Submitted URL: http://flyawaybear.nl/
Effective URL: https://flyawaybear.nl/
Submission: On December 07 via manual from US — Scanned from NL

Summary

This website contacted 36 IPs in 9 countries across 32 domains to perform 88 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is flyawaybear.nl.
TLS certificate: Issued by GTS CA 1P5 on December 7th 2023. Valid for: 3 months.
This is the only time flyawaybear.nl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 88.221.110.90 20940 (AKAMAI-ASN1)
5 2a03:2880:f04... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
6 193.108.153.24 20940 (AKAMAI-ASN1)
2 70.39.189.181 54994 (ML-1432-5...)
6 52.201.139.150 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
3 70.39.189.182 3257 (GTT-BACKB...)
2 2a02:26f0:780... 20940 (AKAMAI-ASN1)
3 2a02:26f0:350... 20940 (AKAMAI-ASN1)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 182.22.25.124 23816 (YAHOO Yah...)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2600:9000:214... 16509 (AMAZON-02)
1 35.186.249.72 15169 (GOOGLE)
1 34.102.147.248 396982 (GOOGLE-CL...)
1 104.248.96.70 14061 (DIGITALOC...)
1 23.56.200.15 16625 (AKAMAI-AS)
1 47.243.241.30 45102 (ALIBABA-C...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 54.236.80.3 14618 (AMAZON-AES)
3 34.98.67.3 396982 (GOOGLE-CL...)
1 2 47.91.89.51 45102 (ALIBABA-C...)
1 2001:4860:480... 15169 (GOOGLE)
2 2 35.244.174.68 396982 (GOOGLE-CL...)
1 2600:9000:225... 16509 (AMAZON-02)
1 110.93.147.30 23576 (NHN-AS-KR...)
1 52.214.247.29 16509 (AMAZON-02)
88 36
Apex Domain
Subdomains
Transfer
9 gstatic.com
fonts.gstatic.com
171 KB
8 edrawmind.com
www.edrawmind.com — Cisco Umbrella Rank: 402599
images.edrawmind.com — Cisco Umbrella Rank: 543545
3 MB
6 edrawsoft.com
account.edrawsoft.com — Cisco Umbrella Rank: 407856
www.edrawsoft.com — Cisco Umbrella Rank: 209837
images.edrawsoft.com — Cisco Umbrella Rank: 166639
64 KB
6 allstatics.com
neveragain.allstatics.com — Cisco Umbrella Rank: 83076
110 KB
5 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
264 KB
4 linkconnector.com
www.linkconnector.com — Cisco Umbrella Rank: 38881
4 KB
4 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2199
56 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
2 KB
4 wondershare.com
dc-static.wondershare.com — Cisco Umbrella Rank: 60950
images.wondershare.com — Cisco Umbrella Rank: 56926
accounts.wondershare.com — Cisco Umbrella Rank: 184687
18 KB
3 linksynergy.com
ut.rd.linksynergy.com — Cisco Umbrella Rank: 6223
consent.linksynergy.com — Cisco Umbrella Rank: 19869
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4434
977 B
3 google.nl
www.google.nl — Cisco Umbrella Rank: 9642
669 B
3 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 2693
816 B
3 artfut.com
www.artfut.com — Cisco Umbrella Rank: 29484
16 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 329
14 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
3 flyawaybear.nl
flyawaybear.nl
20 KB
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 408
836 B
2 dwin1.com
www.dwin1.com — Cisco Umbrella Rank: 3662
23 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
2 edrawmax.com
images.edrawmax.com — Cisco Umbrella Rank: 164752
3 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
201 KB
1 roeye.com
lantern.roeye.com — Cisco Umbrella Rank: 7156
128 B
1 naver.com
wcs.naver.com — Cisco Umbrella Rank: 22963
631 B
1 roeyecdn.com
lantern.roeyecdn.com — Cisco Umbrella Rank: 7355
2 KB
1 loggly.com
logs-01.loggly.com — Cisco Umbrella Rank: 11389
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
185 B
1 partnerboost.com
app.partnerboost.com — Cisco Umbrella Rank: 86917
15 KB
1 naver.net
wcs.naver.net — Cisco Umbrella Rank: 21124
8 KB
1 indoleads.com
trk.indoleads.com — Cisco Umbrella Rank: 122918
4 KB
1 rakuten.com
tag.rmp.rakuten.com — Cisco Umbrella Rank: 5888
14 KB
1 impactcdn.com
utt.impactcdn.com — Cisco Umbrella Rank: 3071
14 KB
1 yimg.jp
s.yimg.jp — Cisco Umbrella Rank: 8112
9 KB
88 32
Domain Requested by
9 fonts.gstatic.com fonts.googleapis.com
6 neveragain.allstatics.com flyawaybear.nl
5 www.edrawmind.com flyawaybear.nl
5 connect.facebook.net flyawaybear.nl
connect.facebook.net
4 www.linkconnector.com www.googletagmanager.com
www.linkconnector.com
flyawaybear.nl
4 script.crazyegg.com www.googletagmanager.com
script.crazyegg.com
3 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
3 www.google.nl flyawaybear.nl
3 www.artfut.com www.googletagmanager.com
www.artfut.com
3 bat.bing.com flyawaybear.nl
bat.bing.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 images.edrawsoft.com flyawaybear.nl
3 images.edrawmind.com flyawaybear.nl
3 flyawaybear.nl 1 redirects images.wondershare.com
2 idsync.rlcdn.com 2 redirects
2 accounts.wondershare.com 1 redirects flyawaybear.nl
2 www.google.com flyawaybear.nl
2 www.dwin1.com www.googletagmanager.com
2 www.edrawsoft.com flyawaybear.nl
2 fonts.googleapis.com flyawaybear.nl
2 images.edrawmax.com flyawaybear.nl
2 www.googletagmanager.com flyawaybear.nl
www.googletagmanager.com
1 lantern.roeye.com flyawaybear.nl
1 wcs.naver.com wcs.naver.net
1 lantern.roeyecdn.com www.dwin1.com
1 tags.rd.linksynergy.com flyawaybear.nl
1 region1.analytics.google.com www.googletagmanager.com
1 consent.linksynergy.com flyawaybear.nl
1 ut.rd.linksynergy.com tag.rmp.rakuten.com
1 logs-01.loggly.com flyawaybear.nl
1 www.facebook.com flyawaybear.nl
1 app.partnerboost.com images.wondershare.com
1 wcs.naver.net www.googletagmanager.com
1 trk.indoleads.com www.googletagmanager.com
1 tag.rmp.rakuten.com flyawaybear.nl
1 utt.impactcdn.com flyawaybear.nl
1 s.yimg.jp www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 images.wondershare.com flyawaybear.nl
1 account.edrawsoft.com flyawaybear.nl
1 dc-static.wondershare.com flyawaybear.nl
88 41
Subject Issuer Validity Valid
flyawaybear.nl
GTS CA 1P5
2023-12-07 -
2024-03-06
3 months crt.sh
www.wondershare.com
DigiCert TLS RSA SHA256 2020 CA1
2023-08-18 -
2024-07-03
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-09-16 -
2023-12-15
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.edrawmax.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2023-09-05 -
2024-09-19
a year crt.sh
*.edrawsoft.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2023-05-15 -
2024-06-13
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.edrawmind.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2023-10-11 -
2024-10-10
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-03-09 -
2024-03-08
a year crt.sh
edge01.yahoo.co.jp
Cybertrust Japan SureServer CA G4
2023-11-30 -
2024-12-29
a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01
2023-10-24 -
2024-04-21
6 months crt.sh
*.dwin1.com
Amazon RSA 2048 M03
2023-10-18 -
2024-11-15
a year crt.sh
utt.impactcdn.com
GTS CA 1D4
2023-11-07 -
2024-02-05
3 months crt.sh
tag.rmp.rakuten.com
GTS CA 1D4
2023-12-02 -
2024-03-01
3 months crt.sh
trk.indoleads.com
R3
2023-11-15 -
2024-02-13
3 months crt.sh
ssl.pstatic.net
GeoTrust RSA CA 2018
2023-08-01 -
2024-08-01
a year crt.sh
*.partnerboost.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2023-04-04 -
2024-04-09
a year crt.sh
www.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.google.nl
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
logs-01.loggly.com
Starfield Secure Certificate Authority - G2
2023-03-25 -
2024-04-10
a year crt.sh
*.rd.linksynergy.com
ZeroSSL RSA Domain Secure Site CA
2023-02-13 -
2024-02-13
a year crt.sh
consent.linksynergy.com
GTS CA 1D4
2023-10-19 -
2024-01-17
3 months crt.sh
*.wondershare.com
GeoTrust RSA CA 2018
2023-06-12 -
2024-07-10
a year crt.sh
*.roeyecdn.com
Amazon RSA 2048 M01
2023-10-04 -
2024-10-30
a year crt.sh
wcs.naver.com
GeoTrust RSA CA 2018
2023-08-01 -
2024-08-14
a year crt.sh
*.roeye.com
Amazon RSA 2048 M03
2023-11-26 -
2024-12-24
a year crt.sh

This page contains 2 frames:

Primary Page: https://flyawaybear.nl/
Frame ID: 7C84D179914C83B00121A82ABF5B79D9
Requests: 87 HTTP requests in this frame

Frame: https://accounts.wondershare.com/web/login?lang=en-us&mode=1&oauth=1&product_id=14567&redirect_uri=https%3A%2F%2Faccounts.wondershare.com%2Fv3%2Fuser%2Foauth-client%2Fauthorize%3Fapp_key%3Df650feb789aff6a157585eafb1593c9b%26redirect_uri%3Dhttps%3A%2F%2Faccount.edrawsoft.com%2Fwsid%2Fcallback.html%26response_type%3Dcode%26scope%3Duser%26state%3D10000%26product_id%3D14567%26source%3D43%26lang%3Den-us%26mode%3D1%26verify%3Dno&site=account.edrawsoft.com&source=43&verify=yes
Frame ID: 54A73BCC2FB29D4D0027C207D8FB87A5
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Learning Geography: Top Tips to Study Geography | EdrawMind

Page URL History Show full URLs

  1. http://flyawaybear.nl/ HTTP 301
    https://flyawaybear.nl/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • dwin1\.com

Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • tag\.rmp\.rakuten\.com

Page Statistics

88
Requests

99 %
HTTPS

54 %
IPv6

32
Domains

41
Subdomains

36
IPs

9
Countries

3675 kB
Transfer

5922 kB
Size

26
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://flyawaybear.nl/ HTTP 301
    https://flyawaybear.nl/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70
  • https://accounts.wondershare.com/v3/user/oauth-client/authorize?app_key=f650feb789aff6a157585eafb1593c9b&redirect_uri=https://account.edrawsoft.com/wsid/callback.html&response_type=code&scope=user&state=10000&product_id=14567&source=43&lang=en-us&mode=1&verify=no HTTP 302
  • https://accounts.wondershare.com/web/login?lang=en-us&mode=1&oauth=1&product_id=14567&redirect_uri=https%3A%2F%2Faccounts.wondershare.com%2Fv3%2Fuser%2Foauth-client%2Fauthorize%3Fapp_key%3Df650feb789aff6a157585eafb1593c9b%26redirect_uri%3Dhttps%3A%2F%2Faccount.edrawsoft.com%2Fwsid%2Fcallback.html%26response_type%3Dcode%26scope%3Duser%26state%3D10000%26product_id%3D14567%26source%3D43%26lang%3Den-us%26mode%3D1%26verify%3Dno&site=account.edrawsoft.com&source=43&verify=yes
Request Chain 78
  • https://idsync.rlcdn.com/458359.gif?partner_uid=e95244b0-4814-42cd-98a0-bf022cf399ef HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CPf8GxIwCiwIARCd5gEaJGU5NTI0NGIwLTQ4MTQtNDJjZC05OGEwLWJmMDIyY2YzOTllZhAAGg0I_O3IqwYSBQjoBxAAQgBKAA HTTP 307
  • https://tags.rd.linksynergy.com/cs?ns=lr&uid3=a2683f545f7454a59a743f4d3affdf95afe8d5b1da0c6fbe1f8ac78ea04ebfb86ac34734d8e453ee

88 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
flyawaybear.nl/
Redirect Chain
  • http://flyawaybear.nl/
  • https://flyawaybear.nl/
80 KB
19 KB
Document
General
Full URL
https://flyawaybear.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17c4e98c2a74f7b6db3984c90f4c52ff3c1b4a9a090c6255ded034ec70470719
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
831fcf3acd886575-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 07 Dec 2023 21:19:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8XrY6BeUJjzqga5xhLxeRk7kMd0KC7hxb2YMg3NAAMgA%2Fe5dbX1Tyt5AzqSl1k4%2FuA31cmWrQlhE%2BWZ2OXfd%2Bq%2Bxs72ua88n4DjwXVgYjYghPklqc3Jrl7jkZWymS7t8YW3cDLaxdpaeDnpkgw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
831fcf39fda7b93f-AMS
Cache-Control
max-age=3600
Connection
keep-alive
Date
Thu, 07 Dec 2023 21:19:53 GMT
Expires
Thu, 07 Dec 2023 22:19:53 GMT
Location
https://flyawaybear.nl/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lOFtEdKjXnvtaQVp8x%2BU7cxp65Xv8EvFJr5sC2SDL57mhEpzKNYLnNL9QnjCBOHgxeVhqzO6athtRDKwc6i4abWuT2Ot6qnBlXqH0G1E6fKk1%2BwATSup52H9Ys0z%2FxNXT9S70mgeC2xSBwZwGA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
wsNotification.js
dc-static.wondershare.com/notification/
15 KB
5 KB
Script
General
Full URL
https://dc-static.wondershare.com/notification/wsNotification.js
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.110.90 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a88-221-110-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e5d190f15d68773bf9f3d14b55b85952011a188befdc2604d23947c4b686467b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Thu, 07 Dec 2023 21:19:54 GMT
content-length
4423
last-modified
Thu, 20 Jul 2023 09:04:47 GMT
etag
"64b8f8af-3b3e"
access-control-max-age
1728000
access-control-allow-methods
PUT, GET, POST, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-credentials
true
cache-control
max-age=7776000
accept-ranges
bytes
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Wed, 06 Mar 2024 21:19:54 GMT
sdk.js
connect.facebook.net/en_US/
297 KB
86 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=c87c73a9e6b74d38fcda8e254f762266
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0b7e07e1326b37a5c190be975856825fd72001164e6e30f78163dff352668214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://flyawaybear.nl/
Origin
https://flyawaybear.nl
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 07 Dec 2023 21:19:54 GMT
content-md5
GAcZ66zjR4qDT7OEOTxC0A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86869
reporting-endpoints
x-fb-debug
3iYDJoI86dyeJO7NTIzmH4m3XUhA4QW7gIojjTRmq4an+7qYh7qEgCkKHjwVN44q3j6WOBoTMogD7z5yXZL0jg==
x-fb-content-md5
fe7a152e223ec6030b537082b3f9d6b8
cross-origin-opener-policy
same-origin-allow-popups
etag
"cfc8eacd977a5c7e34bc1ddd506a80a6"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 06 Dec 2024 21:19:54 GMT
sdk.js
connect.facebook.net/en_US/
3 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
580a8a7bdafe5025d31452b6ba5922d62e0851a215d548828c0c76fd0db1d7cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 07 Dec 2023 21:19:54 GMT
content-md5
iMGL1963AOtiRqef7MEoZA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
reporting-endpoints
x-fb-debug
/LkxhPMJyuIBxjB8UDKjXrBlCYCFIrhSfrRARZhzwcwXKgOZbPj0I3zi1o6iP5P27xXaBXqal7l6Qv8utWuf2Q==
x-fb-content-md5
8f47759916e554b057aa0bce1f0fcc8d
cross-origin-opener-policy
same-origin-allow-popups
etag
"f470b4f2dc3fa79731066d4689f0274f"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 07 Dec 2023 21:24:24 GMT
gtm.js
www.googletagmanager.com/
382 KB
111 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T7HLC79
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ad0540b519243453dbd4e542880cc30dc3fc55e275832c281e887c0c48bd73aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 21:19:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113595
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 07 Dec 2023 21:19:55 GMT
bootstrap-edraw-mindmaster.min.css
neveragain.allstatics.com/2019/assets/style/
301 KB
38 KB
Stylesheet
General
Full URL
https://neveragain.allstatics.com/2019/assets/style/bootstrap-edraw-mindmaster.min.css
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-24.deploy.static.akamaitechnologies.com
Software
Tengine/unknown /
Resource Hash
67e6b3490e5d90a5fc8faaebd04bd401bc74930eb935dd9d51a2951977ea5751

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 21:19:54 GMT
content-encoding
gzip
last-modified
Tue, 04 Jul 2023 02:15:26 GMT
server
Tengine/unknown
etag
"64a380be-4b270"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=5184000
accept-ranges
bytes
content-length
38887
expires
Mon, 05 Feb 2024 21:19:54 GMT
app.css
images.edrawmax.com/assets/css/
6 KB
2 KB
Stylesheet
General
Full URL
https://images.edrawmax.com/assets/css/app.css
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.189.181 , United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
Tengine/unknown /
Resource Hash
e37213042500cae209c76d0c81262ebbb2662775753afb29fa8b6d4f17172383

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 21:19:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Apr 2021 03:21:33 GMT
Server
Tengine/unknown
ETag
W/"607f9a3d-16a5"
Transfer-Encoding
chunked
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=5184000
Connection
keep-alive
Expires
Mon, 05 Feb 2024 21:19:54 GMT
edauth.js
account.edrawsoft.com/utils/
79 KB
28 KB
Script
General
Full URL
https://account.edrawsoft.com/utils/edauth.js
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.139.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-139-150.compute-1.amazonaws.com
Software
/
Resource Hash
2c9916a847443a6ff0f4049d6168445539e8efa22fa0efa72acbf05dff0e5616

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 21:19:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Jun 2023 06:03:07 GMT
ETag
W/"6486b51b-13ac9"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Fri, 08 Dec 2023 21:19:54 GMT
css
fonts.googleapis.com/
11 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Poppins:300,400,500,700%7CUbuntu:300,400,500,700
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
49faa26abc3b4f7607b6a3316634d472073f482b64eff068182a5a1d2eaeb882
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 07 Dec 2023 21:19:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 21:19:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 07 Dec 2023 21:19:54 GMT
css
fonts.googleapis.com/
12 KB
919 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700%7CUbuntu:300,400,500,700
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
169ee5694844986b86b47f9e65281d49d2aba39e8aae511dba02fe5186b37280
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 07 Dec 2023 21:19:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 21:19:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 07 Dec 2023 21:19:54 GMT
edraw-mindmaster-header.svg
neveragain.allstatics.com/2019/assets/icon/logo/
8 KB
3 KB
Image
General
Full URL
https://neveragain.allstatics.com/2019/assets/icon/logo/edraw-mindmaster-header.svg
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-24.deploy.static.akamaitechnologies.com
Software
Tengine/unknown /
Resource Hash
c65db6fd9432c5e52d9435936d1567d06e2501aea75d8c5bdc848b7afc7cfed2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 21:19:54 GMT
content-encoding
gzip
last-modified
Tue, 04 Jul 2023 02:15:26 GMT
server
Tengine/unknown
etag
"64a380be-1ffb"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=5184000
accept-ranges
bytes
content-length
3255
expires
Mon, 05 Feb 2024 21:19:54 GMT
learning-geography-01.png
www.edrawmind.com/images/article/how-to-study-geography/
48 KB
48 KB
Image
General
Full URL
https://www.edrawmind.com/images/article/how-to-study-geography/learning-geography-01.png
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.139.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-139-150.compute-1.amazonaws.com
Software
/
Resource Hash
db8c0612843f099873a04879b79ef675fb7f23691c379dacabb0648c0f9dee12

