: br
content-length: 64783
x-served-by: cache-iad-kcgs7200106-IAD, cache-hhn4079-HHN
last-modified: Thu, 31 Mar 2022 17:07:26 GMT
server: UploadServer
x-timer: S1651095690.202214,VS0,VE0
etag: "15b4d2cb907c8a1b7ce550b524f54a8a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Mar 2023 17:41:59 GMT

GET
H2 200 cldr-resource-pack-51def4af8f210f9d1e4fa-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 119 KB
18 KB 9ms
8ms Script
text/javascript 151.101.64.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/cldr-resource-pack-51def4af8f210f9d1e4fa-min.en-US.js
Requested by: Host: www.wexl.org
URL: https://www.wexl.org/tynomite
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e140022b28f49866c83fc34eafbe550e1af89819eeb46b52d68ca1385402e3c6

Request headers

Referer: https://www.wexl.org/
Origin: https://www.wexl.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:30 GMT
via: 1.1 varnish, 1.1 varnish
age: 2347170
x-cache: HIT, HIT
x-cache-hits: 1, 10951
content-encoding: br
content-length: 18359
x-served-by: cache-iad-kiad7000112-IAD, cache-hhn4079-HHN
last-modified: Thu, 31 Mar 2022 17:07:34 GMT
server: UploadServer
x-timer: S1651095690.202213,VS0,VE0
etag: "f684b28d00d4cf606710a7f08420df46"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Mar 2023 17:41:59 GMT

GET
H2 200 common-vendors-stable-21627972afe15f645442b-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 240 KB
69 KB 10ms
8ms Script
text/javascript 151.101.64.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-21627972afe15f645442b-min.en-US.js
Requested by: Host: www.wexl.org
URL: https://www.wexl.org/tynomite
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f7c4aafd2597166d7192b560f072a466fed9c54d72e6e1dc311a0c9c6b0c2e76

Request headers

Referer: https://www.wexl.org/
Origin: https://www.wexl.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:30 GMT
via: 1.1 varnish, 1.1 varnish
age: 2347170
x-cache: HIT, HIT
x-cache-hits: 2, 9761
content-encoding: br
content-length: 70710
x-served-by: cache-iad-kiad7000080-IAD, cache-hhn4079-HHN
last-modified: Thu, 31 Mar 2022 17:07:03 GMT
server: UploadServer
x-timer: S1651095690.202185,VS0,VE0
etag: "78c57573056f37f4a39ff116794f5a9e"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Mar 2023 17:41:59 GMT

GET
H2 200 common-vendors-a34c8c7e7b49cef1381a6-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 576 KB
141 KB 23ms
22ms Script
text/javascript 151.101.64.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-a34c8c7e7b49cef1381a6-min.en-US.js
Requested by: Host: www.wexl.org
URL: https://www.wexl.org/tynomite
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0eaab559607fdc210e8484c5bfa05b420e072b0eff79f39732cb051acf897021

Request headers

Referer: https://www.wexl.org/
Origin: https://www.wexl.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:30 GMT
via: 1.1 varnish, 1.1 varnish
age: 453693
x-cache: HIT, HIT
x-cache-hits: 1, 8908
content-encoding: br
content-length: 143715
x-served-by: cache-iad-kiad7000075-IAD, cache-hhn4079-HHN
last-modified: Fri, 22 Apr 2022 14:37:35 GMT
server: UploadServer
x-timer: S1651095690.202656,VS0,VE0
etag: "116a06727fb9a3b6ca45a1d7f1b0ef54"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Apr 2023 15:39:55 GMT

GET
H2 200 common-fa03803b51ab0465f1277-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 776 KB
186 KB 18ms
16ms Script
text/javascript 151.101.64.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-fa03803b51ab0465f1277-min.en-US.js
Requested by: Host: www.wexl.org
URL: https://www.wexl.org/tynomite
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 4509f2fd94e3cabe71c48ce9ea040083ef1a9c07fbf0e95ee1f8fd6072fca28b

Request headers

Referer: https://www.wexl.org/
Origin: https://www.wexl.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:30 GMT
via: 1.1 varnish, 1.1 varnish
age: 192610
x-cache: HIT, HIT
x-cache-hits: 1, 8537
content-encoding: br
content-length: 189949
x-served-by: cache-iad-kjyo7100142-IAD, cache-hhn4079-HHN
last-modified: Mon, 25 Apr 2022 15:36:10 GMT
server: UploadServer
x-timer: S1651095690.202630,VS0,VE0
etag: "9c589a9e950e210668f1b33af91eeb15"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Apr 2023 16:11:21 GMT

GET
H2 200 user-account-core-cda824d8a0b6618964f2d-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 647 KB
157 KB 18ms
16ms Script
text/javascript 151.101.64.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/user-account-core-cda824d8a0b6618964f2d-min.en-US.js
Requested by: Host: www.wexl.org
URL: https://www.wexl.org/tynomite
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8e6674e74fddb72bfd2c6b00851c2172b7ca2b1d9392c29520f8a07fb8edf561

Request headers

Referer: https://www.wexl.org/
Origin: https://www.wexl.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:30 GMT
via: 1.1 varnish, 1.1 varnish
age: 453693
x-cache: HIT, HIT
x-cache-hits: 1, 21
content-encoding: br
content-length: 160902
x-served-by: cache-iad-kcgs7200167-IAD, cache-hhn4079-HHN
last-modified: Fri, 22 Apr 2022 14:37:11 GMT
server: UploadServer
x-timer: S1651095690.202610,VS0,VE0
etag: "65fe04ccd9dc687fcb4eeaf122114288"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Apr 2023 15:39:57 GMT

GET
H2 200 user-account-core-d41d8cd98f00b204e9800998ecf8427e-min.en-US.css
assets.squarespace.com/universal/styles-compressed/ 0
354 B 28ms
6ms Stylesheet
text/css 151.101.64.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/styles-compressed/user-account-core-d41d8cd98f00b204e9800998ecf8427e-min.en-US.css
Requested by: Host: www.wexl.org
URL: https://www.wexl.org/tynomite
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wexl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:30 GMT
via: 1.1 varnish, 1.1 varnish
age: 1940350
x-cache: HIT, HIT
x-cache-hits: 1, 10981
content-encoding: br
content-length: 1
x-served-by: cache-iad-kiad7000159-IAD, cache-hhn4020-HHN
last-modified: Wed, 23 Mar 2022 17:13:46 GMT
server: UploadServer
x-timer: S1651095690.063426,VS0,VE0
etag: "9eecb7db59d16c80417c72d1e1f4fbf1"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Apr 2023 10:42:20 GMT

GET
H2 200 performance-496e3739d1c4053c9ea16-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 25 KB
8 KB 17ms
16ms Script
text/javascript 151.101.64.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/performance-496e3739d1c4053c9ea16-min.en-US.js
Requested by: Host: www.wexl.org
URL: https://www.wexl.org/tynomite
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 9ae4ad9770e5aa4a4e8063188195c8bc42300dab8f133f05211d7036c43b236d

Request headers

Referer: https://www.wexl.org/
Origin: https://www.wexl.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:30 GMT
via: 1.1 varnish, 1.1 varnish
age: 1839205
x-cache: HIT, HIT
x-cache-hits: 1, 8897
content-encoding: br
content-length: 8078
x-served-by: cache-iad-kjyo7100040-IAD, cache-hhn4079-HHN
last-modified: Wed, 06 Apr 2022 14:13:00 GMT
server: UploadServer
x-timer: S1651095690.202597,VS0,VE0
etag: "14a81c0d58009dc774c2fc57f7ebc5e0"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Apr 2023 14:48:05 GMT

GET
H2 200 site.css
static1.squarespace.com/static/versioned-site-css/610973729a23b40dc7ca580f/103/5c5a519771c10ba3470d8101/610973729a23b40dc7ca5829/1219/ 903 KB
93 KB 48ms
11ms Stylesheet
text/css 151.101.192.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/versioned-site-css/610973729a23b40dc7ca580f/103/5c5a519771c10ba3470d8101/610973729a23b40dc7ca5829/1219/site.css

Requested by

Host: www.wexl.org
URL: https://www.wexl.org/tynomite

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.238 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

383fc3268ee0a63637a8393624dd12518467d16ce116617e5f9e2653231907ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wexl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13269
x-cache: HIT, HIT
x-contextid: DSgeVmQT/wxbgzSMF
x-cache-hits: 1, 1
content-length: 94369
x-served-by: cache-dfw18681-DFW, cache-hhn4052-HHN
pragma: cache
server: Squarespace
x-timer: S1651095690.104412,VS0,VE1
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 81 KB
32 KB 44ms
16ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=$GA_TRACKING_ID$

Requested by

Host: www.wexl.org
URL: https://www.wexl.org/tynomite

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c5381b5cd455b34611acb94001f1827144407153d61c6ff599b6761ed3a1391b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wexl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:30 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32650
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 21:06:21 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 27 Apr 2022 21:41:30 GMT

GET
H2 200 WeXL_LOGO_PURPLE.png
images.squarespace-cdn.com/content/v1/610973729a23b40dc7ca580f/bc3ac0e8-ea35-40f4-bfdc-9fe52cc86cf7/ 7 KB
7 KB 37ms
8ms Image
image/png 151.101.128.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/610973729a23b40dc7ca580f/bc3ac0e8-ea35-40f4-bfdc-9fe52cc86cf7/WeXL_LOGO_PURPLE.png?format=1500w
Requested by: Host: www.wexl.org
URL: https://www.wexl.org/tynomite
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5b34de5b1aca999ad6a9157f5bc7964ce6545dac2e8ff0f8e9dc174d98d74901

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wexl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:30 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 504549
x-cache: HIT, HIT
content-length: 6806
x-served-by: cache-iad-kcgs7200175-IAD, cache-hhn4026-HHN
x-timer: S1651095690.229603,VS0,VE1
tracepoint: Fastly
etag: CLbRhoLYpPICEAE=
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 l
use.typekit.net/af/23e139/00000000000000007735e605/30/ 16 KB
17 KB 55ms
14ms Font
application/font-woff2 2a02:26f0:3500:7::17d8:4dd1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/23e139/00000000000000007735e605/30/l?subset_id=2&fvd=n5&v=3
Requested by: Host: www.wexl.org
URL: https://www.wexl.org/tynomite
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:7::17d8:4dd1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 58dc2f9ecbfa85accf8b5b67e283ba5b32fafc4769e6244a271ebb80d8a2efcf

Request headers

Referer: https://www.wexl.org/
Origin: https://www.wexl.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:30 GMT
server: nginx
etag: "e14b3e1c538ef57e7a1dbd33c45600ad6ff14122"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16720

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 32ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,700;1,300;1,700&family=Raleway:ital,wght@0,300;0,700;1,300;1,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.wexl.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 22:45:30 GMT
x-content-type-options: nosniff
age: 82560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 22:45:30 GMT

GET
H2 200 embed.js Show response
www.gofundme.com/static/js/ 704 B
1 KB 33ms
7ms Script
application/javascript 13.32.21.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gofundme.com/static/js/embed.js
Requested by: Host: www.wexl.org
URL: https://www.wexl.org/tynomite
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-51.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c47c1d105ddb366167adbe690d8df532256209722ec16e3fc098b37e8dacea0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wexl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 15:36:54 GMT
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Sun, 15 Jan 2023 00:00:00 GMT", rule-id="expire-at-one-year"
last-modified: Fri, 14 Jan 2022 00:36:16 GMT
server: AmazonS3
age: 8489077
etag: "fdd5bd638a91736670e6cf7c115e4069"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31557600,public
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 704
x-amz-cf-id: PUn4m_YU2sS7KaRURrR1Sn7_zCKEHwh5echrWGNLRB2exZxjMhIgUg==

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v26/ 46 KB
46 KB 14ms
12ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v26/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,700;1,300;1,700&family=Raleway:ital,wght@0,300;0,700;1,300;1,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.wexl.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 18:48:55 GMT
x-content-type-options: nosniff
age: 96755
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47312
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:15:33 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 26 Apr 2023 18:48:55 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v28/ 47 KB
47 KB 18ms
15ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,700;1,300;1,700&family=Raleway:ital,wght@0,300;0,700;1,300;1,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.wexl.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 22:46:00 GMT
x-content-type-options: nosniff
age: 82530
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47836
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:01:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 22:46:00 GMT

GET
H2 200 site-bundle.7dc978a6b4650d099c502385bd881929.js Show response
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 168 KB
43 KB 8ms
8ms Script
application/javascript 151.101.192.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.7dc978a6b4650d099c502385bd881929.js

Requested by

Host: www.wexl.org
URL: https://www.wexl.org/tynomite

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.238 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

4f00c6240c80fe1c5b9e2381fcbb44eae5b4ff774ef66ba5a4d22f15beb9ff6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wexl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97127
x-cache: HIT, HIT
x-contextid: kWhaFAkn/Tj8X2eEq
x-cache-hits: 2, 6246
content-length: 44186
x-served-by: cache-dfw18641-DFW, cache-hhn4052-HHN
pragma: cache
server: Squarespace
x-timer: S1651095690.262482,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/ 87 KB
28 KB 51ms
21ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js