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 21:19:55 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Sat, 22 Jan 2022 14:56:17 GMT
ETag
"61ec1b11-be14"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
48660
be-an-atlas-map-master.png
www.edrawmind.com/images/article/how-to-study-geography/
2 MB
2 MB
Image
General
Full URL
https://www.edrawmind.com/images/article/how-to-study-geography/be-an-atlas-map-master.png
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.139.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-139-150.compute-1.amazonaws.com
Software
/
Resource Hash
89f483eb36ec3e92260b8877e1151482657cf5fc5b73f824fb370346b6a343b4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 21:19:55 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Sat, 22 Jan 2022 14:56:17 GMT
ETag
"61ec1b11-23fa3e"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2357822
learning-geography-02.png
www.edrawmind.com/images/article/how-to-study-geography/
10 KB
10 KB
Image
General
Full URL
https://www.edrawmind.com/images/article/how-to-study-geography/learning-geography-02.png
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.139.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-139-150.compute-1.amazonaws.com
Software
/
Resource Hash
489dc1e12d6bf663dc2285a20ab190ba5f8d4b0c1fff9df7bcb6f6e9b487e7e6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 21:19:55 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Sat, 22 Jan 2022 14:56:17 GMT
ETag
"61ec1b11-28be"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10430
learning-geography-03.png
www.edrawmind.com/images/article/how-to-study-geography/
25 KB
26 KB
Image
General
Full URL
https://www.edrawmind.com/images/article/how-to-study-geography/learning-geography-03.png
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.139.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-139-150.compute-1.amazonaws.com
Software
/
Resource Hash
7968bb5d12347d5e5a15b034abe5ceaa3c3aac06efa8f35e82e251229bea0e9f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 21:19:55 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Sat, 22 Jan 2022 14:56:17 GMT
ETag
"61ec1b11-6551"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25937
take-quizzes.jpg
www.edrawmind.com/images/article/how-to-study-geography/
224 KB
225 KB
Image
General
Full URL
https://www.edrawmind.com/images/article/how-to-study-geography/take-quizzes.jpg
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.139.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-139-150.compute-1.amazonaws.com
Software
/
Resource Hash
45d709fb53d12f5ef020be9fd81d4d63ee1013d69127bc6b6acbe7cccafa5f1c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 21:19:55 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Sat, 22 Jan 2022 14:56:17 GMT
ETag
"61ec1b11-38122"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
229666
edraw-mindmaster-horizontal-white.svg
neveragain.allstatics.com/2019/assets/icon/logo/
9 KB
3 KB
Image
General
Full URL
https://neveragain.allstatics.com/2019/assets/icon/logo/edraw-mindmaster-horizontal-white.svg
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-24.deploy.static.akamaitechnologies.com
Software
Tengine/unknown /
Resource Hash
1ec5eaa42164396a3c95a92b4cdbbf97550202941bfec343548a5aba8d22f6f5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 21:19:54 GMT
content-encoding
gzip
last-modified
Thu, 14 Sep 2023 11:35:46 GMT
server
Tengine/unknown
etag
"6502f012-2253"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=5184000
accept-ranges
bytes
content-length
3376
expires
Mon, 05 Feb 2024 21:19:54 GMT
pay-apple.png
images.edrawmind.com/footer-img/
2 KB
2 KB
Image
General
Full URL
https://images.edrawmind.com/footer-img/pay-apple.png
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.189.182 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
Tengine/unknown /
Resource Hash
7ccc2a96388a84a06ba0a572ab8f979c203d29894372c2d126fe3e7e30bd44b6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 21:19:55 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 26 Jul 2022 02:29:12 GMT
Server
Tengine/unknown
ETag
"62df5178-7bc"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=5184000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1980
Expires
Mon, 05 Feb 2024 21:19:55 GMT
pay-google.png
images.edrawmind.com/footer-img/
3 KB
3 KB
Image
General
Full URL
https://images.edrawmind.com/footer-img/pay-google.png
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.189.182 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
Tengine/unknown /
Resource Hash
b56d96a93a03331a62e513c39c77b15fd4f554588d610b1b9de79d42fe276792

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 21:19:55 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 26 Jul 2022 02:29:15 GMT
Server
Tengine/unknown
ETag
"62df517b-c34"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=5184000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3124
Expires
Mon, 05 Feb 2024 21:19:55 GMT
footer-pay.png
www.edrawsoft.com/image/products/frame/
4 KB
4 KB
Image
General
Full URL
https://www.edrawsoft.com/image/products/frame/footer-pay.png
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::210:ca72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Tengine/2.3.2 /
Resource Hash
e8a26468f1e324cd5f5b8df165f8ff2ad1751ce7ff9eadcdf3bef4d651667e82

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 21:19:55 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 27 Nov 2020 06:49:41 GMT
server
Tengine/2.3.2
etag
"5fc0a185-ff2"
content-type
image/png
cache-control
max-age=5184000
accept-ranges
bytes
content-length
4082
expires
Mon, 05 Feb 2024 21:19:55 GMT
wsc-vendor.js
neveragain.allstatics.com/2019/assets/vendor/
180 KB
56 KB
Script
General
Full URL
https://neveragain.allstatics.com/2019/assets/vendor/wsc-vendor.js
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-24.deploy.static.akamaitechnologies.com
Software
Tengine/unknown /
Resource Hash
355a86224a89790dbd7cb2c8478879f905097e5e1c48217f0bce6891eed87309

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 21:19:54 GMT
content-encoding
gzip
last-modified
Thu, 14 Sep 2023 06:16:13 GMT
server
Tengine/unknown
etag
"6502a52d-2d0cc"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=5184000
accept-ranges
bytes
content-length
57599
expires
Mon, 05 Feb 2024 21:19:54 GMT
wsc-override-yt.js
neveragain.allstatics.com/2019/assets/script/
1 KB
721 B
Script
General
Full URL
https://neveragain.allstatics.com/2019/assets/script/wsc-override-yt.js
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-24.deploy.static.akamaitechnologies.com
Software
Tengine/unknown /
Resource Hash
4a16ae3f3a6a306ef985501f6a4397dedd89a3adcba49d05e67f44f0266fae9c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 21:19:54 GMT
content-encoding
gzip
last-modified
Mon, 21 Aug 2023 03:17:25 GMT
server
Tengine/unknown
etag
"64e2d745-42a"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=5184000
accept-ranges
bytes
content-length
524
expires
Mon, 05 Feb 2024 21:19:54 GMT
wsc-common.js
neveragain.allstatics.com/2019/assets/script/
25 KB
8 KB
Script
General
Full URL
https://neveragain.allstatics.com/2019/assets/script/wsc-common.js
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-24.deploy.static.akamaitechnologies.com
Software
Tengine/unknown /
Resource Hash
f6137d020e2b1047d56a0caabf7087216ba98fc0e53e323c45fc9d050f08d5e6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 21:19:54 GMT
content-encoding
gzip
last-modified
Thu, 14 Sep 2023 06:16:13 GMT
server
Tengine/unknown
etag
"6502a52d-63bd"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=5184000
accept-ranges
bytes
content-length
7708
expires
Mon, 05 Feb 2024 21:19:54 GMT
chunk-vendors.js
images.edrawsoft.com/assets/js/
80 KB
25 KB
Script
General
Full URL
https://images.edrawsoft.com/assets/js/chunk-vendors.js
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:5::17d8:4d4f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Tengine/unknown /
Resource Hash
243d25269c7cfc1868ec8a8a810b0cbc8664178f951b7d031d6e6bf76f4989f8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 21:19:55 GMT
content-encoding
gzip
last-modified
Tue, 22 Dec 2020 09:10:42 GMT
server
Tengine/unknown
etag
"5fe1b812-13f0e"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
content-length
24974
expires
Wed, 06 Mar 2024 21:19:55 GMT
app.js
images.edrawsoft.com/assets/js/
10 KB
4 KB
Script
General
Full URL
https://images.edrawsoft.com/assets/js/app.js
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:5::17d8:4d4f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Tengine/unknown /
Resource Hash
db5560e6ae2ced7cdcfbc4e7886c575cd262d72d66007274d8a94244b889fdd7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 21:19:55 GMT
content-encoding
gzip
last-modified
Tue, 22 Dec 2020 09:10:42 GMT
server
Tengine/unknown
etag
"5fe1b812-2714"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
content-length
3751
expires
Wed, 06 Mar 2024 21:19:55 GMT
download-redirect.js
www.edrawsoft.com/js/
3 KB
1 KB
Script
General
Full URL
https://www.edrawsoft.com/js/download-redirect.js
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::210:ca72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Tengine/2.3.2 /
Resource Hash
c7a002a5e6a51e129c65e2b1ebd2f778238d4c9b566809b322111ac04c03271e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 21:19:55 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Oct 2023 02:22:41 GMT
server
Tengine/2.3.2
etag
"652363f1-db0"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=5184000
accept-ranges
bytes
content-length
1133
expires
Mon, 05 Feb 2024 21:19:55 GMT
affiliate.js
images.wondershare.com/scripts/
53 KB
13 KB
Script
General
Full URL
https://images.wondershare.com/scripts/affiliate.js
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.110.90 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a88-221-110-90.deploy.static.akamaitechnologies.com
Software
Tengine/unknown /
Resource Hash
b0ee654e04aacc6dfa5a7bd9aec065c76d42ea678e5d05fb631bf111e71522ee

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 21:19:55 GMT
content-encoding
gzip
last-modified
Tue, 19 Sep 2023 01:48:29 GMT
server
Tengine/unknown
etag
"6508fded-d3f3"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
content-length
12915
expires
Wed, 06 Mar 2024 21:19:55 GMT
login-new.js
images.edrawsoft.com/assets/js/
7 KB
2 KB
Script
General
Full URL
https://images.edrawsoft.com/assets/js/login-new.js
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:5::17d8:4d4f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Tengine/unknown /
Resource Hash
6b088bda644550ec5dad5597dc1a2b6e0ea161993f3ca1faa7bdc7621d5d413c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 21:19:55 GMT
content-encoding
gzip
last-modified
Fri, 08 Jul 2022 08:26:49 GMT
server
Tengine/unknown
etag
"62c7ea49-1b72"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
content-length
2182
expires
Wed, 06 Mar 2024 21:19:55 GMT
bottom-banner.js
images.edrawmind.com/assets/js/
103 B
507 B
Script
General
Full URL
https://images.edrawmind.com/assets/js/bottom-banner.js
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.189.182 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
Tengine/unknown /
Resource Hash
cbb5fc34b9ca64bf858023978f985fa6cc8ee83cd4f06c58437a1697efce209f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 21:19:55 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 10 Sep 2021 07:51:19 GMT
Server
Tengine/unknown
ETag
"613b0e77-67"
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=5184000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
103
Expires
Mon, 05 Feb 2024 21:19:55 GMT
lazyload.js
images.edrawmax.com/assets/js/
2 KB
1 KB
Script
General
Full URL
https://images.edrawmax.com/assets/js/lazyload.js
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.39.189.181 , United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
Tengine/unknown /
Resource Hash
938903c5d7e3484798225dba9ef3d3d07120b63e2e962c25ccbfa08f2aaa02d7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 21:19:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Oct 2021 07:45:30 GMT
Server
Tengine/unknown
ETag
W/"61653d1a-8d7"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=5184000
Connection
keep-alive
Expires
Mon, 05 Feb 2024 21:19:55 GMT
sdk.js
connect.facebook.net/en_US/
302 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=aacb3e416718e0563156ca1b0493806c
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7f16e55ffb5ae25d94f61743862089390a298795bf62923cf70233b100b3860c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://flyawaybear.nl/
Origin
https://flyawaybear.nl
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 07 Dec 2023 21:19:54 GMT
content-md5
+Ja/lFGia3IRXMb/SNULtQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88321
reporting-endpoints
x-fb-debug
DiXabRpp9YX9YBm71Shr536DLRuK39m54Sl5jZmiREMF69DWpjYvyRJaXmhbovotWT6hhFqWVp6pOhGlrpI6vw==
x-fb-content-md5
b60ef90fd46190d6fb760238f53e94ba
cross-origin-opener-policy
same-origin-allow-popups
etag
"5c9592ade98aed8c41c50c0298e6fb83"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 06 Dec 2024 18:48:48 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,700%7CUbuntu:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://flyawaybear.nl
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 19:07:20 GMT
x-content-type-options
nosniff
age
7955
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Dec 2024 19:07:20 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,700%7CUbuntu:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://flyawaybear.nl
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:02 GMT
x-content-type-options
nosniff
age
217613
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Dec 2024 08:53:02 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700%7CUbuntu:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://flyawaybear.nl
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 07:55:06 GMT
x-content-type-options
nosniff
age
221089
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Dec 2024 07:55:06 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,700%7CUbuntu:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://flyawaybear.nl
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 23:25:31 GMT
x-content-type-options
nosniff
age
251664
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Dec 2024 23:25:31 GMT
pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,700%7CUbuntu:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://flyawaybear.nl
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:33:30 GMT
x-content-type-options
nosniff
age
467185
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7840
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:51:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Dec 2024 11:33:30 GMT
4iCv6KVjbNBYlgoC1CzjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/
38 KB
38 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoC1CzjsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,700%7CUbuntu:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5515c53111bb4a4f45aff63d06df893ae9033dc85e82cc2ef27fc099a4d7609
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://flyawaybear.nl
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:46:14 GMT
x-content-type-options
nosniff
age
261221
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38752
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:04:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Dec 2024 20:46:14 GMT
4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/
34 KB
34 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,700%7CUbuntu:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://flyawaybear.nl
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 19:07:20 GMT
x-content-type-options
nosniff
age
7955
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34852
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:31:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Dec 2024 19:07:20 GMT
4iCv6KVjbNBYlgoCjC3jsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/
30 KB
30 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,700%7CUbuntu:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://flyawaybear.nl
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 06:25:20 GMT
x-content-type-options
nosniff
age
485675
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30480
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Dec 2024 06:25:20 GMT
4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/
29 KB
29 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,700%7CUbuntu:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://flyawaybear.nl
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 17:45:55 GMT
x-content-type-options
nosniff
age
531240
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29752
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:05:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Nov 2024 17:45:55 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/741279201/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/741279201/?random=1701983995462&cv=11&fst=1701983995462&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v811965369&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fflyawaybear.nl%2F&hn=www.googleadservices.com&frm=0&tiba=Learning%20Geography%3A%20Top%20Tips%20to%20Study%20Geography%20%7C%20EdrawMind&auid=509711231.1701983995&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T7HLC79
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
125101e1d63f0e5d928d1d94cd2345dae9a2fd0253371c1db06841bd44dd6b16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 21:19:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T7HLC79
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 07 Dec 2023 19:22:33 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
7042
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 07 Dec 2023 21:22:33 GMT
8432.js
script.crazyegg.com/pages/scripts/0104/
6 KB
2 KB
Script
General
Full URL
https://script.crazyegg.com/pages/scripts/0104/8432.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T7HLC79
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76d2475fe9cdb8f0db6b8d0233a75a5f8a62d9fee860d82b283b642744d67a4f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 21:19:55 GMT
content-encoding
gzip
cf-cache-status
HIT
age
9144
cf-polished
origSize=5984
ce-version
11.5.153
cf-bgj
minify
last-modified
Thu, 07 Dec 2023 18:47:31 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
831fcf449ab9660a-AMS
ytag.js
s.yimg.jp/images/listing/tool/cv/
27 KB
9 KB
Script
General
Full URL
https://s.yimg.jp/images/listing/tool/cv/ytag.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T7HLC79
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.25.124 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
nghttpx /
Resource Hash
87813d0507d9e425d8a423153e598fbef4342d9a553edc4e0ad29cba6b380274

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

ats-carp-promotion
1
date
Thu, 07 Dec 2023 21:14:57 GMT
content-encoding
gzip
last-modified
Mon, 20 Nov 2023 05:05:25 GMT
server
nghttpx
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
age
300
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-z-chihaya
r=1
x-ntap-sg-trace-id
55409ec25a5eff8c
cache-control
public, max-age=600
permissions-policy
ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
content-length
8975
bat.js
bat.bing.com/
45 KB
13 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 07 Dec 2023 21:19:54 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F85BB157EFF446D9A2681B6C48EF4AA8 Ref B: BRU30EDGE0521 Ref C: 2023-12-07T21:19:55Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
uts_lp.php
www.linkconnector.com/
9 KB
3 KB
Script
General
Full URL
https://www.linkconnector.com/uts_lp.php?cgid=901518
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T7HLC79
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:30a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e730c873e82c0a77b4b189e192852282f11a25adb4bd44748abc700807902a5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 21:19:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://flyawaybear.nl
p3p
CP="NOI DSP COR NID CUR OUR NOR"
cache-control
no-cache, must-revalidate
x-server
lcweb1
timing-allow-origin
*
cf-ray
831fcf452d726718-AMS
content-length
2697
tagtag.min.js
www.artfut.com/static/
3 KB
2 KB
Script
General
Full URL
https://www.artfut.com/static/tagtag.min.js?campaign_code=71cd9bc0ec
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T7HLC79
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a44429f4e11a62335ca76e2dd9790dd80b005565fe962305a490fa3354abfee8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 21:19:55 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2053
x-guploader-uploadid
ABPtcPr24GKwVg9PAkxHsc3ellVF-6eK_s3-VyeVpTTJN3vVXDoPMW_b9q1Asrw_pfPZ3vVtFfXppI7k
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Mon, 25 Sep 2023 13:46:17 GMT
server
cloudflare
etag
W/"4812f8fd83d5cf6651f0b28f549ae045"
vary
Accept-Encoding
x-goog-generation
1695649577073691
content-type
application/javascript
x-goog-hash
crc32c=rtpocA==, md5=SBL4/YPVz2ZR8LKPVJrgRQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BdJldrbh44aoKKvuBcwubPpAZ3D0JEeISX5KOUBs%2Fh41rV35x2izWRGTyd0rlRruAsbfQCCj9yRCe4KBBBM4cV4YIf6fo1OsQlJG1f6joT3dtu%2BDseH82VS%2BFoz28%2FdyqZ5MEPVcr%2BRV8jcV"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3293
cf-ray
831fcf452d53b8fa-AMS
expires
Thu, 07 Dec 2023 21:45:42 GMT
19038.js
www.dwin1.com/
41 KB
11 KB
Script
General
Full URL
https://www.dwin1.com/19038.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T7HLC79
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:5400:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b04d72546f3d807901ac18982112fcf6c50c115095f76755040cd6be758599a7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
zR32WRrkE_nbij0xnr90P7uyNi3RXSM2
content-encoding
gzip
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
date
Thu, 07 Dec 2023 21:16:57 GMT
x-amz-cf-pop
FRA53-C1
age
183
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 24 May 2023 10:09:50 GMT
server
AmazonS3
etag
W/"9575e6eeef2b4a42e72a0401cbc03c24"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600, s-maxage=600
x-amz-cf-id
d952ErZIrBrOKSUjn26rQnB3sc2bVsy199fLR6cP2YBA9f5-FVM2yA==
A3249244-0e36-42f8-aac7-447bef0e6e601.js
utt.impactcdn.com/
45 KB
14 KB
Script
General
Full URL
https://utt.impactcdn.com/A3249244-0e36-42f8-aac7-447bef0e6e601.js
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
72.249.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
644cb9fc7ebb6afd69210c59fe5d6ac5bd9c20136f9b1a1edf11bf0d440451ac