Requested by

Host: www.wexl.org
URL: https://www.wexl.org/tynomite

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wexl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1976267
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27964
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15d95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Wn3TbgkCvj7Zi5HtMZPjigeEtxqTNABgAMUGeYx8UZLxkBGdOzL29vqkGqYREiwc4dOotk32yg5zi6ccq%2BLVh%2BwkpPImkMLJtr8xncgT9IfWfJW0beWoWA6LT3xNbMmixN5z2apBrTA%2Fst9QObckF37"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 702ab9005d2c23f7-ZRH
expires: Mon, 17 Apr 2023 21:41:30 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
38 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-97548702-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=$GA_TRACKING_ID$

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6efbf5fe6222b467c11d301ab3d0c4e9f5137a15a2023af3fe15ed653e3393b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wexl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:30 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38834
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 21:06:21 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 27 Apr 2022 21:41:30 GMT

GET
H2 200 settings Show response
www.wexl.org/api/1/performance/ 53 B
153 B 109ms
109ms XHR
application/json 198.185.159.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wexl.org/api/1/performance/settings
Requested by: Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/performance-496e3739d1c4053c9ea16-min.en-US.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.185.159.144 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software: Squarespace /
Resource Hash: b482daa082c32764d27b36957e88628b5888ed11d715321d26faf9b25887cb5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wexl.org/tynomite
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:30 GMT
x-contextid: Xwz0x8Na/rU4YCuRs
server: Squarespace
content-length: 53
vary: Accept-Encoding, User-Agent
content-type: application/json

GET
H2 200 floating-cart.bda27ce8b89f60a4f31e.js Show response
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 496 B
438 B 7ms
6ms Script
application/javascript 151.101.192.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/floating-cart.bda27ce8b89f60a4f31e.js

Requested by

Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.7dc978a6b4650d099c502385bd881929.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.238 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

1ba4db8a8b47e7401e2ce265e599728073542f70940cb889c6315f3c4e23da0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wexl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 706778
x-cache: HIT, HIT
x-contextid: XHEjbSPP/g9Tkr7GQ
x-cache-hits: 21291, 6958
content-length: 310
x-served-by: cache-dfw18661-DFW, cache-hhn4052-HHN
pragma: cache
server: Squarespace
x-timer: S1651095690.485018,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 user-account-link.438abf4f372b853364c9.js Show response
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 1022 B
634 B 7ms
7ms Script
application/javascript 151.101.192.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/user-account-link.438abf4f372b853364c9.js

Requested by

Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.7dc978a6b4650d099c502385bd881929.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.238 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

5355ec44c12fffe344c1e02fea96602eaae185e37a7266eb42471798ba380ca7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wexl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134511
x-cache: HIT, HIT
x-contextid: j2ff6GQR/IEwO8G3d
x-cache-hits: 5, 56
content-length: 511
x-served-by: cache-dfw18654-DFW, cache-hhn4052-HHN
pragma: cache
server: Squarespace
x-timer: S1651095690.485091,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 background-empty.3a95b68941c3c40fd893.js Show response
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 24 KB
7 KB 7ms
7ms Script
application/javascript 151.101.192.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/background-empty.3a95b68941c3c40fd893.js

Requested by

Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.7dc978a6b4650d099c502385bd881929.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.238 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

50082afeead0afa4573015bc3dcf08a35f3ecdbe660ffba92f905c00e03665bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wexl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 706776
x-cache: HIT, HIT
x-contextid: pARxdObx/5wbfv8Ge
x-cache-hits: 17, 10
content-length: 6753
x-served-by: cache-dfw18670-DFW, cache-hhn4052-HHN
pragma: cache
server: Squarespace
x-timer: S1651095690.485599,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 l
use.typekit.net/af/1be3c2/00000000000000007735e606/30/ 16 KB
16 KB 14ms
14ms Font
application/font-woff2 2a02:26f0:3500:7::17d8:4dd1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/1be3c2/00000000000000007735e606/30/l?subset_id=2&fvd=n3&v=3
Requested by: Host: www.wexl.org
URL: https://www.wexl.org/tynomite
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:7::17d8:4dd1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: f1096de525ecd4549a0dea1507686fd365db607cddc697686b0f7ce81a9bdbab

Request headers

Referer: https://www.wexl.org/
Origin: https://www.wexl.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:30 GMT
server: nginx
etag: "a17c0961becf60ba50f5bf6f83483b71ca33505e"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16488

GET
H2 200 l
use.typekit.net/af/2555e1/00000000000000007735e603/30/ 16 KB
17 KB 16ms
16ms Font
application/font-woff2 2a02:26f0:3500:7::17d8:4dd1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2555e1/00000000000000007735e603/30/l?subset_id=2&fvd=n7&v=3
Requested by: Host: www.wexl.org
URL: https://www.wexl.org/tynomite
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:7::17d8:4dd1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 81a6361b1f6ff5f9f6ca05b773fb993d7b7b3f668635ccba4379fa3ecb9a7e3e

Request headers

Referer: https://www.wexl.org/
Origin: https://www.wexl.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:30 GMT
server: nginx
etag: "d6bfc4d27afeb61a1128d9c149ee5ed369aa27c3"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16832

GET
H2 200 l
use.typekit.net/af/79862c/00000000000000007735e60e/30/ 17 KB
17 KB 18ms
18ms Font
application/font-woff2 2a02:26f0:3500:7::17d8:4dd1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/79862c/00000000000000007735e60e/30/l?subset_id=2&fvd=i5&v=3
Requested by: Host: www.wexl.org
URL: https://www.wexl.org/tynomite
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:7::17d8:4dd1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b4e1e58a7a609cf1313dc14ec228403aed7a9d2460b6336a4287b8de1c341950

Request headers

Referer: https://www.wexl.org/
Origin: https://www.wexl.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:30 GMT
server: nginx
etag: "f9e1fb43c1d2d27fcf0bfbab9373fa000fe761ca"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17284

GET
H2 200 l
use.typekit.net/af/4de20a/00000000000000007735e604/30/ 17 KB
17 KB 20ms
20ms Font
application/font-woff2 2a02:26f0:3500:7::17d8:4dd1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4de20a/00000000000000007735e604/30/l?subset_id=2&fvd=i7&v=3
Requested by: Host: www.wexl.org
URL: https://www.wexl.org/tynomite
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:7::17d8:4dd1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5aa4d710eb97e7dc65d20f8a3b814646481b69ad60a513bfd95fa8bdcdc71eb6

Request headers

Referer: https://www.wexl.org/
Origin: https://www.wexl.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:30 GMT
server: nginx
etag: "a7173d64afba2671b7fdf3dc01ded3412e73bdc3"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17284

GET
H2 200 l
use.typekit.net/af/1ba16c/00000000000000007735bb5a/30/ 17 KB
17 KB 34ms
33ms Font
application/font-woff2 2a02:26f0:3500:7::17d8:4dd1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/1ba16c/00000000000000007735bb5a/30/l?subset_id=2&fvd=n5&v=3
Requested by: Host: www.wexl.org
URL: https://www.wexl.org/tynomite
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:7::17d8:4dd1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4e48248515dcf2b585e2895fe1b9aef6b9b7c8a09f51be44f3c06b6a1fb2b3ae

Request headers

Referer: https://www.wexl.org/
Origin: https://www.wexl.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:30 GMT
server: nginx
etag: "ff11c01fc0198964d9fef297e4e347ff35c42879"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17356

GET
H2 200 R6cCMpPpq38 Show response
www.youtube.com/embed/ Frame B615 62 KB
27 KB 68ms
47ms Document
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/R6cCMpPpq38?wmode=opaque&enablejsapi=1

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-21627972afe15f645442b-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a66a4d6c7ece15afe1f5bc4026501afbf05c20964f505ff84b56760fce0f3270

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wexl.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Wed, 27 Apr 2022 21:41:30 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 DfnCTkYYCKI Show response
www.youtube.com/embed/ Frame 9F44 61 KB
26 KB 71ms
53ms Document
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/DfnCTkYYCKI?wmode=opaque&enablejsapi=1

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-21627972afe15f645442b-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

34ef86b5824cdbbe252414bf72133d11f08163adb910e43fcde0c0bd41989e69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wexl.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Wed, 27 Apr 2022 21:41:30 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 921 B
996 B 40ms
16ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=__grecaptchaOnLoadCallback&render=explicit

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-fa03803b51ab0465f1277-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

db61fbfb9e15c7371cc7d82daef4b57243a17129a7797f3af5d057d010c95b88

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wexl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 583
x-xss-protection: 1; mode=block
expires: Wed, 27 Apr 2022 21:41:30 GMT

POST
H2 200 RecordHit Show response
www.wexl.org/api/census/ 17 B
111 B 121ms
121ms XHR
application/json 198.185.159.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wexl.org/api/census/RecordHit

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-a34c8c7e7b49cef1381a6-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.185.159.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wexl.org/tynomite
X-CSRF-Token: BUxdK1ptKSkgMTc1OTE1Y2U1MmUyMDY4MWEzYzg2MzMxNDZjOGFk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 27 Apr 2022 21:41:30 GMT
x-content-type-options: nosniff
server: Squarespace
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=0
content-type: application/json;charset=utf-8
x-contextid: Xwz0x8Na/k9tPPbaq
content-length: 17

POST
H2 200 form-render Show response
www.wexl.org/api/census/ 17 B
59 B 136ms
136ms XHR
application/json 198.185.159.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wexl.org/api/census/form-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-a34c8c7e7b49cef1381a6-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.185.159.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wexl.org/tynomite
X-CSRF-Token: BUxdK1ptKSkgMTc1OTE1Y2U1MmUyMDY4MWEzYzg2MzMxNDZjOGFk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 27 Apr 2022 21:41:30 GMT
x-content-type-options: nosniff
server: Squarespace
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=0
content-type: application/json;charset=utf-8
x-contextid: Xwz0x8Na/JihYXkoz
content-length: 17

POST
H2 200 button-render Show response
www.wexl.org/api/census/ 17 B
60 B 132ms
132ms XHR
application/json 198.185.159.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wexl.org/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-a34c8c7e7b49cef1381a6-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.185.159.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wexl.org/tynomite
X-CSRF-Token: BUxdK1ptKSkgMTc1OTE1Y2U1MmUyMDY4MWEzYzg2MzMxNDZjOGFk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 27 Apr 2022 21:41:30 GMT
x-content-type-options: nosniff
server: Squarespace
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=0
content-type: application/json;charset=utf-8
x-contextid: Xwz0x8Na/qnpxrV6i
content-length: 17

POST
H2 200 button-render Show response
www.wexl.org/api/census/ 17 B
59 B 132ms
132ms XHR
application/json 198.185.159.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wexl.org/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-a34c8c7e7b49cef1381a6-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.185.159.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wexl.org/tynomite
X-CSRF-Token: BUxdK1ptKSkgMTc1OTE1Y2U1MmUyMDY4MWEzYzg2MzMxNDZjOGFk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 27 Apr 2022 21:41:30 GMT
x-content-type-options: nosniff
server: Squarespace
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=0
content-type: application/json;charset=utf-8
x-contextid: Xwz0x8Na/RI3odLEC
content-length: 17

POST
H2 200 button-render Show response
www.wexl.org/api/census/ 17 B
59 B 140ms
140ms XHR
application/json 198.185.159.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wexl.org/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-a34c8c7e7b49cef1381a6-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.185.159.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wexl.org/tynomite
X-CSRF-Token: BUxdK1ptKSkgMTc1OTE1Y2U1MmUyMDY4MWEzYzg2MzMxNDZjOGFk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 27 Apr 2022 21:41:30 GMT
x-content-type-options: nosniff
server: Squarespace
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=0
content-type: application/json;charset=utf-8
x-contextid: Xwz0x8Na/oEbF25Fl
content-length: 17

GET
H2

200

medium Show response
www.gofundme.com/f/help-bring-tynomite-to-life/widget/ Frame 3C35
Redirect Chain

https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium/
https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium

346 KB
52 KB

222ms
222ms

Document
text/html

13.32.21.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
Requested by: Host: www.gofundme.com
URL: https://www.gofundme.com/static/js/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-51.fra56.r.cloudfront.net
Software: nginx / Next.js
Resource Hash: 42bf8a88695144bb005734574e54b19b301270067daea818c559a40532bdaca4

Request headers

Referer: https://www.wexl.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 27 Apr 2022 21:41:30 GMT
etag: "567bd-rvCHSHAqBhwKp55j0KF6rEHuCaQ"
server: nginx
vary: Accept-Encoding
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
x-amz-cf-id: O3ZVYGref8gDfpzo6C1y-wNKYGBKWydxfvvZ2uK_xxAj1lqXS27luA==
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
x-powered-by: Next.js