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 21:15:56 GMT
content-encoding
gzip
age
239
x-guploader-uploadid
ABPtcPqjGDjMDzDoFaciBaaDXR5WEMlwolaVfagz-tCBAYqEDTaOBOY-NTHvms-XKLfYcJmpxTUdxfv3vrsN36HPTmVT_A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14124
last-modified
Thu, 28 Sep 2023 01:52:24 GMT
server
UploadServer
etag
"aa9eab2b8bf8c34ea8f99be7dcef5e78"
vary
Accept-Encoding
x-goog-generation
1695865944866994
x-goog-hash
crc32c=vmwmYA==, md5=qp6rK4v4w06o+Zvn3O9eeA==
access-control-allow-origin
*
content-type
text/javascript; charset=utf-8
cache-control
public,max-age=900,s-maxage=300
x-goog-stored-content-length
14124
accept-ranges
bytes
expires
Thu, 07 Dec 2023 21:20:56 GMT
120272.ct.js
tag.rmp.rakuten.com/
41 KB
14 KB
Script
General
Full URL
https://tag.rmp.rakuten.com/120272.ct.js
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.147.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
248.147.102.34.bc.googleusercontent.com
Software
/
Resource Hash
8f9ea3a29b091328c01087d3abe61edaa6b291f3bf7ad46240e19c7813dbe863
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 21:19:55 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=31536000
last-modified
Thu, 07 Dec 2023 21:19:55 GMT
x-cache
hit
x-samesite
secure
content-type
text/javascript
cache-control
max-age=86400
x-dyn
0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
handle.js
trk.indoleads.com/js/platform/
3 KB
4 KB
Script
General
Full URL
https://trk.indoleads.com/js/platform/handle.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T7HLC79
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.248.96.70 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
dd63b49b3b69de50157de0707a990cd7697c87242e19b58b8763739ea57d225c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 21:19:56 GMT
Last-Modified
Thursday, 07-Dec-2023 21:19:56 GMT
Server
nginx/1.10.3 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3407
20200.js
www.dwin1.com/
42 KB
12 KB
Script
General
Full URL
https://www.dwin1.com/20200.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T7HLC79
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:5400:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
762c3b19f748ce57702c15cab0f9f3e48e5beb3c1ed90ba639acafdf45ff29f2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
wyvN_K1Zzo5x6cOvxOl5C58FUnPEEzR8
content-encoding
gzip
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
date
Thu, 07 Dec 2023 21:15:36 GMT
x-amz-cf-pop
FRA53-C1
age
260
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 06 Dec 2023 13:49:23 GMT
server
AmazonS3
etag
W/"286dbe22f6e15fd865e1a2dc027049d4"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600, s-maxage=600
x-amz-cf-id
QH-H7JAQpvBzd1pu6aERurK-ccSwJN86YsbyP63d36e2ptU6tEg_vQ==
fbevents.js
connect.facebook.net/en_US/
202 KB
54 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 07 Dec 2023 21:19:55 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
xiy4Cesopt1jL7R9Tx0VpJuvGWEhxUATFNFlP+ExFVB4yVJacsLv1Sp+m+ZQq4YGgI/HJvnKuGBCmBwOLMDigQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
wcslog.js
wcs.naver.net/
23 KB
8 KB
Script
General
Full URL
https://wcs.naver.net/wcslog.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T7HLC79
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.56.200.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-200-15.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
95c2920b3543da452acc134c21064a8e14b5835da67b392ad4ea9b7ebb062ce2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 21:19:56 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Dec 2023 07:05:35 GMT
Server
nginx
ETag
"656d7a3f-5b04"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=3528
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7640
Expires
Thu, 07 Dec 2023 22:18:44 GMT
372309768428477
connect.facebook.net/signals/config/
133 KB
35 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/372309768428477?v=2.9.138&r=stable&domain=flyawaybear.nl
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2b867fa06a254ac14be24d79ee233c63737d65ed0ff082e447879ed34786f8d9
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 07 Dec 2023 21:19:55 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
L7SrRlt8kap9CxeIKyOyicDUMKnmiq27FGesuQgOhxMjBCvin/gty+XPsYc+Hv6RnTfo5qMiJeG7p7ZxQLIukQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
track.2.0.min.js
app.partnerboost.com/brand/
41 KB
15 KB
Script
General
Full URL
https://app.partnerboost.com/brand/track.2.0.min.js?bid=85021
Requested by
Host: images.wondershare.com
URL: https://images.wondershare.com/scripts/affiliate.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.243.241.30 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
47679b32af4e5845f9231c8dce5c94f8334d026a5511553ab8a1a9b954b3b970
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 21:19:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 06 Dec 2023 07:56:51 GMT
server
nginx
etag
W/"65702943-a3bb"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-ua-compatible
IE=Edge,chrome=1
trk
flyawaybear.nl/
0
484 B
XHR
General
Full URL
https://flyawaybear.nl/trk
Requested by
Host: images.wondershare.com
URL: https://images.wondershare.com/scripts/affiliate.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flyawaybear.nl/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 07 Dec 2023 21:19:55 GMT
referrer-policy
strict-origin-when-cross-origin
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jUuUgiqAj6PmXpJ%2FYqIqGwWbUCL60Ifiq200WWiA%2F55Lg6EhlxfzTpyZCIQfehaZXJD0G1fq6H1dGGtN%2Fg1bQQ5kLi40i4v%2F4OUSUSAGH8HPqKKrOvqnp69Z8O4SR9%2BeJXawVVuS6ZhfIjTWyA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
831fcf44884806ce-AMS
alt-svc
h3=":443"; ma=86400
content-length
0
collect
www.google-analytics.com/j/
4 B
209 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=603739982&t=pageview&ds=web_GTM-T7HLC79_297&_s=1&dl=https%3A%2F%2Fflyawaybear.nl%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Learning%20Geography%3A%20Top%20Tips%20to%20Study%20Geography%20%7C%20EdrawMind&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAFK~&jid=467588675&gjid=617330746&cid=318696807.1701983996&tid=UA-712362-6&_gid=401873678.1701983996&_r=1&_slc=1&gtm=45He3bt0n81T7HLC79v811965369&cg4=flyawaybear.nl&cd2=318696807.1701983996&cd12=flyawaybear.nl&cd16=https%3A%2F%2Fflyawaybear.nl%2F&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1248265972
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://flyawaybear.nl/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 21:19:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://flyawaybear.nl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
4 B
69 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=603739982&t=pageview&ds=web_GTM-T7HLC79_297&_s=1&dl=https%3A%2F%2Fflyawaybear.nl%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Learning%20Geography%3A%20Top%20Tips%20to%20Study%20Geography%20%7C%20EdrawMind&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAFK~&jid=467588675&gjid=617330746&cid=318696807.1701983996&tid=UA-4839360-64&_gid=401873678.1701983996&_r=1&_slc=1&gtm=45He3bt0n81T7HLC79v811965369&cg4=flyawaybear.nl&cd2=318696807.1701983996&cd12=flyawaybear.nl&cd16=https%3A%2F%2Fflyawaybear.nl%2F&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1248265972
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://flyawaybear.nl/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 21:19:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://flyawaybear.nl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/741279201/
42 B
455 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/741279201/?random=1701983995462&cv=11&fst=1701982800000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v811965369&u_w=1600&u_h=1200&url=https%3A%2F%2Fflyawaybear.nl%2F&frm=0&tiba=Learning%20Geography%3A%20Top%20Tips%20to%20Study%20Geography%20%7C%20EdrawMind&fmt=3&is_vtc=1&cid=CAQSGwDICaaNlYH9n0Jpk0ysL6z2nhFAiuqTdW3kjw&random=555857464&rmt_tld=0&ipr=y
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 21:19:55 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/741279201/
42 B
455 B
Image
General
Full URL
https://www.google.nl/pagead/1p-user-list/741279201/?random=1701983995462&cv=11&fst=1701982800000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v811965369&u_w=1600&u_h=1200&url=https%3A%2F%2Fflyawaybear.nl%2F&frm=0&tiba=Learning%20Geography%3A%20Top%20Tips%20to%20Study%20Geography%20%7C%20EdrawMind&fmt=3&is_vtc=1&cid=CAQSGwDICaaNlYH9n0Jpk0ysL6z2nhFAiuqTdW3kjw&random=555857464&rmt_tld=1&ipr=y
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 21:19:56 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
flyawaybear.nl.json
script.crazyegg.com/pages/data-scripts/0104/8432/site/
94 KB
7 KB
XHR
General
Full URL
https://script.crazyegg.com/pages/data-scripts/0104/8432/site/flyawaybear.nl.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0104/8432.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc3ef81b431fb3bebf53d64a826d7322916d68039c87906a7e2fa82d8b28c84c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 21:19:55 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 07 Dec 2023 21:19:55 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
ce-version
11.5.153
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
831fcf4528261cb1-AMS
content-length
7143
collect
stats.g.doubleclick.net/j/
4 B
70 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-712362-6&cid=318696807.1701983996&jid=467588675&gjid=617330746&_gid=401873678.1701983996&_u=YGBACEAABAAAACAFK~&z=1984055186
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://flyawaybear.nl/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 07 Dec 2023 21:19:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://flyawaybear.nl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
349 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-712362-6&cid=318696807.1701983996&jid=467588675&gjid=617330746&_gid=401873678.1701983996&_u=YGBACEAABAAAACAFK~&z=1984055186
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://flyawaybear.nl/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 07 Dec 2023 21:19:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://flyawaybear.nl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=372309768428477&ev=PageView&dl=https%3A%2F%2Fflyawaybear.nl%2F&rl=&if=false&ts=1701983995707&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701983995706.828343522&ler=empty&it=1701983995591&coo=false&rqm=GET
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 07 Dec 2023 21:19:56 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
1*1.gif
logs-01.loggly.com/inputs/9b965af4-52fb-46fa-be1b-8dc5fb0aad05/tag/jsinsight/
0
0
Image
General
Full URL
https://logs-01.loggly.com/inputs/9b965af4-52fb-46fa-be1b-8dc5fb0aad05/tag/jsinsight/1*1.gif?ver=U12&acid=A3249244-0e36-42f8-aac7-447bef0e6e601&type=UTT&msg=No%20campaign%20for%20landing%20page%3A%20https%3A%2F%2Fflyawaybear.nl%2F&event=identify()%20exit&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.71%20Safari%2F537.36
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.80.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-80-3.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

26057682.js
bat.bing.com/p/action/
0
117 B
Script
General
Full URL
https://bat.bing.com/p/action/26057682.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Thu, 07 Dec 2023 21:19:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 88179040618349C78304358CF2F9EBE0 Ref B: BRU30EDGE0521 Ref C: 2023-12-07T21:19:55Z
x-cache
CONFIG_NOCACHE
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-712362-6&cid=318696807.1701983996&jid=467588675&_u=YGBACEAABAAAACAFK~&z=937497034
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 21:19:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/
42 B
107 B
Image
General
Full URL
https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-712362-6&cid=318696807.1701983996&jid=467588675&_u=YGBACEAABAAAACAFK~&z=937497034
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 21:19:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jsp
ut.rd.linksynergy.com/
148 B
404 B
Script
General
Full URL
https://ut.rd.linksynergy.com/jsp?cn=rmuid&ro=0&cb=___rmuid
Requested by
Host: tag.rmp.rakuten.com
URL: https://tag.rmp.rakuten.com/120272.ct.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
3.67.98.34.bc.googleusercontent.com
Software
/
Resource Hash
6d0a2a9c18a375b7977a11cc9f9603a308cc09af1cd4c471d6e0b9896cd1705f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
text/plain; charset=utf-8
date
Thu, 07 Dec 2023 21:19:56 GMT
via
1.1 google
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148
x-samesite
secure
p
consent.linksynergy.com/consent/v3/
37 B
281 B
Image
General
Full URL
https://consent.linksynergy.com/consent/v3/p?rmch=cs&domain=flyawaybear.nl&sought=false&tp=gdpr&attr_sid=120272&aff_mid=37160&purposes=&vendors=&ext_id=62edc963-a27c-430f-a760-6a40409267f3
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
3.67.98.34.bc.googleusercontent.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 07 Dec 2023 21:19:56 GMT
via
1.1 google
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
x-samesite
secure
login
accounts.wondershare.com/web/ Frame 54A7
Redirect Chain
  • https://accounts.wondershare.com/v3/user/oauth-client/authorize?app_key=f650feb789aff6a157585eafb1593c9b&redirect_uri=https://account.edrawsoft.com/wsid/callback.html&response_type=code&scope=user&...
  • https://accounts.wondershare.com/web/login?lang=en-us&mode=1&oauth=1&product_id=14567&redirect_uri=https%3A%2F%2Faccounts.wondershare.com%2Fv3%2Fuser%2Foauth-client%2Fauthorize%3Fapp_key%3Df650feb7...
0
0
Document
General
Full URL
https://accounts.wondershare.com/web/login?lang=en-us&mode=1&oauth=1&product_id=14567&redirect_uri=https%3A%2F%2Faccounts.wondershare.com%2Fv3%2Fuser%2Foauth-client%2Fauthorize%3Fapp_key%3Df650feb789aff6a157585eafb1593c9b%26redirect_uri%3Dhttps%3A%2F%2Faccount.edrawsoft.com%2Fwsid%2Fcallback.html%26response_type%3Dcode%26scope%3Duser%26state%3D10000%26product_id%3D14567%26source%3D43%26lang%3Den-us%26mode%3D1%26verify%3Dno&site=account.edrawsoft.com&source=43&verify=yes
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
47.91.89.51 Frankfurt am Main, Germany, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.hipdf.com https://*.hipdf.cn https://*.mindmaster.io https://*.edrawsoft.com https://*.iskysoft.com https://*.iskysoft.us https://*.wondershare.com https://*.wondershare.jp https://*.wondershare.cc https://*.wondershare.cn https://*.wondershare.co.jp https://*.wondershare.com.ru https://*.wondershare.fr https://*.wondershare.jp https://*.wondershare.tw https://*.wondershare.com.br https://*.wondershare.de https://*.wondershare.hk https://*.wondershare.kr https://*.wondershare.ae https://*.wondershare.co.id https://*.wondershare.es https://*.wondershare.it https://*.wondershare.net https://*.media.io https://*.edrawmax.com https://*.filmora.io https://*.edrawmind.com https://*.inclowdz.com/ https://inclowdz.com/ https://teams.microsoft.com https://*.facengine.ai https://*.virtulook.ai https://*.virbo.ai https://*.kwicut.ai;
X-Frame-Options ALLOW-FROM

Request headers

Referer
https://flyawaybear.nl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials
true
access-control-expose-headers
Content-Length,Content-Range
cache-control
no-cache
content-encoding
gzip
content-security-policy
frame-ancestors 'self' https://*.hipdf.com https://*.hipdf.cn https://*.mindmaster.io https://*.edrawsoft.com https://*.iskysoft.com https://*.iskysoft.us https://*.wondershare.com https://*.wondershare.jp https://*.wondershare.cc https://*.wondershare.cn https://*.wondershare.co.jp https://*.wondershare.com.ru https://*.wondershare.fr https://*.wondershare.jp https://*.wondershare.tw https://*.wondershare.com.br https://*.wondershare.de https://*.wondershare.hk https://*.wondershare.kr https://*.wondershare.ae https://*.wondershare.co.id https://*.wondershare.es https://*.wondershare.it https://*.wondershare.net https://*.media.io https://*.edrawmax.com https://*.filmora.io https://*.edrawmind.com https://*.inclowdz.com/ https://inclowdz.com/ https://teams.microsoft.com https://*.facengine.ai https://*.virtulook.ai https://*.virbo.ai https://*.kwicut.ai;
content-type
text/html
date
Thu, 07 Dec 2023 21:19:56 GMT
expires
Thu, 07 Dec 2023 21:19:55 GMT
server
envoy
vary
Origin
x-envoy-upstream-service-time
1
x-frame-options
ALLOW-FROM

Redirect headers

access-control-allow-credentials
true
access-control-expose-headers
Content-Length,Content-Range
cache-control
no-cache,no-cache
content-type
text/html; charset=utf-8
date
Thu, 07 Dec 2023 21:19:56 GMT
expires
Thu, 07 Dec 2023 21:19:55 GMT
location
https://accounts.wondershare.com/web/login?lang=en-us&mode=1&oauth=1&product_id=14567&redirect_uri=https%3A%2F%2Faccounts.wondershare.com%2Fv3%2Fuser%2Foauth-client%2Fauthorize%3Fapp_key%3Df650feb789aff6a157585eafb1593c9b%26redirect_uri%3Dhttps%3A%2F%2Faccount.edrawsoft.com%2Fwsid%2Fcallback.html%26response_type%3Dcode%26scope%3Duser%26state%3D10000%26product_id%3D14567%26source%3D43%26lang%3Den-us%26mode%3D1%26verify%3Dno&site=account.edrawsoft.com&source=43&verify=yes
pragma
no-cache
server
envoy
vary
Origin
x-envoy-upstream-service-time
14
js
www.googletagmanager.com/gtag/
272 KB
90 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-24WTSJBD5B&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T7HLC79
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8e57949792a11a3b3d37452f3db20b63eaa74e9dd9930842c466c1ded651644b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 21:19:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91941
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 07 Dec 2023 21:19:55 GMT
0
bat.bing.com/action/
0
286 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=26057682&Ver=2&mid=7fefc507-43b4-4582-8df3-b56eb16bdca1&sid=5e6ff840954611ee9ac785eb357ff8b6&vid=5e700e40954611eebdc195c00fe8a4b6&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Learning%20Geography%3A%20Top%20Tips%20to%20Study%20Geography%20%7C%20EdrawMind&p=https%3A%2F%2Fflyawaybear.nl%2F&r=&lt=2068&evt=pageLoad&sv=1&rn=10759
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 07 Dec 2023 21:19:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9B99996B28FA42A0A6EC272A045DF13A Ref B: BRU30EDGE0521 Ref C: 2023-12-07T21:19:55Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
219d370add706cffcc1a4f80ada0a455.js
script.crazyegg.com/pages/versioned/commontransformations-scripts/
137 KB
46 KB
Script
General
Full URL
https://script.crazyegg.com/pages/versioned/commontransformations-scripts/219d370add706cffcc1a4f80ada0a455.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0104/8432.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3070a466b840b215ed8bd56484b78317b2e1316caed633bc139af0b8d9170aa

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 21:19:56 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 01 Dec 2023 10:29:27 GMT
server
cloudflare
age
526887
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
831fcf46eda0660a-AMS
content-length
46671
flyawaybear.nl.json
script.crazyegg.com/pages/data-scripts/0104/8432/sampling/
3 KB
596 B
XHR
General
Full URL
https://script.crazyegg.com/pages/data-scripts/0104/8432/sampling/flyawaybear.nl.json?t=472773
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/219d370add706cffcc1a4f80ada0a455.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
865b12f01e634d3b7cb61451e33e5d46b77389e6d61f0bee5a2207017727c364

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 21:19:56 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 07 Dec 2023 21:19:56 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
ce-version
11.5.153
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
831fcf474b4f1cb1-AMS
content-length
486
collect
region1.analytics.google.com/g/
0
254 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-24WTSJBD5B&gtm=45je3bt0v868368117z8811965369&_p=1701983994214&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=318696807.1701983996&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dp=%2F&sid=1701983996&sct=1&seg=0&dl=https%3A%2F%2Fflyawaybear.nl%2F&dt=Learning%20Geography%3A%20Top%20Tips%20to%20Study%20Geography%20%7C%20EdrawMind&en=page_view&_fv=2&_ss=1&ep.page=flyawaybear.nl%2F&ep.data_source=web_GTM-T7HLC79_297&ep.sourceSite=flyawaybear.nl&ep.page_full_url=https%3A%2F%2Fflyawaybear.nl%2F&ep.hostname=flyawaybear.nl&ep.domain=flyawaybear.nl&ep.page_language=Dutch&ep.page_product=(not%20set)&ep.page_path_level_2=&ep.hit_timestamp_user_local=2023-12-07_22%3A19%3A55&ep.hit_timestamp_cn=2023-12-08_05%3A19%3A55&ep.gtm_id=GTM-T7HLC79&ep.gtm_version=297&up.user_id_55=not_logged_in&up.client_id=318696807.1701983996.&tfd=2201
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-24WTSJBD5B&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 21:19:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://flyawaybear.nl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
56 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-24WTSJBD5B&cid=318696807.1701983996&gtm=45je3bt0v868368117z8811965369&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-24WTSJBD5B&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 21:19:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://flyawaybear.nl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/
42 B
107 B
Image
General
Full URL
https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-24WTSJBD5B&cid=318696807.1701983996&gtm=45je3bt0v868368117z8811965369&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=681670094
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 21:19:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
tags.rd.linksynergy.com/
Redirect Chain
  • https://idsync.rlcdn.com/458359.gif?partner_uid=e95244b0-4814-42cd-98a0-bf022cf399ef
  • https://idsync.rlcdn.com/1000.gif?memo=CPf8GxIwCiwIARCd5gEaJGU5NTI0NGIwLTQ4MTQtNDJjZC05OGEwLWJmMDIyY2YzOTllZhAAGg0I_O3IqwYSBQjoBxAAQgBKAA
  • https://tags.rd.linksynergy.com/cs?ns=lr&uid3=a2683f545f7454a59a743f4d3affdf95afe8d5b1da0c6fbe1f8ac78ea04ebfb86ac34734d8e453ee
37 B
292 B
Image
General
Full URL
https://tags.rd.linksynergy.com/cs?ns=lr&uid3=a2683f545f7454a59a743f4d3affdf95afe8d5b1da0c6fbe1f8ac78ea04ebfb86ac34734d8e453ee
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
H2
Server
34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
3.67.98.34.bc.googleusercontent.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 07 Dec 2023 21:19:56 GMT
via
1.1 google
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
x-samesite
secure