Redirect headers

age: 5
content-length: 162
content-type: text/html
date: Wed, 27 Apr 2022 21:41:25 GMT
location: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
server: nginx
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
x-amz-cf-id: _oBy5xwyJNz619TIVH2zd-adg64KP0xkRmJN1SEk5O1ev044AdDo6A==
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront

GET
H2 200 p.gif
p.typekit.net/ 35 B
214 B 72ms
18ms Image
image/gif 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=2&k=646866_610973729a23b40dc7ca580f&ht=tk&h=www.wexl.org&f=5474.25136.139.25137.140.39496&a=646866&js=1.21.0&app=typekit&e=js&_=1651095690589
Requested by: Host: www.wexl.org
URL: https://www.wexl.org/tynomite
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wexl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:30 GMT
last-modified: Sat, 09 Oct 2021 02:10:03 GMT
server: nginx
etag: "6160f9fb-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-97548702-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wexl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5059
date: Wed, 27 Apr 2022 20:17:11 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 27 Apr 2022 22:17:11 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/ 364 KB
145 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=__grecaptchaOnLoadCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4d47dd6793fe24c23ab3c34f630ce5d0f42ef12a9e19eabd2fba286296647e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wexl.org/
Origin: https://www.wexl.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:24:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147479
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 04:06:57 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Apr 2023 21:24:01 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/534c466c/ Frame B615 346 KB
46 KB 31ms
15ms Stylesheet
text/css 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/534c466c/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/R6cCMpPpq38?wmode=opaque&enablejsapi=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af6f2c85ecc99d72bcc3598161f057c701338bfe66584d9d588dfe3ea6fafd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/R6cCMpPpq38?wmode=opaque&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 19:35:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7540
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47506
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 00:15:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 27 Apr 2023 19:35:50 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/534c466c/www-embed-player.vflset/ Frame B615 278 KB
86 KB 27ms
12ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/534c466c/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/R6cCMpPpq38?wmode=opaque&enablejsapi=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

095e9c8ccd5f0d3e01056097d0dba6ed3860ede26cda210079d9321b287ea18a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/R6cCMpPpq38?wmode=opaque&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 14:48:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 543179
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87611
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 00:15:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 21 Apr 2023 14:48:31 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/534c466c/player_ias.vflset/de_DE/ Frame B615 2 MB
524 KB 46ms
31ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/534c466c/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/R6cCMpPpq38?wmode=opaque&enablejsapi=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78957815b251475c6757b01b8d2b1172210ce4c041365d4f31efd41ba628b1e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/R6cCMpPpq38?wmode=opaque&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 14:50:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 543041
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 536510
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 00:15:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 21 Apr 2023 14:50:49 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/534c466c/fetch-polyfill.vflset/ Frame B615 9 KB
3 KB 42ms
28ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/534c466c/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/R6cCMpPpq38?wmode=opaque&enablejsapi=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/R6cCMpPpq38?wmode=opaque&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 20:18:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5004
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 00:15:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 27 Apr 2023 20:18:06 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/534c466c/ Frame 9F44 346 KB
46 KB 31ms
18ms Stylesheet
text/css 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/534c466c/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/DfnCTkYYCKI?wmode=opaque&enablejsapi=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af6f2c85ecc99d72bcc3598161f057c701338bfe66584d9d588dfe3ea6fafd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/DfnCTkYYCKI?wmode=opaque&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 19:35:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7540
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47506
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 00:15:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 27 Apr 2023 19:35:50 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/534c466c/www-embed-player.vflset/ Frame 9F44 278 KB
86 KB 41ms
28ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/534c466c/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/DfnCTkYYCKI?wmode=opaque&enablejsapi=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

095e9c8ccd5f0d3e01056097d0dba6ed3860ede26cda210079d9321b287ea18a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/DfnCTkYYCKI?wmode=opaque&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 14:48:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 543179
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87611
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 00:15:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 21 Apr 2023 14:48:31 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/534c466c/player_ias.vflset/de_DE/ Frame 9F44 2 MB
524 KB 46ms
33ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/534c466c/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/DfnCTkYYCKI?wmode=opaque&enablejsapi=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78957815b251475c6757b01b8d2b1172210ce4c041365d4f31efd41ba628b1e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/DfnCTkYYCKI?wmode=opaque&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 14:50:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 543041
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 536510
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 00:15:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 21 Apr 2023 14:50:49 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/534c466c/fetch-polyfill.vflset/ Frame 9F44 9 KB
3 KB 43ms
30ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/534c466c/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/DfnCTkYYCKI?wmode=opaque&enablejsapi=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/DfnCTkYYCKI?wmode=opaque&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 20:18:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5004
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 00:15:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 27 Apr 2023 20:18:06 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B615 15 KB
15 KB 27ms
10ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/R6cCMpPpq38?wmode=opaque&enablejsapi=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 123805
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 26 Apr 2023 11:18:05 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9F44 15 KB
15 KB 28ms
11ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/DfnCTkYYCKI?wmode=opaque&enablejsapi=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 123805
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 26 Apr 2023 11:18:05 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 40ms
20ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1721895696&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wexl.org%2Ftynomite&ul=en-us&de=UTF-8&dt=TYNOMITE!!%20%E2%80%94%20WeXL%20%7C%20Creators%20For%20An%20Equitable%20World&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1911781430&gjid=1070502737&cid=1711767771.1651095691&tid=UA-97548702-1&_gid=134626401.1651095691&_r=1&gtm=2ou4p0&did=dZjQwMz&gdid=dZjQwMz&z=494203194

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wexl.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 21:41:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wexl.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame A62F 42 KB
22 KB 53ms
29ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdS-kUaAAAAAFb999kSImoypXQ48pRzdtfjCoK3&co=aHR0cHM6Ly93d3cud2V4bC5vcmc6NDQz&hl=de&v=QENb_qRrX0-mQMyENQjD6Fuj&theme=dark&size=normal&cb=cpmjz5ned1ep

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

458f300e4b29ae98dcd3ce514add1240c99e42f16a3bdaaf794fd1c83caab5c8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-L30pYqv9DhfLM2bfIHP9+w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wexl.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22564
content-security-policy: script-src 'report-sample' 'nonce-L30pYqv9DhfLM2bfIHP9+w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 21:41:30 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
438 B 61ms
20ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-97548702-1&cid=1711767771.1651095691&jid=1911781430&gjid=1070502737&_gid=134626401.1651095691&_u=YEBAAUAAAAAAAC~&z=602523867

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wexl.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 27 Apr 2022 21:41:30 GMT
content-type: text/plain
access-control-allow-origin: https://www.wexl.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/ Frame A62F 51 KB
24 KB 27ms
9ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdS-kUaAAAAAFb999kSImoypXQ48pRzdtfjCoK3&co=aHR0cHM6Ly93d3cud2V4bC5vcmc6NDQz&hl=de&v=QENb_qRrX0-mQMyENQjD6Fuj&theme=dark&size=normal&cb=cpmjz5ned1ep

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:29:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 04:06:57 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Apr 2023 14:29:13 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/ Frame A62F 364 KB
144 KB 30ms
13ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4d47dd6793fe24c23ab3c34f630ce5d0f42ef12a9e19eabd2fba286296647e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:24:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147479
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 04:06:57 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Apr 2023 21:24:01 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame B615
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

40ms
25ms

XHR
application/json

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/R6cCMpPpq38?wmode=opaque&enablejsapi=1

Protocol

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d7c5e4b4672867b08e5402ff4cf79df0e35ab34b859db1a182b952b7bca9984

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 27 Apr 2022 21:41:30 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame B615 29 B
588 B 61ms
7ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/534c466c/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:38:11 GMT
x-content-type-options: nosniff
age: 199
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Apr 2022 21:53:11 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 9F44
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

41ms
26ms

XHR
application/json

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/DfnCTkYYCKI?wmode=opaque&enablejsapi=1

Protocol

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb53f807e4c0dcad0404b2860de50e050584e6511b1541acc7b730c810d7181e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 27 Apr 2022 21:41:30 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 9F44 29 B
89 B 51ms
8ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/534c466c/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:38:11 GMT
x-content-type-options: nosniff
age: 199
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Apr 2022 21:53:11 GMT

GET
H2 200 CircularXXWeb-Bold.woff2
www.gofundme.com/fonts/ Frame 3C35 72 KB
73 KB 10ms
8ms Font
font/woff2 13.32.21.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gofundme.com/fonts/CircularXXWeb-Bold.woff2
Requested by: Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-51.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7387021408574afb13687c47d583f43c70cf9511d5dfd772be64f8ec975895a8

Request headers

Referer: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
Origin: https://www.gofundme.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 27 Apr 2022 02:13:21 GMT
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
last-modified: Tue, 23 Nov 2021 21:37:34 GMT
server: AmazonS3
age: 70206
etag: "0796c564b3ca9bbf97c065949d757d6c"
x-cache: Hit from cloudfront
content-type: font/woff2
cache-control: public, immutable, max-age=31536000
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 74059
x-amz-cf-id: EOAltx3Luholzjhl6tY4VvvT8z3wBFsHLU4g2YFVUHa7mEeLV5T1Cw==

GET
H2 200 CircularXXWeb-Regular.woff2
www.gofundme.com/fonts/ Frame 3C35 69 KB
69 KB 15ms
14ms Font
font/woff2 13.32.21.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gofundme.com/fonts/CircularXXWeb-Regular.woff2
Requested by: Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-51.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52ae61c0720ae779b166ba75eb15923913725a390383be86868c33bfc191c1fe

Request headers

Referer: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
Origin: https://www.gofundme.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 27 Apr 2022 03:26:29 GMT
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
last-modified: Tue, 23 Nov 2021 21:37:13 GMT
server: AmazonS3
age: 65771
etag: "c65bc20b5c2102386f484979b51049a6"
x-cache: Hit from cloudfront
content-type: font/woff2
cache-control: public, immutable, max-age=31536000
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 70287
x-amz-cf-id: 6fykUEFkTa0kYRfqv4CQFmmMS0APsec5-kQgw5QiXCiUjt1ObkZNiw==

GET
H2 200 11925de3ad2f527f86ce.css
www.gofundme.com/_next/static/css/ Frame 3C35 87 KB
13 KB 24ms
23ms Stylesheet
text/css 13.32.21.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gofundme.com/_next/static/css/11925de3ad2f527f86ce.css
Requested by: Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-51.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 58d31cb9d33d4f43469b4c31183578a121cb2ba92dfaaad1d998dfca812088c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 19:39:04 GMT
content-encoding: gzip
last-modified: Thu, 21 Apr 2022 19:07:47 GMT
server: nginx
age: 525746
etag: W/"15bd8-1804d85fb3b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=UTF-8
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: agXuhatColvRAKUJ2uz851YqiCxl2hgD6mzOaihTQ2T2AxDVHbkblw==

GET
H2 200 b44190670dc7e23452dd.css
www.gofundme.com/_next/static/css/ Frame 3C35 74 KB
10 KB 25ms
24ms Stylesheet
text/css 13.32.21.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gofundme.com/_next/static/css/b44190670dc7e23452dd.css
Requested by: Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-51.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: ca46689794100df4f1f46450f1b5393b42b0201c0a6102fa370d4521751e49f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 19:38:59 GMT
content-encoding: gzip
last-modified: Thu, 21 Apr 2022 19:07:47 GMT
server: nginx
age: 525751
etag: W/"126a9-1804d85fb87"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=UTF-8
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: 0ailuU3ARDGHwNO-8QoE8_bwCp0J-1gz46c-ueLKgYJDdr6tTXTyrw==

GET
H2 200 4fe69accd669ac9bb4e9.css
www.gofundme.com/_next/static/css/ Frame 3C35 2 KB
1021 B 25ms
25ms Stylesheet
text/css 13.32.21.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gofundme.com/_next/static/css/4fe69accd669ac9bb4e9.css
Requested by: Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-51.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 6878494911fcfdccde922348605c3cc9289d26c8321f421ba9cdad47defae25c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 19:23:46 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2022 18:52:27 GMT
server: nginx
age: 1131464
etag: W/"87b-180296b6bbf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=UTF-8
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: UrIu_Yx3rHEV6jq4G-U-gcXnVByjFf81xdNgGdWEGTf5daIEI3uH1w==

GET
H2 200 webpack-90da041ca9df29fe7499.js Show response
www.gofundme.com/_next/static/chunks/ Frame 3C35 6 KB
3 KB 11ms
9ms Script
application/javascript 13.32.21.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gofundme.com/_next/static/chunks/webpack-90da041ca9df29fe7499.js
Requested by: Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-51.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 3b8f19eb63a03fc43418c949401ee749fc9c4cecdda34a6338131ba214255011

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 19:39:01 GMT
content-encoding: gzip
last-modified: Thu, 21 Apr 2022 19:07:47 GMT
server: nginx
age: 525750
etag: W/"1896-1804d85fb7b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: M_1rBW6BavT617OqgEkkxN18CtUXnzAqsq1QUt9gYJHibE7gzTKEyw==

GET
H2 200 framework-2de379ab414b4274b7ff.js Show response
www.gofundme.com/_next/static/chunks/ Frame 3C35 146 KB
45 KB 12ms
9ms Script
application/javascript 13.32.21.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gofundme.com/_next/static/chunks/framework-2de379ab414b4274b7ff.js
Requested by: Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-51.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 8b1bdb8dcef31726354a858b4da347b5c090e01151455ab3cbb9863626608880

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 19:23:48 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2022 18:52:27 GMT
server: nginx
age: 1131463
etag: W/"248be-180296b6c2f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: S_xFjzt0DCTqXbP3WMmXeOdqJHi3SeMBs7RVyC0kVmwRpIIfqxh4wA==

GET
H2 200 main-35ba8e1be6635ec7b921.js Show response
www.gofundme.com/_next/static/chunks/ Frame 3C35 81 KB
25 KB 11ms
9ms Script
application/javascript 13.32.21.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gofundme.com/_next/static/chunks/main-35ba8e1be6635ec7b921.js
Requested by: Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-51.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 8fe7f93aae648e4fb320b90822ab283c97698db81478185f2368745ecf0f86fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 19:23:40 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2022 18:52:27 GMT
server: nginx
age: 1131471
etag: W/"1426d-180296b6bbf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: xntlmCXb1O4_k60v1LjK3oXrftKk4DjGUc5d5snpBgjD_G2TB5wiwA==

GET
H2 200 _app-439492015c33b74c470c.js Show response
www.gofundme.com/_next/static/chunks/pages/ Frame 3C35 2 MB
412 KB 12ms
10ms Script
application/javascript 13.32.21.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gofundme.com/_next/static/chunks/pages/_app-439492015c33b74c470c.js
Requested by: Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-51.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 69685585b65f0bd255a1aeb48364a80773e33bcd185d56555320f33bdc8b5957

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 22:28:16 GMT
content-encoding: gzip
last-modified: Fri, 22 Apr 2022 22:10:58 GMT
server: nginx
age: 429195
etag: W/"19b4f9-18053540a7f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: D4ivpeDqhizQMrg1xPgYH1XQO1wi8nq7lY_1VfnHWDcMFwahB8XrDQ==

GET
H2 200 8773-e2fe7acb5e1ab0e2dd0b.js Show response
www.gofundme.com/_next/static/chunks/ Frame 3C35 380 KB
87 KB 28ms
26ms Script
application/javascript 13.32.21.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gofundme.com/_next/static/chunks/8773-e2fe7acb5e1ab0e2dd0b.js
Requested by: Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-51.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 0444d9ed5cf970b79756975b451452d4d5f25e98023722385b19596739d81a03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 19:39:00 GMT
content-encoding: gzip
last-modified: Thu, 21 Apr 2022 19:07:47 GMT
server: nginx
age: 525751
etag: W/"5eebe-1804d85fb87"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: mTVYfylyiM3SBDZ_3hGKDT6ejBFO3mmmU82_CgAbLCa6pwuq85CH3A==

GET
H2 200 8916-19060749e9bd8193695c.js Show response
www.gofundme.com/_next/static/chunks/ Frame 3C35 497 KB
120 KB 31ms
29ms Script
application/javascript 13.32.21.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gofundme.com/_next/static/chunks/8916-19060749e9bd8193695c.js
Requested by: Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-51.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 9e65860ead088b288f450d2585f9a756c45e9e59895f0657a16e58a681065e88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 19:39:02 GMT
content-encoding: gzip
last-modified: Thu, 21 Apr 2022 19:07:47 GMT
server: nginx
age: 525749
etag: W/"7c57e-1804d85fb87"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: ouijuSawME1bRKhTML-pBWfbI9D-3OvKeP-0D2RoHXG1YqMurSSpfA==

GET
H2 200 6733-b03fe640121e0ccc07ad.js Show response
www.gofundme.com/_next/static/chunks/ Frame 3C35 10 KB
4 KB 29ms
27ms Script
application/javascript 13.32.21.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gofundme.com/_next/static/chunks/6733-b03fe640121e0ccc07ad.js
Requested by: Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-51.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 829fcc8d760190e6103b4787463b47f9bcaca6c0d1d2803fd6182b570aa9ceba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 19:39:04 GMT
content-encoding: gzip
last-modified: Thu, 21 Apr 2022 19:07:47 GMT
server: nginx
age: 525747
etag: W/"27b1-1804d85fb87"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: TkDGfcFPWLftqWX5QCywwJb7Qfq_hFH3hVrmTlxpQLH9zlQKBhi9uA==

GET
H2 200 9346-eb06f08e4d66cf8bd372.js Show response
www.gofundme.com/_next/static/chunks/ Frame 3C35 25 KB
8 KB 29ms
28ms Script
application/javascript 13.32.21.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gofundme.com/_next/static/chunks/9346-eb06f08e4d66cf8bd372.js
Requested by: Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-51.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: cc96b1aa8a2e8765ef4617ab3f7fe74f6446cd5d0ea1bf4e7d301ed08b85b8ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 19:23:39 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2022 18:52:27 GMT
server: nginx
age: 1131472
etag: W/"62d1-180296b6c37"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: n1VxKvl4YwNTPd3oxIqoSYHmdWA_pa8j1sKcXaNPpJudrFNbXa1Nag==

GET
H2 200 1389-b11ca074d863adeb1e54.js Show response
www.gofundme.com/_next/static/chunks/ Frame 3C35 20 KB
7 KB 30ms
28ms Script
application/javascript 13.32.21.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gofundme.com/_next/static/chunks/1389-b11ca074d863adeb1e54.js
Requested by: Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-51.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: c3d1ab3a386ac9a294b10e90ef7b9da329b83f1f36b42328b03a8642baf214df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 19:23:49 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2022 18:52:27 GMT
server: nginx
age: 1131462
etag: W/"502a-180296b6c37"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: -WDY_9q_fmSuCXZrVwGAOXQzn6csW86CMOeeaaBzcHEYZ8orxRXgTA==

GET
H2 200 5396-8355311a6b0f1e27f9ef.js Show response
www.gofundme.com/_next/static/chunks/ Frame 3C35 25 KB
9 KB 30ms
29ms Script
application/javascript 13.32.21.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gofundme.com/_next/static/chunks/5396-8355311a6b0f1e27f9ef.js
Requested by: Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-51.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: c152d0d0df0378fc80f8d44b07b2de0aa5e27503721c869e204beb4d3ed1b8ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 19:39:06 GMT
content-encoding: gzip
last-modified: Thu, 21 Apr 2022 19:07:47 GMT
server: nginx
age: 525745
etag: W/"62b1-1804d85fb97"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: yWEZxsOuS05dYHRiEXUHZIfh0r0VDJoQ0QUD7hL3Fq-HwudNH1C2bw==

GET
H2 200 731-a20a84d14d26ae788b51.js Show response
www.gofundme.com/_next/static/chunks/ Frame 3C35 182 KB
50 KB 33ms
32ms Script
application/javascript 13.32.21.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gofundme.com/_next/static/chunks/731-a20a84d14d26ae788b51.js
Requested by: Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-51.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: ac9f3d55b660a506581c2791a3a5cd121e17d69b9b10ef099f16c9c1f5901882

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 19:39:12 GMT
content-encoding: gzip
last-modified: Thu, 21 Apr 2022 19:07:47 GMT
server: nginx
age: 525739
etag: W/"2d989-1804d85fb97"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: 9Sc_QAHcOd9sUrYWqWIKSnimTBLkwLUCWJ0TGnJIOianzlLnkSeoXw==

GET
H2 200 764-3052dc407759987864bb.js Show response
www.gofundme.com/_next/static/chunks/ Frame 3C35 258 KB
64 KB 34ms
33ms Script
application/javascript 13.32.21.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gofundme.com/_next/static/chunks/764-3052dc407759987864bb.js
Requested by: Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-51.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: f22fbdebcfd128fa25b16905492582646b3c4ae90d3a70f8f6d7163578ef3181

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 19:39:01 GMT
content-encoding: gzip
last-modified: Thu, 21 Apr 2022 19:07:47 GMT
server: nginx
age: 525750
etag: W/"406fa-1804d85fb9f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: weyXzqoIEr75K-wctCFyf7EcEsZeOJBQ9R0G3YQ-DRTJAePU7_EKtQ==

GET
H2 200 %5Btype%5D-ba28595d37bbecbd0432.js Show response
www.gofundme.com/_next/static/chunks/pages/f/%5BcampaignUrl%5D/widget/ Frame 3C35 2 KB
1 KB 36ms
35ms Script
application/javascript 13.32.21.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gofundme.com/_next/static/chunks/pages/f/%5BcampaignUrl%5D/widget/%5Btype%5D-ba28595d37bbecbd0432.js
Requested by: Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-51.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: b74454deefbb15de437127fed9832cd0c97266e8049de653ef665a9ffb6895d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 19:39:00 GMT
content-encoding: gzip
last-modified: Thu, 21 Apr 2022 19:07:47 GMT
server: nginx
age: 525751
etag: W/"672-1804d85fb5b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: NbTOpGxT6Yyu96qKLKnHeXFKax6g6Gdhstshi6uXFCPYyvXDY1YQKA==

GET
H2 200 _buildManifest.js Show response
www.gofundme.com/_next/static/RnIeO7CmWVkVWf46jOq_r/ Frame 3C35 8 KB
2 KB 36ms
35ms Script
application/javascript 13.32.21.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gofundme.com/_next/static/RnIeO7CmWVkVWf46jOq_r/_buildManifest.js
Requested by: Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-51.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: c9cd6f4424f3f5f4a1486c19694f5f4621aff488f1c329ceef66fa33049b3ee8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 22:28:25 GMT
content-encoding: gzip
last-modified: Fri, 22 Apr 2022 22:10:58 GMT
server: nginx
age: 429186
etag: W/"1e9e-18053540a6f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: DFJBr1M6g2_RrArGMGUsALrWjwSgwbDQnxEVHtz2H_OYqy4KVTQIDQ==

GET
H2 200 _ssgManifest.js Show response
www.gofundme.com/_next/static/RnIeO7CmWVkVWf46jOq_r/ Frame 3C35 77 B
457 B 36ms
35ms Script
application/javascript 13.32.21.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gofundme.com/_next/static/RnIeO7CmWVkVWf46jOq_r/_ssgManifest.js
Requested by: Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-51.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 22:28:16 GMT
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
last-modified: Fri, 22 Apr 2022 22:10:58 GMT
server: nginx
age: 429195
etag: W/"4d-18053540a6f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 77
x-amz-cf-id: uyRoIKeHSYxYEQhvWmVZj8cuk0GVWNF4ZbctKg3P5UW3xYw8yNly9A==

GET
DATA 200
OK truncated
/ Frame A62F 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A62F 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame A62F 2 KB
2 KB 11ms
11ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 19:40:09 GMT
x-content-type-options: nosniff
age: 525681
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 28 Apr 2022 19:40:09 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A62F 15 KB
15 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 123805
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 26 Apr 2023 11:18:05 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 52ms
15ms Preflight
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 27 Apr 2022 21:41:31 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame B615 44 KB
22 KB 38ms
24ms XHR
application/json+protobuf 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/534c466c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

48db5f5c8a83c915630be7954426e31fde7a0f9dce1435097b5327ada7faa2d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 27 Apr 2022 21:41:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 22130
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/534c466c/player_ias.vflset/de_DE/ Frame B615 118 KB
37 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/534c466c/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/534c466c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc2727f6c5fed6de34d38219bc52410773f36d6070471d02ac291ae154160e69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/R6cCMpPpq38?wmode=opaque&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 14:53:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 542862
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37660
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 00:15:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 21 Apr 2023 14:53:48 GMT

GET
H3 200 mz7NBNV2Cg_tP0eo8e_kKg8I5SIuzjUX-Ml401fNPCc.js Show response
www.google.com/js/th/ Frame B615 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/mz7NBNV2Cg_tP0eo8e_kKg8I5SIuzjUX-Ml401fNPCc.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/534c466c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b3ecd04d5760a0fed3f47a8f1efe42a0f08e5222ece3517f8c978d357cd3c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 05:07:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13664
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 11:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Apr 2023 05:07:53 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/534c466c/player_ias.vflset/de_DE/ Frame B615 27 KB
8 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/534c466c/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/534c466c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0908f26f913f08109b7ed2df2ddf41da3ebc379fa679950761d214f2ca35b298

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/R6cCMpPpq38?wmode=opaque&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 14:50:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 543041
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8163
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 00:15:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 21 Apr 2023 14:50:50 GMT