Redirect headers

date
Thu, 07 Dec 2023 21:19:56 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://tags.rd.linksynergy.com/cs?ns=lr&uid3=a2683f545f7454a59a743f4d3affdf95afe8d5b1da0c6fbe1f8ac78ea04ebfb86ac34734d8e453ee
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
uts_clickcounts.php
www.linkconnector.com/
0
0
Script
General
Full URL
https://www.linkconnector.com/uts_clickcounts.php?cgid=901518&mid=48130&MerchantURL=https%3A%2F%2Fflyawaybear.nl%2F&cid=&Mode=js&AffiliateReferer=&uts_lcid_arr=[]&uts_mlcid=LC1701983997.404
Requested by
Host: www.linkconnector.com
URL: https://www.linkconnector.com/uts_lp.php?cgid=901518
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:30a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

tu.php
www.linkconnector.com/
49 B
341 B
Image
General
Full URL
https://www.linkconnector.com/tu.php?pid=48130&nv=_gcl_au%3D1.1.509711231.1701983995%2C%20_gid%3DGA1.2.401873678.1701983996%2C%20_gat_UA-712362-6%3D1%2C%20_fbp%3Dfb.1.1701983995706.828343522%2C%20_uetsid%3D5e6ff840954611ee9ac785eb357ff8b6%2C%20_uetvid%3D5e700e40954611eebdc195c00fe8a4b6%2C%20_ga_24WTSJBD5B%3DGS1.1.1701983996.1.0.1701983996.60.0.0%2C%20_ga%3DGA1.1.318696807.1701983996%2C%20_ce.irv%3Dnew%2C%20cebs%3D1%2C%20_ce.s%3Dv~852e8076bd0a32655482ee601bc870527211d99a~lcw~1701983996206~lva~1701983996206~vpv~0~lcw~1701983996207%2C%20_yjsu_yjad%3D1701983997.eb31da36-e9b5-447a-be81-5a117d7db041
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:30a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 21:19:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
p3p
CP="NOI DSP COR NID CUR OUR NOR", policyref="http://www.linkconnector.com/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
cache-control
no-cache
x-server
lcweb1
cf-ray
831fcf51ba906718-AMS
content-length
49
expires
Thu, 07 Dec 2023 21:19:56 GMT
uts_uid.php
www.linkconnector.com/js/
49 B
255 B
Image
General
Full URL
https://www.linkconnector.com/js/uts_uid.php?cgid=901518&uts_protocol=
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:30a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 21:19:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NOI DSP COR NID CUR OUR NOR"
content-type
image/gif
x-server
lcweb1
cf-ray
831fcf51ba926718-AMS
content-length
49
tracking.min.js
www.artfut.com/static/
20 KB
6 KB
Script
General
Full URL
https://www.artfut.com/static/tracking.min.js?campaign_code=71cd9bc0ec
Requested by
Host: www.artfut.com
URL: https://www.artfut.com/static/tagtag.min.js?campaign_code=71cd9bc0ec
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4133afc350d176f80eaa227f903be91646e1e2dec276f60eb8a15f9a1df96df8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 21:19:57 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2720
x-guploader-uploadid
ABPtcPpD1NIniW89WLI4nkq8TGi7y8UtdRWN9BvwGDPeRKWPeij9gLzrUhFEroZe9x3x8Gu1vBTacvXUGtZ_GPH4HsbqIEZ5KbZt
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Mon, 25 Sep 2023 13:46:17 GMT
server
cloudflare
etag
W/"92a2edabf4ea8232350a0568d3d7e796"
vary
Accept-Encoding
x-goog-generation
1695649577156587
content-type
application/javascript
x-goog-hash
crc32c=Y0ABmg==, md5=kqLtq/TqgjI1CgVo09fnlg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hxJuFSOxX4b9j3Uzg6GK7sJCq7x4wjCnwbuB1c7IP6GFaXqssUcfC0g0ZYqF4SIlvNWE3KzIAdZwjsmEZmpYMi%2B7rNZL062IiLoQYciiLUfFbA99HNWjPuwkxiyhF%2FkdVNb2Ux0YQZbzp%2BCH"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
20009
cf-ray
831fcf51bdbcb8fa-AMS
expires
Thu, 07 Dec 2023 21:34:37 GMT
crossdevice.min.js
www.artfut.com/static/
26 KB
8 KB
Script
General
Full URL
https://www.artfut.com/static/crossdevice.min.js?campaign_code=71cd9bc0ec
Requested by
Host: www.artfut.com
URL: https://www.artfut.com/static/tagtag.min.js?campaign_code=71cd9bc0ec
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a0a6f95a4690cc601af37294f20d98cedade16943ba48fe46d3e0c23319cfe2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 21:19:57 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ABPtcPrf6hKVQLB4RWSTbvDTAKTBHyycpxJpgIR0kOkG-VK9Ct1aW3kPNuFiESfyV2ykLDl-ZPE
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Mon, 25 Sep 2023 13:46:12 GMT
server
cloudflare
etag
W/"0a118869c6d6400c0817b2e5dc07ec58"
vary
Accept-Encoding
x-goog-generation
1695649572769609
content-type
application/javascript
x-goog-hash
crc32c=4qSaRw==, md5=ChGIacbWQAwIF7Ll3AfsWA==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OXrJyTSoTBdwxBht%2BwtPia6eVQU6C74SRvN1OQuuxQ9MrPslEbDBJo%2FFNbui6F7TlB1XoFWTbnIkyFKnxS4UAT92TjkR4VrMgx0lvNnO%2FrznPKlPQj%2BVOiaWwx%2B3upFiNBPKHZt4l6FxBRua"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
26443
cf-ray
831fcf51bdbeb8fa-AMS
expires
Thu, 07 Dec 2023 22:19:57 GMT
lantern_global_20200.min.js
lantern.roeyecdn.com/
2 KB
2 KB
Script
General
Full URL
https://lantern.roeyecdn.com/lantern_global_20200.min.js
Requested by
Host: www.dwin1.com
URL: https://www.dwin1.com/20200.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:6200:1f:af3f:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c3be293bf9123827a61a2d0c23c55407d16be4d1a98a357023429f65ba294608

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 00:10:52 GMT
x-amz-version-id
fJYUF6m2XZ2IXt2687Humlk3u4PwmxEr
via
1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
last-modified
Wed, 04 Oct 2023 13:29:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
76146
etag
"21687d781510e8548771fc69eb39b2c7"
x-cache
Hit from cloudfront
content-type
application/octet-stream
content-length
1821
x-amz-cf-id
WpPOJAP_YHeuwn2gcLp0q5Rpb5i4YlaTZMFdQb7bR70cw9b0XSst5w==
b
wcs.naver.com/
0
631 B
Ping
General
Full URL
https://wcs.naver.com/b
Requested by
Host: wcs.naver.net
URL: https://wcs.naver.net/wcslog.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
110.93.147.30 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software
wcs /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://flyawaybear.nl/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 21:19:58 GMT
x-content-type-options
nosniff
server
wcs
accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version
p3p
CP = "ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
access-control-allow-origin
https://flyawaybear.nl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Tue, 01 Jan 1980 09:00:00 GMT
track.php
lantern.roeye.com/
0
128 B
Image
General
Full URL
https://lantern.roeye.com/track.php?fingerprint=&referrer=&landingpage=https%3A%2F%2Fflyawaybear.nl%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.71%20Safari%2F537.36&site=20200
Requested by
Host: flyawaybear.nl
URL: https://flyawaybear.nl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.247.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-247-29.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://flyawaybear.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 21:19:57 GMT
server
nginx
content-length
0
content-type
image/gif

Verdicts & Comments Add Verdict or Comment

214 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture object| FB object| dataLayer object| wsNotification object| __buffer object| $edAuth function| fbAsyncInit object| wsc_webpackJsonp object| wscConf function| jQuery function| $ object| WebFont object| wsc function| WscHeaderFooter2020 boolean| wsc_header_footer_2020_init_done object| webpackJsonp object| core function| setImmediate function| clearImmediate function| swal function| sweetAlert function| ClipboardJS object| supportFunc object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| GooglebQhCsO string| GoogleAnalyticsObject function| ga object| uetq object| t string| ire_o function| ire object| DataLayer string| INDOLEADS_CLICK_PARAM number| INDOLEADS_COOKIES_LIFETIME function| fbq function| _fbq boolean| done function| fn number| timer function| checked string| trace_channel object| gtmReportObj object| hrefParams string| scene object| custom string| customStr string| shopping_id boolean| isBuyPage function| setCookie function| getPureUrl function| create_shopping_id function| isBuyPageFunc function| getParameter function| getParamByName function| getCookie function| serviceCookie function| transferParamsObj2Str function| isNonEmptyValue function| getGACookie function| uuid function| buildParamsObj2String function| sendGTMRequest function| isAccountUrl function| isCartUrl undefined| myString undefined| r undefined| rank undefined| kw undefined| engine undefined| keyWord undefined| pn string| logWrapperId string| loggedWrapperId string| signInEleId string| signUpEleId string| logoutEleId string| accountEleId string| nicknameEleId string| avatarEleId string| authContainerId string| authWrapper boolean| edLoginBuyFlag string| toHref function| bindAll function| showSignIn function| showSignUp function| logout function| bind function| updateUI function| checkAuth object| gaplugins object| gaGlobal object| gaData function| C55 object| config55 function| _UA-712362-6_originalSendTask boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL function| ImpactRadiusEvent object| irEvent function| UET function| UET_init function| UET_push object| ueto_b9b590daec object| ___RMCMPW function| ___rmuid function| isIE function| lazyLoad1 function| throttle string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL object| webpackChunkCE2 object| CE2BH function| CE_URL_FINGERPRINT string| __INDIVIDUAL_ONE_VERSION_ev-store_ENFORCE_SINGLETON undefined| __INDIVIDUAL_ONE_VERSION_ev-store object| CE_API object| cti120272 object| PBT_0x26ec function| PBT_0x317a object| PB object| yjDataLayer object| ytagapi function| ytag string| uts_ip string| uts_refr string| uts_protocol string| uts_now string| uts_dnt string| uts_lc_cookievalue string| uts_lc_uts_id string| uts_lcid string| uts_calling_domain string| lc_mref string| lc_val number| uoffset function| ScriptFunction function| ImgFunction function| uts_readCookie function| uts_setCookie function| uts_getHostName function| uts_getDomain function| uts_getQueryStringValue function| uts_unscramble function| uts_getLSCookie function| uts_setLSCookie undefined| d string| ic_infinity_cookievalue string| ic_real_cookievalue string| lc_aid boolean| uts_cj_guy boolean| uts_ss_guy boolean| set_nlt_cookie string| uts_location string| uts_trafficname string| uts_method number| uts_duration string| uts_customerid string| uts_cgid string| uts_nlt_campaignid string| nlt_name string| uid_customerid object| uid_ca string| uid_url string| uts_uid_curl object| uString object| uCookieVal string| uts_uri string| uts_domain string| uts_cookieval object| regex undefined| new_promo string| lc_aref boolean| uts_wcookie object| exdate string| c_lctid string| ulctid boolean| uts_samedomain string| vuts_id string| uts_id_loc number| dateTime object| uts_lcid_arr undefined| uts_nlcid string| uts_mlcid undefined| uts_curl undefined| cj_val undefined| ss_val string| fl_val string| uts_cc_curl object| ADMITAD object| AWIN function| getErrorMessage function| sendDebugEvent object| shrslImgs function| AwinCustomEvent function| parseUTM function| setIndoleadsClickIDCookie function| isUUID object| wcs string| wcs_SerName object| wcs_add function| wcs_do function| wcs_test object| _nasa string| index object| lanternTracker object| lantern