GET
DATA 200
OK truncated
/ Frame B615 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLRzAj-FcDzBpw6AMeBsPNQspFVUgriCNY8SuZPDMA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame B615 3 KB
3 KB 57ms
6ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLRzAj-FcDzBpw6AMeBsPNQspFVUgriCNY8SuZPDMA=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/R6cCMpPpq38?wmode=opaque&enablejsapi=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d097571197c3a49208b98cd83e519c84a8e1b6fca064bbc09b9724f1a5614c8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 19:59:38 GMT
x-content-type-options: nosniff
age: 6113
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2695
x-xss-protection: 0
server: fife
etag: "v9d"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 21 Apr 2022 15:11:41 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/R6cCMpPpq38/ Frame B615 56 KB
56 KB 85ms
43ms Image
image/webp 2a00:1450:4001:827::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/R6cCMpPpq38/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/R6cCMpPpq38?wmode=opaque&enablejsapi=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97e63527ccd514eb60349df99f1d5ab8bd5631bc3b07861aa6c9103a2a500726

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:31 GMT
x-content-type-options: nosniff
server: sffe
etag: "1651000810"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=300
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56918
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 27 Apr 2022 21:46:31 GMT

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 16ms
15ms Preflight
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 27 Apr 2022 21:41:31 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 9F44 44 KB
22 KB 21ms
21ms XHR
application/json+protobuf 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/534c466c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b61ce71a5d280d5357c00b2bc32a93a2a9449c0c16f18773810340ea203f94d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 27 Apr 2022 21:41:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 22188
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/534c466c/player_ias.vflset/de_DE/ Frame 9F44 118 KB
37 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/534c466c/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/534c466c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc2727f6c5fed6de34d38219bc52410773f36d6070471d02ac291ae154160e69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/DfnCTkYYCKI?wmode=opaque&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 14:53:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 542863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37660
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 00:15:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 21 Apr 2023 14:53:48 GMT

GET
H3 200 mz7NBNV2Cg_tP0eo8e_kKg8I5SIuzjUX-Ml401fNPCc.js Show response
www.google.com/js/th/ Frame 9F44 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/mz7NBNV2Cg_tP0eo8e_kKg8I5SIuzjUX-Ml401fNPCc.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/534c466c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b3ecd04d5760a0fed3f47a8f1efe42a0f08e5222ece3517f8c978d357cd3c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 05:07:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59618
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13664
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 11:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Apr 2023 05:07:53 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/534c466c/player_ias.vflset/de_DE/ Frame 9F44 27 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/534c466c/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/534c466c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0908f26f913f08109b7ed2df2ddf41da3ebc379fa679950761d214f2ca35b298

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/DfnCTkYYCKI?wmode=opaque&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 14:50:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 543041
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8163
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 00:15:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 21 Apr 2023 14:50:50 GMT

GET
H2 200 logos-57fa7b02ddf9e5e08c849ebe09a0f712.svg
www.gofundme.com/_next/static/images/ Frame 3C35 23 KB
10 KB 37ms
36ms Other
image/svg+xml 13.32.21.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gofundme.com/_next/static/images/logos-57fa7b02ddf9e5e08c849ebe09a0f712.svg
Requested by: Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-51.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 96ca8cf41a85291cfcf7482d412f37b72631e1020eeeb6971d5d426ec43d58dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/f/help-bring-tynomite-to-life/widget/medium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 21:09:40 GMT
content-encoding: gzip
last-modified: Thu, 31 Mar 2022 20:42:17 GMT
server: nginx
age: 2334711
etag: W/"5dd8-17fe1b6f288"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: q4rCf29RmX8yYPEeJBW5c8YXNhM64qGIcgqsSlnLiSWsy58ip1u1Wg==

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame A62F 102 B
134 B 18ms
18ms Other
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=QENb_qRrX0-mQMyENQjD6Fuj

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

20b97f4764680efdd44b021cb57bfb2b93850d0aaf8af024986393b0cb80f2d0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdS-kUaAAAAAFb999kSImoypXQ48pRzdtfjCoK3&co=aHR0cHM6Ly93d3cud2V4bC5vcmc6NDQz&hl=de&v=QENb_qRrX0-mQMyENQjD6Fuj&theme=dark&size=normal&cb=cpmjz5ned1ep
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 27 Apr 2022 21:41:31 GMT

GET
DATA 200
OK truncated
/ Frame 9F44 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 AKedOLRzAj-FcDzBpw6AMeBsPNQspFVUgriCNY8SuZPDMA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 9F44 3 KB
3 KB 36ms
14ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLRzAj-FcDzBpw6AMeBsPNQspFVUgriCNY8SuZPDMA=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/DfnCTkYYCKI?wmode=opaque&enablejsapi=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d097571197c3a49208b98cd83e519c84a8e1b6fca064bbc09b9724f1a5614c8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 19:59:38 GMT
x-content-type-options: nosniff
age: 6113
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2695
x-xss-protection: 0
server: fife
etag: "v9d"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 21 Apr 2022 15:11:41 GMT

GET
H3 200 sddefault.webp
i.ytimg.com/vi_webp/DfnCTkYYCKI/ Frame 9F44 9 KB
9 KB 36ms
14ms Image
image/webp 2a00:1450:4001:827::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/DfnCTkYYCKI/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/DfnCTkYYCKI?wmode=opaque&enablejsapi=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e8e622d0dee6022462e1ec5506bcf4252f3c4da42783c0e35ce1226fe28ac68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:17 GMT
x-content-type-options: nosniff
age: 14
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9306
x-xss-protection: 0
server: sffe
etag: "1651039312"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=300
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 27 Apr 2022 21:46:17 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 8114 7 KB
1 KB 21ms
21ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=QENb_qRrX0-mQMyENQjD6Fuj&k=6LdS-kUaAAAAAFb999kSImoypXQ48pRzdtfjCoK3

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5220d3a42727947ef436ac36684dacae58201f9f6580c4343d30af826c2dd44e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GHHwKufugsENNddixzjkuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wexl.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1113
content-security-policy: script-src 'report-sample' 'nonce-GHHwKufugsENNddixzjkuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 21:41:31 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H2 200 /
api.amplitude.com/ Frame 0
0 497ms
167ms Preflight 44.231.106.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.231.106.81 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-231-106-81.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: cross-origin-resource-policy
Access-Control-Request-Method: POST
Origin: https://www.gofundme.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-headers: cross-origin-resource-policy
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-length: 0
date: Wed, 27 Apr 2022 21:41:31 GMT
strict-transport-security: max-age=15768000

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 3C35 3 KB
2 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.gofundme.com
URL: https://www.gofundme.com/_next/static/chunks/pages/_app-439492015c33b74c470c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6b66681a243dc0f275889d26be85e0fddb7a7a20846dc178d08be632d38c926f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: lUyheyxs20tsBVCq8VDdTw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1684
x-fb-rlafr: 0
x-fb-debug: 7EW0DzsVC4o5fu56RfUVEdsnugid7ox1lGov6vcB3h1mYCVtRJbZ2TU/TnmZlFzyfxGgQcrMSpO/YTfp62AY/A==
x-fb-trip-id: 686109401
x-fb-content-md5: 252f108e85325d28f70e55ad729d5ebe
x-frame-options: DENY
date: Wed, 27 Apr 2022 21:41:31 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "b984ee11bba18e62ae4a1dae04ce6bba"
timing-allow-origin: *
expires: Wed, 27 Apr 2022 21:58:53 GMT

POST
H2 200 / Show response
api.amplitude.com/ Frame 3C35 7 B
167 B 171ms
171ms XHR
text/html 44.231.106.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: www.gofundme.com
URL: https://www.gofundme.com/_next/static/chunks/pages/_app-439492015c33b74c470c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.231.106.81 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-231-106-81.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.gofundme.com/
Cross-Origin-Resource-Policy: cross-origin
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 27 Apr 2022 21:41:32 GMT
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 3C35 376 KB
95 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TDTFTZ

Requested by

Host: www.gofundme.com
URL: https://www.gofundme.com/_next/static/chunks/pages/_app-439492015c33b74c470c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9090f47c1e3d692d9252fe3dc9ff2191320ce02b6700374970796ab8f74c7d38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:31 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96981
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 21:06:21 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 27 Apr 2022 21:41:31 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/ Frame 8114 51 KB
24 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=QENb_qRrX0-mQMyENQjD6Fuj&k=6LdS-kUaAAAAAFb999kSImoypXQ48pRzdtfjCoK3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 14:29:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25938
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 04:06:57 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Apr 2023 14:29:13 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/ Frame 8114 364 KB
144 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=QENb_qRrX0-mQMyENQjD6Fuj&k=6LdS-kUaAAAAAFb999kSImoypXQ48pRzdtfjCoK3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4d47dd6793fe24c23ab3c34f630ce5d0f42ef12a9e19eabd2fba286296647e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:24:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1050
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147479
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 04:06:57 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Apr 2023 21:24:01 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame B615 4 KB
2 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/534c466c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Apr 2022 21:41:31 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 9F44 4 KB
2 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/534c466c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Apr 2022 21:41:31 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame B615 0
9 B 12ms
11ms Image
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?OV3gIA
Requested by: Host: www.wexl.org
URL: https://www.wexl.org/tynomite
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/R6cCMpPpq38?wmode=opaque&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
www.youtube.com/ Frame 9F44 0
9 B 7ms
7ms Image
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?djlqSw
Requested by: Host: www.wexl.org
URL: https://www.wexl.org/tynomite
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/DfnCTkYYCKI?wmode=opaque&enablejsapi=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 3C35 288 KB
82 KB 30ms
16ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=20abe43dd947a9924acbfbbcadb1e619

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3245d40174971bed9521b047d18bc48f0617762f758304457410c4ba985d92a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.gofundme.com/
Origin: https://www.gofundme.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: fenZ4uYaC+BCQe0X4Hg5mA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84335
x-fb-rlafr: 0
x-fb-debug: R+IPnuzZkMRQMsgmrd34sKMHM9Kt8lwXkn68TnDTA2gK2AR3ekzLZbRMhBu/i1d2xvJUG7a1wt2nKsbL663l0g==
x-fb-content-md5: 1273bbd25baf8adce1fdf409695a69c9
x-frame-options: DENY
date: Wed, 27 Apr 2022 21:41:31 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "26d04e4b04cc446aa2d8a96ef44540b3"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 27 Apr 2023 19:48:25 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/101/ Frame B615 52 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/101/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f69d70bf8ce1e473f3659ee6c746035ae11ebbe9383c1857783e300458667e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 08:08:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48775
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15395
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 19:36:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 28 Apr 2022 08:08:36 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/101/ Frame 9F44 52 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/101/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f69d70bf8ce1e473f3659ee6c746035ae11ebbe9383c1857783e300458667e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 08:08:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48775
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15395
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 19:36:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 28 Apr 2022 08:08:36 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 9F44 98 B
142 B 34ms
33ms XHR
application/json+protobuf 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/534c466c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4f17e98b5934cb8d95d08e5eec02388278b52c7328dc2cc85fe0557c8a90bd18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 27 Apr 2022 21:41:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 21ms
21ms Preflight
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 27 Apr 2022 21:41:31 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 3C35 49 KB
20 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDTFTZ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5060
date: Wed, 27 Apr 2022 20:17:11 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 27 Apr 2022 22:17:11 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 3C35 185 KB
67 KB 33ms
33ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WF86BFEZ5L&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDTFTZ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

269fb483b3d7c5eb7a4439124d664050ee4c55982487bd52965a42c5e799b19d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:31 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68733
x-xss-protection: 0
expires: Wed, 27 Apr 2022 21:41:31 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ Frame 3C35 523 B
644 B 85ms
27ms Script
application/javascript 178.250.2.140
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=92896

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDTFTZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.140 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

94cce8b3eba9ea85bb0ff279276eb94a7767255fab88c55f1cca7c464beb5ea5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:31 GMT
content-encoding: br
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame B615 98 B
142 B 23ms
23ms XHR
application/json+protobuf 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/534c466c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

38939ac2175bb42df679f2a0ffffcd68a2c296bbc58cc86b1e1c4caa4b4207a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 27 Apr 2022 21:41:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 29ms
29ms Preflight
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 27 Apr 2022 21:41:31 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ Frame 3C35 2 KB
884 B 14ms
13ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:10:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1887
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 27 Apr 2022 22:10:04 GMT

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ Frame 3C35 40 KB
13 KB 87ms
25ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=92896

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

e17cc900f2c3e8e09d3a2d454c231fccc85c4d1c6164b05c1d5c482a51d21190

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:31 GMT
content-encoding: gzip
last-modified: Wed, 30 Mar 2022 22:51:55 GMT
server: nginx
etag: W/"6244df0b-a0be"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Apr 2022 21:41:31 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 3BDC 14 KB
6 KB 66ms
22ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.wexl.org&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

9f91c1388dbe365f97266d27ba1552f59cfbd080290b31a58b1e6c615e9fae1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.gofundme.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 5884
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 21:41:31 GMT
server-processing-duration-in-ticks: 2726
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 / Show response
api.amplitude.com/ Frame 3C35 7 B
167 B 166ms
165ms XHR
text/html 44.231.106.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: www.gofundme.com
URL: https://www.gofundme.com/_next/static/chunks/pages/_app-439492015c33b74c470c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.231.106.81 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-231-106-81.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.gofundme.com/
Cross-Origin-Resource-Policy: cross-origin
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 27 Apr 2022 21:41:32 GMT
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

OPTIONS
H2 200 /
api.amplitude.com/ Frame 0
0 160ms
159ms Preflight 44.231.106.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.231.106.81 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-231-106-81.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: cross-origin-resource-policy
Access-Control-Request-Method: POST
Origin: https://www.gofundme.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-headers: cross-origin-resource-policy
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-length: 0
date: Wed, 27 Apr 2022 21:41:32 GMT
strict-transport-security: max-age=15768000

GET
H2

200

sid Show response
mug.criteo.com/ Frame 3BDC
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=www.gofundme.com&sn=ChromeSyncframe&so=0&topUrl=www.wexl.org&lsw=1&topicsavail=0
https://mug.criteo.com/sid?cpp=7TlrGnxPNVp1ZGxhZGUxZ0Z5Q1QrcndLQXZCV09uNDUwZXpDZ2NMcVpNYlFkZUFXNVBkaHNJVDZtaHpSTVNRdFZwSTg2ZkJ0U3B5eEVDWld3S2RSVC81VkxzbENpVWRoMkJkWGZOUzNCOGJkcEkxS2dBODEzbTRwN1dPNj...

430 B
630 B

106ms
34ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=7TlrGnxPNVp1ZGxhZGUxZ0Z5Q1QrcndLQXZCV09uNDUwZXpDZ2NMcVpNYlFkZUFXNVBkaHNJVDZtaHpSTVNRdFZwSTg2ZkJ0U3B5eEVDWld3S2RSVC81VkxzbENpVWRoMkJkWGZOUzNCOGJkcEkxS2dBODEzbTRwN1dPNjc0ZDFDeTFxbjhsbjNvcEpEYnpiUU5ZYmpORjJPaGxMMGY3WGtEV29tSzFBckhIOHcwK2xTYVByZkJQRTVqcTkreWhsVm1NaUlDTGUwSjFxS0dFNzVpOCtOMzV3M3F2eG5abUtxUUk3WkwvaWpBVDB5L3NFdG41TW82MmhRcmFYcTVzZ1Q1RUc3UmI2amtEZjJWcnV6TmlXdy9GOVFkZm9jVjZ1VnU3R3h2M0VpTC9DdXpwST18&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

54220dafce2baa28e0fe792fa2e292392dcac65752968e27b41ed7a545e2e7ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 21:41:32 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4313
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 27 Apr 2022 21:41:31 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=7TlrGnxPNVp1ZGxhZGUxZ0Z5Q1QrcndLQXZCV09uNDUwZXpDZ2NMcVpNYlFkZUFXNVBkaHNJVDZtaHpSTVNRdFZwSTg2ZkJ0U3B5eEVDWld3S2RSVC81VkxzbENpVWRoMkJkWGZOUzNCOGJkcEkxS2dBODEzbTRwN1dPNjc0ZDFDeTFxbjhsbjNvcEpEYnpiUU5ZYmpORjJPaGxMMGY3WGtEV29tSzFBckhIOHcwK2xTYVByZkJQRTVqcTkreWhsVm1NaUlDTGUwSjFxS0dFNzVpOCtOMzV3M3F2eG5abUtxUUk3WkwvaWpBVDB5L3NFdG41TW82MmhRcmFYcTVzZ1Q1RUc3UmI2amtEZjJWcnV6TmlXdy9GOVFkZm9jVjZ1VnU3R3h2M0VpTC9DdXpwST18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1627
content-length: 567
expires: 0

GET
H2

200

event Show response
widget.us.criteo.com/ Frame 3C35
Redirect Chain

https://sslwidget.criteo.com/event?a=92896&v=5.9.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.wexl.org&p1=e%3Dvl%26p%3D%255B1%255D&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=wEH4aV9kdVNXZy...
https://widget.us.criteo.com/event?a=92896&v=5.9.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.wexl.org&p1=e%3Dvl%26p%3D%255B1%255D&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=wEH4aV9kdVNXZy...

8 KB
8 KB

317ms
113ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=92896&v=5.9.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.wexl.org&p1=e%3Dvl%26p%3D%255B1%255D&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=wEH4aV9kdVNXZyUyQlp3S1JLalRtSm1rR2lJZWoyRnU3aiUyQjhSbm5BYVVnY2NTb0VoN1RGV2U5T0VLaUxtbUdJRFpwbjR5SUhOd01tQmJkTnYxRnpYZjdudFdTVkwwRks3M0dEUkdROFNvYWdQYUhUajNKdnFDamV2T1E0VDJteDFxTlJ0cFo1TkJHelZUZGpNbHF5YllZVmoxeldRJTNEJTNE&tld=www.gofundme.com&dy=1&fu=https%3A%2F%2Fwww.wexl.org&dtycbr=36472

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

1b18299768628f557dc7cd99846ff10a4685a251dca7f90352347bd9ff578541

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 21:41:31 GMT
server: Kestrel
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload;
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 15422291
content-type: application/x-javascript
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 27 Apr 2022 21:41:32 GMT
server: Kestrel
location: https://widget.us.criteo.com/event?a=92896&v=5.9.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.wexl.org&p1=e%3Dvl%26p%3D%255B1%255D&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=wEH4aV9kdVNXZyUyQlp3S1JLalRtSm1rR2lJZWoyRnU3aiUyQjhSbm5BYVVnY2NTb0VoN1RGV2U5T0VLaUxtbUdJRFpwbjR5SUhOd01tQmJkTnYxRnpYZjdudFdTVkwwRks3M0dEUkdROFNvYWdQYUhUajNKdnFDamV2T1E0VDJteDFxTlJ0cFo1TkJHelZUZGpNbHF5YllZVmoxeldRJTNEJTNE&tld=www.gofundme.com&dy=1&fu=https%3A%2F%2Fwww.wexl.org&dtycbr=36472
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 6349819
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2

200

397596.gif
idsync.rlcdn.com/ Frame 252F
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=rkrs9UXd7X1i6VnIRqNG8sLG95snzVaK

42 B
449 B

37ms
16ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=rkrs9UXd7X1i6VnIRqNG8sLG95snzVaK
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Apr 2022 21:41:32 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/397596.gif?partner_uid=rkrs9UXd7X1i6VnIRqNG8sLG95snzVaK
date: Wed, 27 Apr 2022 21:41:31 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2865
content-length: 197
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 252F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay0waERvNkUxU1pIQ3Y0SXhoNmZWMi1WckZIbGZJd00wNkNKaWphZw
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&google_hm=ay0waERvNkUxU1pIQ3Y0SXhoNmZWMi1WckZIbGZJd00wNkNKaWphZw&google_tc=
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

43 B
370 B

57ms
17ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 21:41:32 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 243171
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 27 Apr 2022 21:41:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 279
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
NO CONTENT /
partner.mediawallahscript.com/ Frame 252F 0
232 B 134ms
31ms Image
text/html 52.211.18.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-0hDo6E1SZHCv4Ixh6fV2-VrFHlfIwM06CJijag&custom=&tag_format=img&tag_action=sync&custom=&cb=ede8945a-e20b-4def-96c6-2d98a32ce1c9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.18.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-18-45.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Apr 2022 21:41:32 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Server: nginx/1.20.0
Connection: keep-alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 362338.gif
idsync.rlcdn.com/ Frame 252F 42 B
178 B 61ms
21ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-0hDo6E1SZHCv4Ixh6fV2-VrFHlfIwM06CJijag
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Apr 2022 21:41:32 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 252F 0
194 B 58ms
15ms Image
text/plain 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:32 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ Frame 252F 43 B
632 B 108ms
33ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 21:41:32 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 27 Apr 2022 21:41:32 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame 252F
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-QzD_O01SZHCv4Ixh6fV2-VrFHlcuVGVheLWCQg
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-QzD_O01SZHCv4Ixh6fV2-VrFHlcuVGVheLWCQg&verify=true

0
122 B

14ms
14ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-QzD_O01SZHCv4Ixh6fV2-VrFHlcuVGVheLWCQg&verify=true

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.46 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:32 GMT
server: ATS/9.1.0.46
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-QzD_O01SZHCv4Ixh6fV2-VrFHlcuVGVheLWCQg&verify=true
date: Wed, 27 Apr 2022 21:41:32 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 252F 0
476 B 388ms
114ms Image
text/plain 64.202.112.223
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-rZ8RN01SZHCv4Ixh6fV2-VrFHldoZVP2NFgeiw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 Leesburg, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 21:41:33 GMT
Cache-Control: no-cache
X-TraceId: 6d443c2024f0e4083ebb3ccc6be1d8cf
Content-Length: 0

GET
H2 204 t.gif
cw.addthis.com/ Frame 252F 0
427 B 212ms
139ms Image
text/plain 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cw.addthis.com/t.gif?pid=113&pdid=k-s0HQOU1SZHCv4Ixh6fV2-VrFHleVMSiz3tTdOQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 21:41:32 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 27 Apr 2022 21:41:32 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 252F 0
239 B 57ms
12ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-s0HQOU1SZHCv4Ixh6fV2-VrFHleVMSiz3tTdOQ&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 252F
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-vkrBy01SZHCv4Ixh6fV2-VrFHlcZ9onqyDhJ4Q&seg=95287
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-vkrBy01SZHCv4Ixh6fV2-VrFHlcZ9onqyDhJ4Q%26seg%3D95287

43 B
1 KB

24ms
22ms

Image
image/gif

185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-vkrBy01SZHCv4Ixh6fV2-VrFHlcZ9onqyDhJ4Q%26seg%3D95287

Protocol

HTTP/1.1

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Apr 2022 21:41:32 GMT
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4e8aef25-4ec6-454a-a5d0-9026da8254b3
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 27 Apr 2022 21:41:32 GMT
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: c0a02f27-a452-46bb-90b5-7651dc5cc95b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-vkrBy01SZHCv4Ixh6fV2-VrFHlcZ9onqyDhJ4Q%26seg%3D95287
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 252F
Redirect Chain

https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D95287%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx%253Fa...
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8409258397369466874

43 B
370 B

17ms
17ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8409258397369466874

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 21:41:32 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1841608
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 27 Apr 2022 21:41:32 GMT
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5300977f-41f9-4cb9-a0f8-7515c90d62c7
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8409258397369466874
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 252F 42 B
676 B 72ms
22ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-hZIxsk1SZHCv4Ixh6fV2-VrFHlfplk8AseSe_g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:32 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug028:0:457
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

xuid
eb2.3lift.com/ Frame 252F
Redirect Chain

https://eb2.3lift.com/xuid?mid=2711&xuid=k-LhY1w01SZHCv4Ixh6fV2-VrFHlcBiZFFY1wTlg&dongle=013b
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-LhY1w01SZHCv4Ixh6fV2-VrFHlcBiZFFY1wTlg&dongle=013b&gdpr=1&cmp_cs=&us_privacy=

37 B
354 B

11ms
8ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-LhY1w01SZHCv4Ixh6fV2-VrFHlcBiZFFY1wTlg&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2711&xuid=k-LhY1w01SZHCv4Ixh6fV2-VrFHlcBiZFFY1wTlg&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
date: Wed, 27 Apr 2022 21:41:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 cksync.php
contextual.media.net/ Frame 252F 45 B
783 B 131ms
58ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-Jsj4kU1SZHCv4Ixh6fV2-VrFHlcz2929WDSoqg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Wed, 27 Apr 2022 21:41:32 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Wed, 27 Apr 2022 21:41:32 GMT

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame 252F
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-n7uxaU1SZHCv4Ixh6fV2-VrFHlewXkesNPiwSg
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-n7uxaU1SZHCv4Ixh6fV2-VrFHlewXkesNPiwSg&C=1

43 B
1 KB

36ms
35ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-n7uxaU1SZHCv4Ixh6fV2-VrFHlewXkesNPiwSg&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Apr 2022 21:41:32 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 27 Apr 2022 21:41:32 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 27 Apr 2022 21:41:32 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-n7uxaU1SZHCv4Ixh6fV2-VrFHlewXkesNPiwSg&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 296
Expires: Wed, 27 Apr 2022 21:41:32 GMT

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 252F
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-G39HKk1SZHCv4Ixh6fV2-VrFHle-JfY5SsBRMA&expires=30&user_group=5
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-G39HKk1SZHCv4Ixh6fV2-VrFHle-JfY5SsBRMA&expires=30&user_group=5

43 B
495 B

8ms
7ms

Image
image/gif

3.121.19.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-G39HKk1SZHCv4Ixh6fV2-VrFHle-JfY5SsBRMA&expires=30&user_group=5
Protocol: HTTP/1.1
Server: 3.121.19.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-19-101.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 21:41:32 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-G39HKk1SZHCv4Ixh6fV2-VrFHle-JfY5SsBRMA&expires=30&user_group=5
Date: Wed, 27 Apr 2022 21:41:32 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 pixel_sync
trends.revcontent.com/cm/ Frame 252F 35 B
336 B 107ms
35ms Image
image/gif 52.210.228.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-eFgPwk1SZHCv4Ixh6fV2-VrFHlfgLJCjMtjeew
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.228.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-228-8.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:32 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

GET
H2 200 um
criteo-sync.teads.tv/ Frame 252F 23 B
172 B 150ms
57ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-L8v47U1SZHCv4Ixh6fV2-VrFHle_CIBHgsoACw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 21:41:32 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 27 Apr 2022 21:41:32 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 252F 0
99 B 55ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-2cY5LE1SZHCv4Ixh6fV2-VrFHldzddUaWsNfPg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:32 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13378

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 252F 43 B
163 B 76ms
23ms Image
image/gif 185.86.137.133
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-FGvfcU1SZHCv4Ixh6fV2-VrFHlfOLQE0iB5q3A
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:32 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 v1
match.sharethrough.com/sync/ Frame 252F 68 B
262 B 41ms
7ms Image
image/png 3.120.83.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-E_LzoU1SZHCv4Ixh6fV2-VrFHlfqMujW_e8skw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.83.85 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-83-85.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:32 GMT
content-length: 68
content-type: image/png

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 252F
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-8mXtv01SZHCv4Ixh6fV2-VrFHlczoCTPK5bR4A
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-8mXtv01SZHCv4Ixh6fV2-VrFHlczoCTPK5bR4A

43 B
446 B

66ms
65ms

Image
image/gif

54.78.175.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-8mXtv01SZHCv4Ixh6fV2-VrFHlczoCTPK5bR4A
Protocol: H2
Server: 54.78.175.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-175-206.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 27 Apr 2022 21:41:33 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-8mXtv01SZHCv4Ixh6fV2-VrFHlczoCTPK5bR4A
date: Wed, 27 Apr 2022 21:41:32 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

28292
i6.liadm.com/s/ Frame 252F
Redirect Chain

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-yYr7401SZHCv4Ixh6fV2-VrFHle8SVZwa9TgoQ
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-yYr7401SZHCv4Ixh6fV2-VrFHle8SVZwa9TgoQ&_li_chk=true&previous_uuid=bf38c95e456c42b990c864a0bbc0b907
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-yYr7401SZHCv4Ixh6fV2-VrFHle8SVZwa9TgoQ

43 B
419 B

293ms
93ms

Image
image/gif

2600:1f18:444a:4680:5b76:7408:bdd4:1592
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-yYr7401SZHCv4Ixh6fV2-VrFHle8SVZwa9TgoQ

Protocol

HTTP/1.1

Server

2600:1f18:444a:4680:5b76:7408:bdd4:1592 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 21:41:33 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-yYr7401SZHCv4Ixh6fV2-VrFHle8SVZwa9TgoQ
Date: Wed, 27 Apr 2022 21:41:32 GMT
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame 252F 43 B
428 B 516ms
160ms Image
image/gif 52.9.210.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-NIYv7k1SZHCv4Ixh6fV2-VrFHleMfyrTGARN2Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.9.210.200 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-210-200.us-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 21:41:33 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 252F 43 B
183 B 323ms
92ms Image
image/gif 2600:1f18:612b:4264:cf98:6d7b:6943:bef0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-CFHPGE1SZHCv4Ixh6fV2-VrFHldWhtnyVIRyFw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:cf98:6d7b:6943:bef0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:33 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H/1.1

200
OK

empty.gif
cdn.stickyadstv.com/one-shot/ Frame 252F
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-Qpr4mk1SZHCv4Ixh6fV2-VrFHleueXVjEOF_-Q&redirectId=69
https://cdn.stickyadstv.com/one-shot/empty.gif?

43 B
438 B

52ms
7ms

Image
image/gif

2001:4de0:ac19::1:b:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.stickyadstv.com/one-shot/empty.gif?
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 21:41:33 GMT
Last-Modified: Thu, 28 Feb 2013 15:45:35 GMT
ETag: "1362066335"
X-HW: 1651095693.dop011.fr8.t,1651095693.cds154.fr8.shn,1651095693.cds154.fr8.c
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 43

Redirect headers

Pragma: no-cache
Date: Wed, 27 Apr 2022 21:41:33 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cdn.stickyadstv.com/one-shot/empty.gif?
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1651095692900068-368
Expires: Wed, 27 Apr 2022 21:41:33 GMT

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 252F 40 B
40 B 54ms
15ms Image
text/html 3.64.24.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-YXXqYU1SZHCv4Ixh6fV2-VrFHlcnq2qrncdVDw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.24.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-24-144.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:41:32 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/cdb/ Frame 252F
Redirect Chain

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%25...
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/1UpYJxEC7GjbCji3y8hyfAUJeHOJ4RVb/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_...
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=4166246031684784998

43 B
370 B

18ms
18ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=4166246031684784998

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 21:41:31 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2616166
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=4166246031684784998
pragma: no-cache
date: Wed, 27 Apr 2022 21:41:32 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 252F
Redirect Chain

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8409258397369466874

43 B
369 B

53ms
53ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8409258397369466874

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 21:41:32 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 833136
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 27 Apr 2022 21:41:32 GMT
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4859b5a5-d1de-4dda-a7e1-e7f2e7f84d98
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8409258397369466874
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame B615 28 B
54 B 24ms
23ms XHR
application/json 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/534c466c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/R6cCMpPpq38?wmode=opaque&enablejsapi=1
X-YouTube-Client-Version: 1.20220420.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgs1U2doOHh3VXVuQSiK8aaTBg%3D%3D
X-YouTube-Ad-Signals: dt=1651095690804&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C627%2C353&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 27 Apr 2022 21:41:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Wed, 27 Apr 2022 21:41:33 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 9F44 28 B
54 B 22ms
22ms XHR
application/json 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/534c466c/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/DfnCTkYYCKI?wmode=opaque&enablejsapi=1
X-YouTube-Client-Version: 1.20220420.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtqMkFHMXI2QWtmdyiK8aaTBg%3D%3D
X-YouTube-Ad-Signals: dt=1651095690733&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C533%2C300&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 27 Apr 2022 21:41:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Wed, 27 Apr 2022 21:41:33 GMT

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

53 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 03:21:27	Name: _li_ss Value: MgkI_____wcQkxI
www.wexl.org/	1969-12-31 23:59:59	Name: crumb Value: BUxdK1ptKSkgMTc1OTE1Y2U1MmUyMDY4MWEzYzg2MzMxNDZjOGFk
www.wexl.org/	1970-01-20 20:09:27	Name: ss_cvr Value: 18712f89-ee9b-43af-98b3-0e3a88baf08c\|1651095690530\|1651095690530\|1651095690530\|1
www.wexl.org/	1970-01-20 02:38:17	Name: ss_cvt Value: 1651095690530
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: -GZkDswwJDM
.youtube.com/	1970-01-20 06:57:27	Name: VISITOR_INFO1_LIVE Value: j2AG1r6Akfw
.wexl.org/	1970-01-20 20:09:27	Name: _ga Value: GA1.2.1711767771.1651095691
.wexl.org/	1970-01-20 02:39:42	Name: _gid Value: GA1.2.134626401.1651095691
.wexl.org/	1970-01-20 02:38:15	Name: _gat_gtag_UA_97548702_1 Value: 1
.criteo.com/	1970-01-20 11:59:51	Name: uid Value: bce10eba-6481-4327-890e-438c3d32d1bf
.rlcdn.com/	1970-01-20 11:23:51	Name: rlas3 Value: rlFICHZxxTw3NmuJ9fNiCNO7ezq3YzwXcZVihnn4ijU=
.rlcdn.com/	1970-01-20 04:04:39	Name: pxrc Value: CAA=
.analytics.yahoo.com/	1970-01-20 11:23:51	Name: IDSYNC Value: 18zh~24kl
.3lift.com/	1970-01-20 04:47:51	Name: tluid Value: 2828321028446207153196
.doubleclick.net/	1970-01-20 11:59:51	Name: IDE Value: AHWqTUk3ya2BqI26dbD5o7rwhj5sZth6sXRo_3u8Dn-BV8vIOB9MY8spdFgYkLcR8I4
.yahoo.com/	1970-01-20 11:24:13	Name: A3 Value: d=AQABBIy4aWICEJ0XnT7qP7dDoL2cUPIYcz8FEgEBAQEKa2JzYgAAAAAA_eMAAA&S=AQAAAp6ECROYq5M6OHJoRomgO-g
.adnxs.com/	1970-01-20 04:47:51	Name: uuid2 Value: 8409258397369466874
.pubmatic.com/	1970-01-20 03:21:27	Name: KRTBCOOKIE_97 Value: 3385-uid:k-hZIxsk1SZHCv4Ixh6fV2-VrFHlfplk8AseSe_g&KRTB&23144-uid:k-hZIxsk1SZHCv4Ixh6fV2-VrFHlfplk8AseSe_g&KRTB&23286-uid:k-hZIxsk1SZHCv4Ixh6fV2-VrFHlfplk8AseSe_g&KRTB&23287-uid:k-hZIxsk1SZHCv4Ixh6fV2-VrFHlfplk8AseSe_g
.pubmatic.com/	1970-01-20 03:21:27	Name: PugT Value: 1651095692
.pubmatic.com/	1970-01-20 04:47:51	Name: PUBMDCID Value: 3
.bidswitch.net/	1970-01-20 11:23:51	Name: tuuid Value: 78cb667f-1a58-40d2-90dc-d34ceb337d7c
.bidswitch.net/	1970-01-20 11:23:51	Name: c Value: 1651095692
.bidswitch.net/	1970-01-20 11:23:51	Name: tuuid_lu Value: 1651095692
.turn.com/	1970-01-20 06:57:27	Name: uid Value: 4166246031684784998
.media.net/	1970-01-20 11:23:51	Name: visitor-id Value: 2940972928886339000V10
.media.net/	1970-01-20 03:21:27	Name: data-c-ts Value: 1651095692
.media.net/	1970-01-20 03:21:27	Name: data-c Value: k-Jsj4kU1SZHCv4Ixh6fV2-VrFHlcz2929WDSoqg~~3
.sharethrough.com/	1970-01-20 03:21:27	Name: stx_user_id Value: ed5f6a7d-b679-45e6-887a-d5c849f1cddf
.addthis.com/	1970-01-20 11:59:51	Name: ouid Value: 6269b88c00016e7f77ed255f94dc0d9f68f7b4c44f6027c9aa50
.addthis.com/	1970-01-20 11:59:51	Name: uid Value: 6269b88c377bf968
.addthis.com/	1970-01-20 11:59:51	Name: na_id Value: 2022042721413282100722418189
.casalemedia.com/	1970-01-20 11:23:51	Name: CMID Value: Ymm4jDK0M4HZZeUvdT7hVQAA
.casalemedia.com/	1970-01-20 04:47:51	Name: CMPS Value: 5202
.revcontent.com/	1970-02-07 08:38:15	Name: __ID Value: a35603ec4e0849bcb7dd293915cdf152
.revcontent.com/	1970-01-20 03:21:27	Name: v1_151 Value: 1
.casalemedia.com/	1970-01-20 04:47:51	Name: CMPRO Value: 1213
.casalemedia.com/	1970-01-20 02:39:42	Name: CMST Value: Ymm4jGJpuIwA
.casalemedia.com/	1970-01-20 11:23:51	Name: CMRUM3 Value: 146269b88c2760k-n7uxaU1SZHCv4Ixh6fV2-VrFHlewXkesNPiwSg
exchange.mediavine.com/	1970-01-20 02:58:25	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22ce2e1260-c672-11ec-9e7d-0b3018006118%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 02:58:25	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22ce2e1260-c672-11ec-9e7d-0b3018006118%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 02:58:25	Name: criteo Value: %7B%22id%22%3A%22k-YXXqYU1SZHCv4Ixh6fV2-VrFHlcnq2qrncdVDw%22%2C%22version%22%3A%22criteo%22%7D
.adnxs.com/	1970-01-20 04:47:51	Name: anj Value: dTM7k!M4/rD>6NRF']wIg2C%uiJns!fss0=RroE7VW]Fp9SvEN`D/+En_OKwZ1^K_NDFZ4kkSP+':Io@V8zp6!M`as%(V#>JiOB[2!INl$]kNya!tNhToj^X:qj
.360yield.com/	1970-01-20 04:47:51	Name: tuuid Value: 817bd991-b0a9-4ead-bbd9-09e69d5ce238
.360yield.com/	1970-01-20 04:47:51	Name: tuuid_lu Value: 1651095692
.360yield.com/	1970-01-20 04:47:51	Name: um Value: !38,hbsNkQ86NX3U3vBWc9Hok.GBU0xHLkUo1-pBBn7tsfOzSg6IKA3gugxdRRhCTq8bAjhaJ638,1658871693
.360yield.com/	1970-01-20 04:47:51	Name: umeh Value: !38,0,1713303693,-1
.outbrain.com/	1970-01-20 04:47:51	Name: obuid Value: e819b140-8a39-43e1-8a9e-8b4b3b0c5016
.outbrain.com/	1970-01-20 03:07:03	Name: criteo Value: k-rZ8RN01SZHCv4Ixh6fV2-VrFHldoZVP2NFgeiw
ads.stickyadstv.com/	1970-01-20 03:21:27	Name: UID Value: 5c715f3e1691a122f1a57f06b4850dd
ads.stickyadstv.com/	1970-01-20 03:21:27	Name: uid-bp-11554 Value: k-Qpr4mk1SZHCv4Ixh6fV2-VrFHleueXVjEOF_-Q
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 53ca51dcd88f503affc0d241c4747ca3
.liadm.com/	1970-01-20 20:09:27	Name: lidid Value: bf38c95e-456c-42b9-90c8-64a0bbc0b907
.postrelease.com/	1970-01-20 11:23:51	Name: opt_out Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ads.stickyadstv.com
ads.yahoo.com
api.amplitude.com
assets.squarespace.com
cdn.stickyadstv.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
cw.addthis.com
d.turn.com
dis.criteo.com
dynamic.criteo.com
eb2.3lift.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
i.liadm.com
i.ytimg.com
i6.liadm.com
ib.adnxs.com
idsync.rlcdn.com
images.squarespace-cdn.com
jadserve.postrelease.com
jnn-pa.googleapis.com
match.sharethrough.com
mug.criteo.com
p.typekit.net
partner.mediawallahscript.com
pixel.rubiconproject.com
r.casalemedia.com
rtb-csync.smartadserver.com
secure.adnxs.com
simage2.pubmatic.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.criteo.net
static.doubleclick.net
static1.squarespace.com
stats.g.doubleclick.net
sync-t1.taboola.com
sync.outbrain.com
trends.revcontent.com
u14608870.ct.sendgrid.net
ups.analytics.yahoo.com
use.typekit.net
widget.us.criteo.com
www.gofundme.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.wexl.org
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
104.111.242.245
104.75.88.126
13.32.21.51
141.226.228.48
142.250.186.98
151.101.128.238
151.101.192.238
151.101.64.237
167.89.123.122
178.250.0.157
178.250.0.163
178.250.2.140
178.250.2.151
18.209.3.188
185.33.220.145
185.33.221.52
185.64.190.80
185.86.137.133
198.185.159.144
2.18.234.21
2.18.234.233
2.18.235.93
2001:4de0:ac19::1:b:2b
2001:678:cb4:bbbb::13
212.82.100.181
2600:1f18:444a:4680:5b76:7408:bdd4:1592
2600:1f18:612b:4264:cf98:6d7b:6943:bef0
2606:4700::6811:190e
2a00:1288:80:807::2
2a00:1450:4001:80e::2001
2a00:1450:4001:813::2003
2a00:1450:4001:813::200e
2a00:1450:4001:827::2004
2a00:1450:4001:827::200a
2a00:1450:4001:827::2016
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2006
2a00:1450:4001:82f::2008
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9a
2a02:2638::1c
2a02:2638::3
2a02:26f0:3500:7::17d8:4dc9
2a02:26f0:3500:7::17d8:4dd1
2a03:2880:f01c:8012:face:b00c:0:3
3.120.83.85
3.121.19.101
3.126.56.137
3.64.24.144
35.244.174.68
44.231.106.81
52.210.228.8
52.211.18.45
52.9.210.200
54.78.175.206
64.202.112.223
69.173.144.138
74.119.119.150
76.223.111.18
037709da281376828e43211b173f1f202861ff95fcfd8c32948bae02c66092e4
0444d9ed5cf970b79756975b451452d4d5f25e98023722385b19596739d81a03
0908f26f913f08109b7ed2df2ddf41da3ebc379fa679950761d214f2ca35b298
095e9c8ccd5f0d3e01056097d0dba6ed3860ede26cda210079d9321b287ea18a
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0eaab559607fdc210e8484c5bfa05b420e072b0eff79f39732cb051acf897021
1b18299768628f557dc7cd99846ff10a4685a251dca7f90352347bd9ff578541
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1ba4db8a8b47e7401e2ce265e599728073542f70940cb889c6315f3c4e23da0e
1e8e622d0dee6022462e1ec5506bcf4252f3c4da42783c0e35ce1226fe28ac68
20b97f4764680efdd44b021cb57bfb2b93850d0aaf8af024986393b0cb80f2d0
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
269fb483b3d7c5eb7a4439124d664050ee4c55982487bd52965a42c5e799b19d
3245d40174971bed9521b047d18bc48f0617762f758304457410c4ba985d92a5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34ef86b5824cdbbe252414bf72133d11f08163adb910e43fcde0c0bd41989e69
383fc3268ee0a63637a8393624dd12518467d16ce116617e5f9e2653231907ae
38939ac2175bb42df679f2a0ffffcd68a2c296bbc58cc86b1e1c4caa4b4207a5
3b8f19eb63a03fc43418c949401ee749fc9c4cecdda34a6338131ba214255011
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42bf8a88695144bb005734574e54b19b301270067daea818c559a40532bdaca4
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4509f2fd94e3cabe71c48ce9ea040083ef1a9c07fbf0e95ee1f8fd6072fca28b
458f300e4b29ae98dcd3ce514add1240c99e42f16a3bdaaf794fd1c83caab5c8
48db5f5c8a83c915630be7954426e31fde7a0f9dce1435097b5327ada7faa2d4
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e48248515dcf2b585e2895fe1b9aef6b9b7c8a09f51be44f3c06b6a1fb2b3ae
4f00c6240c80fe1c5b9e2381fcbb44eae5b4ff774ef66ba5a4d22f15beb9ff6f
4f17e98b5934cb8d95d08e5eec02388278b52c7328dc2cc85fe0557c8a90bd18
50082afeead0afa4573015bc3dcf08a35f3ecdbe660ffba92f905c00e03665bb
5220d3a42727947ef436ac36684dacae58201f9f6580c4343d30af826c2dd44e
52ae61c0720ae779b166ba75eb15923913725a390383be86868c33bfc191c1fe
5355ec44c12fffe344c1e02fea96602eaae185e37a7266eb42471798ba380ca7
54220dafce2baa28e0fe792fa2e292392dcac65752968e27b41ed7a545e2e7ac
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58d31cb9d33d4f43469b4c31183578a121cb2ba92dfaaad1d998dfca812088c0
58dc2f9ecbfa85accf8b5b67e283ba5b32fafc4769e6244a271ebb80d8a2efcf
5aa4d710eb97e7dc65d20f8a3b814646481b69ad60a513bfd95fa8bdcdc71eb6
5b34de5b1aca999ad6a9157f5bc7964ce6545dac2e8ff0f8e9dc174d98d74901
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6878494911fcfdccde922348605c3cc9289d26c8321f421ba9cdad47defae25c
69685585b65f0bd255a1aeb48364a80773e33bcd185d56555320f33bdc8b5957
6a801f781b109838b64c593ffbabaeb97e553d349540a9636cb63e23a8479423
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b66681a243dc0f275889d26be85e0fddb7a7a20846dc178d08be632d38c926f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6efbf5fe6222b467c11d301ab3d0c4e9f5137a15a2023af3fe15ed653e3393b6
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
6f69d70bf8ce1e473f3659ee6c746035ae11ebbe9383c1857783e300458667e0
7387021408574afb13687c47d583f43c70cf9511d5dfd772be64f8ec975895a8
78957815b251475c6757b01b8d2b1172210ce4c041365d4f31efd41ba628b1e5
7dc2181f67db2cb889c9500a17d0244e21c8cfaecf4eb00f0a3f60426638ea46
81a6361b1f6ff5f9f6ca05b773fb993d7b7b3f668635ccba4379fa3ecb9a7e3e
829fcc8d760190e6103b4787463b47f9bcaca6c0d1d2803fd6182b570aa9ceba
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
856a731aae8bd0a2a66994734407c0adf8c49778fe7d38017e3aeb3c14d6f888
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b1bdb8dcef31726354a858b4da347b5c090e01151455ab3cbb9863626608880
8d7c5e4b4672867b08e5402ff4cf79df0e35ab34b859db1a182b952b7bca9984
8e6674e74fddb72bfd2c6b00851c2172b7ca2b1d9392c29520f8a07fb8edf561
8fe7f93aae648e4fb320b90822ab283c97698db81478185f2368745ecf0f86fc
9090f47c1e3d692d9252fe3dc9ff2191320ce02b6700374970796ab8f74c7d38
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
94cce8b3eba9ea85bb0ff279276eb94a7767255fab88c55f1cca7c464beb5ea5
96ca8cf41a85291cfcf7482d412f37b72631e1020eeeb6971d5d426ec43d58dd
97e63527ccd514eb60349df99f1d5ab8bd5631bc3b07861aa6c9103a2a500726
9ae4ad9770e5aa4a4e8063188195c8bc42300dab8f133f05211d7036c43b236d
9b3ecd04d5760a0fed3f47a8f1efe42a0f08e5222ece3517f8c978d357cd3c27
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9e65860ead088b288f450d2585f9a756c45e9e59895f0657a16e58a681065e88
9f91c1388dbe365f97266d27ba1552f59cfbd080290b31a58b1e6c615e9fae1c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a335034c7cafef2c77fcbf69ab399efbaa0fb72fa405b2d92c502c6b64d21edc
a4d47dd6793fe24c23ab3c34f630ce5d0f42ef12a9e19eabd2fba286296647e9
a66a4d6c7ece15afe1f5bc4026501afbf05c20964f505ff84b56760fce0f3270
ac9f3d55b660a506581c2791a3a5cd121e17d69b9b10ef099f16c9c1f5901882
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
af6f2c85ecc99d72bcc3598161f057c701338bfe66584d9d588dfe3ea6fafd92
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b482daa082c32764d27b36957e88628b5888ed11d715321d26faf9b25887cb5f
b4e1e58a7a609cf1313dc14ec228403aed7a9d2460b6336a4287b8de1c341950
b61ce71a5d280d5357c00b2bc32a93a2a9449c0c16f18773810340ea203f94d2
b74454deefbb15de437127fed9832cd0c97266e8049de653ef665a9ffb6895d6
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb53f807e4c0dcad0404b2860de50e050584e6511b1541acc7b730c810d7181e
c152d0d0df0378fc80f8d44b07b2de0aa5e27503721c869e204beb4d3ed1b8ac
c3d1ab3a386ac9a294b10e90ef7b9da329b83f1f36b42328b03a8642baf214df
c47c1d105ddb366167adbe690d8df532256209722ec16e3fc098b37e8dacea0a
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
c5381b5cd455b34611acb94001f1827144407153d61c6ff599b6761ed3a1391b
c9cd6f4424f3f5f4a1486c19694f5f4621aff488f1c329ceef66fa33049b3ee8
ca46689794100df4f1f46450f1b5393b42b0201c0a6102fa370d4521751e49f3
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc96b1aa8a2e8765ef4617ab3f7fe74f6446cd5d0ea1bf4e7d301ed08b85b8ab
d097571197c3a49208b98cd83e519c84a8e1b6fca064bbc09b9724f1a5614c8f
d6a336496e10def9cadfac527aaaeb74c84c5f16d15adfaf247d1f571c6203a0
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
db61fbfb9e15c7371cc7d82daef4b57243a17129a7797f3af5d057d010c95b88
dc2727f6c5fed6de34d38219bc52410773f36d6070471d02ac291ae154160e69
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e140022b28f49866c83fc34eafbe550e1af89819eeb46b52d68ca1385402e3c6
e17cc900f2c3e8e09d3a2d454c231fccc85c4d1c6164b05c1d5c482a51d21190
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1096de525ecd4549a0dea1507686fd365db607cddc697686b0f7ce81a9bdbab
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f22fbdebcfd128fa25b16905492582646b3c4ae90d3a70f8f6d7163578ef3181
f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f7c4aafd2597166d7192b560f072a466fed9c54d72e6e1dc311a0c9c6b0c2e76
f890ccc79170bbc968c2c2052553b8f7a6b300d10a7181d6c6993dc016fdbce0
fc4f04722298649f4225633e241779243eb23dafe5701fc118be40e5cc0322e7

www.wexl.org Open in urlscan Pro 198.185.159.144 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

164 Requests

90 %HTTPS

39 %IPv6

44 Domains

61 Subdomains

55 IPs

7 Countries

4874 kBTransfer

17366 kBSize

53 Cookies

1 Outgoing links

Page URL History

Redirected requests

164 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.wexl.org Open in urlscan Pro
198.185.159.144 Public Scan

Screenshot
Live screenshot

Full Image

164
Requests

90 %
HTTPS

39 %
IPv6

44
Domains

61
Subdomains

55
IPs

7
Countries

4874 kB
Transfer

17366 kB
Size

53
Cookies

164 HTTP transactions
4 data transactions