26 Cookies

Domain/Path Name / Value
.flyawaybear.nl/ Name: _gcl_au
Value: 1.1.509711231.1701983995
.flyawaybear.nl/ Name: _gid
Value: GA1.2.401873678.1701983996
.flyawaybear.nl/ Name: _gat_UA-712362-6
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.flyawaybear.nl/ Name: _fbp
Value: fb.1.1701983995706.828343522
.linkconnector.com/ Name: uts_901518_lpcheck
Value: 1
.flyawaybear.nl/ Name: _uetsid
Value: 5e6ff840954611ee9ac785eb357ff8b6
.flyawaybear.nl/ Name: _uetvid
Value: 5e700e40954611eebdc195c00fe8a4b6
.bing.com/ Name: MUID
Value: 08EB2EC876F0602500E33D28779C6160
.flyawaybear.nl/ Name: _ga_24WTSJBD5B
Value: GS1.1.1701983996.1.0.1701983996.60.0.0
.flyawaybear.nl/ Name: _ga
Value: GA1.1.318696807.1701983996
.wondershare.com/ Name: sign_identity
Value: 68a79d00-f876-4360-8502-01e8cb9691d7
.linksynergy.com/ Name: rmuid
Value: 12eaa68b-1056-4f85-8ec8-a07e3f589c68
.flyawaybear.nl/ Name: _ce.irv
Value: new
.flyawaybear.nl/ Name: cebs
Value: 1
.flyawaybear.nl/ Name: _ce.s
Value: v~852e8076bd0a32655482ee601bc870527211d99a~lcw~1701983996206~lva~1701983996206~vpv~0~lcw~1701983996207
.rlcdn.com/ Name: rlas3
Value: Ng6GimoqAA4NIzBndx7GhZSU44SIs0Z6+cdeWyAtc/o=
.rlcdn.com/ Name: pxrc
Value: CPztyKsGEgUI6AcQABIGCOTrARAA
.linksynergy.com/ Name: icts
Value: 2023-12-07T21:19:56Z
.flyawaybear.nl/ Name: _yjsu_yjad
Value: 1701983997.eb31da36-e9b5-447a-be81-5a117d7db041
.flyawaybear.nl/ Name: uts_id
Value: uts1701983997.618
.flyawaybear.nl/ Name: LCUTS_UID_901518
Value: 901518
.flyawaybear.nl/ Name: _fwb
Value: 123Z2d7Eh8Y7EVWcXj8miNF.1701983997709
flyawaybear.nl/ Name: wcs_bt
Value: s_5a2ff88bc4b5:1701983997
.linkconnector.com/ Name: LCID
Value: LC1701983997.9668195
.wcs.naver.com/ Name: NWB
Value: c5386e6832c7ddfb288865b7fb0f5039.1701983998614

3 Console Messages

Source Level URL
Text
network error
Message:
The script has an unsupported MIME type ('text/html').
network error URL: https://flyawaybear.nl/trk
Message:
Failed to load resource: the server responded with a status of 405 ()
security error
Message:
Refused to frame 'https://accounts.wondershare.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self' https://*.hipdf.com https://*.hipdf.cn https://*.mindmaster.io https://*.edrawsoft.com https://*.iskysoft.com https://*.iskysoft.us https://*.wondershare.com https://*.wondershare.jp https://*.wondershare.cc https://*.wondershare.cn https://*.wondershare.co.jp https://*.wondershare.com.ru https://*.wondershare.fr https://*.wondershare.jp https://*.wondershare.tw https://*.wondershare.com.br https://*.wondershare.de https://*.wondershare.hk https://*.wondershare.kr https://*.wondershare.ae https://*.wondershare.co.id https://*.wondershare.es https://*.wondershare.it https://*.wondershare.net https://*.media.io https://*.edrawmax.com https://*.filmora.io https://*.edrawmind.com https://*.inclowdz.com/ https://inclowdz.com/ https://teams.microsoft.com https://*.facengine.ai https://*.virtulook.ai https://*.virbo.ai https://*.kwicut.ai".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.edrawsoft.com
accounts.wondershare.com
app.partnerboost.com
bat.bing.com
connect.facebook.net
consent.linksynergy.com
dc-static.wondershare.com
flyawaybear.nl
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
idsync.rlcdn.com
images.edrawmax.com
images.edrawmind.com
images.edrawsoft.com
images.wondershare.com
lantern.roeye.com
lantern.roeyecdn.com
logs-01.loggly.com
neveragain.allstatics.com
region1.analytics.google.com
s.yimg.jp
script.crazyegg.com
stats.g.doubleclick.net
tag.rmp.rakuten.com
tags.rd.linksynergy.com
trk.indoleads.com
ut.rd.linksynergy.com
utt.impactcdn.com
wcs.naver.com
wcs.naver.net
www.artfut.com
www.dwin1.com
www.edrawmind.com
www.edrawsoft.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www.linkconnector.com
104.248.96.70
110.93.147.30
182.22.25.124
193.108.153.24
2001:4860:4802:32::36
23.56.200.15
2600:9000:214f:5400:f:8ce2:fb80:93a1
2600:9000:2250:6200:1f:af3f:8a40:93a1
2606:4700:10::6816:30a9
2606:4700:20::681a:6d
2606:4700::6813:9308
2620:1ec:c11::200
2a00:1450:4001:808::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200e
2a00:1450:4001:813::200a
2a00:1450:4001:81c::2008
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:400c:c07::9b
2a02:26f0:3500:5::17d8:4d4f
2a02:26f0:780::210:ca72
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a06:98c1:3120::3
34.102.147.248
34.98.67.3
35.186.249.72
35.244.174.68
47.243.241.30
47.91.89.51
52.201.139.150
52.214.247.29
54.236.80.3
70.39.189.181
70.39.189.182
88.221.110.90
0b7e07e1326b37a5c190be975856825fd72001164e6e30f78163dff352668214
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
125101e1d63f0e5d928d1d94cd2345dae9a2fd0253371c1db06841bd44dd6b16
169ee5694844986b86b47f9e65281d49d2aba39e8aae511dba02fe5186b37280
17c4e98c2a74f7b6db3984c90f4c52ff3c1b4a9a090c6255ded034ec70470719
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1ec5eaa42164396a3c95a92b4cdbbf97550202941bfec343548a5aba8d22f6f5
243d25269c7cfc1868ec8a8a810b0cbc8664178f951b7d031d6e6bf76f4989f8
2b867fa06a254ac14be24d79ee233c63737d65ed0ff082e447879ed34786f8d9
2c9916a847443a6ff0f4049d6168445539e8efa22fa0efa72acbf05dff0e5616
355a86224a89790dbd7cb2c8478879f905097e5e1c48217f0bce6891eed87309
3a0a6f95a4690cc601af37294f20d98cedade16943ba48fe46d3e0c23319cfe2
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
4133afc350d176f80eaa227f903be91646e1e2dec276f60eb8a15f9a1df96df8
45d709fb53d12f5ef020be9fd81d4d63ee1013d69127bc6b6acbe7cccafa5f1c
47679b32af4e5845f9231c8dce5c94f8334d026a5511553ab8a1a9b954b3b970
489dc1e12d6bf663dc2285a20ab190ba5f8d4b0c1fff9df7bcb6f6e9b487e7e6
49faa26abc3b4f7607b6a3316634d472073f482b64eff068182a5a1d2eaeb882
4a16ae3f3a6a306ef985501f6a4397dedd89a3adcba49d05e67f44f0266fae9c
580a8a7bdafe5025d31452b6ba5922d62e0851a215d548828c0c76fd0db1d7cd
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
644cb9fc7ebb6afd69210c59fe5d6ac5bd9c20136f9b1a1edf11bf0d440451ac
67e6b3490e5d90a5fc8faaebd04bd401bc74930eb935dd9d51a2951977ea5751
6b088bda644550ec5dad5597dc1a2b6e0ea161993f3ca1faa7bdc7621d5d413c
6d0a2a9c18a375b7977a11cc9f9603a308cc09af1cd4c471d6e0b9896cd1705f
762c3b19f748ce57702c15cab0f9f3e48e5beb3c1ed90ba639acafdf45ff29f2
76d2475fe9cdb8f0db6b8d0233a75a5f8a62d9fee860d82b283b642744d67a4f
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7968bb5d12347d5e5a15b034abe5ceaa3c3aac06efa8f35e82e251229bea0e9f
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7ccc2a96388a84a06ba0a572ab8f979c203d29894372c2d126fe3e7e30bd44b6
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f16e55ffb5ae25d94f61743862089390a298795bf62923cf70233b100b3860c
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
865b12f01e634d3b7cb61451e33e5d46b77389e6d61f0bee5a2207017727c364
87813d0507d9e425d8a423153e598fbef4342d9a553edc4e0ad29cba6b380274
89f483eb36ec3e92260b8877e1151482657cf5fc5b73f824fb370346b6a343b4
8e57949792a11a3b3d37452f3db20b63eaa74e9dd9930842c466c1ded651644b
8e730c873e82c0a77b4b189e192852282f11a25adb4bd44748abc700807902a5
8f9ea3a29b091328c01087d3abe61edaa6b291f3bf7ad46240e19c7813dbe863
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
938903c5d7e3484798225dba9ef3d3d07120b63e2e962c25ccbfa08f2aaa02d7
95c2920b3543da452acc134c21064a8e14b5835da67b392ad4ea9b7ebb062ce2
a44429f4e11a62335ca76e2dd9790dd80b005565fe962305a490fa3354abfee8
a5515c53111bb4a4f45aff63d06df893ae9033dc85e82cc2ef27fc099a4d7609
ad0540b519243453dbd4e542880cc30dc3fc55e275832c281e887c0c48bd73aa
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b04d72546f3d807901ac18982112fcf6c50c115095f76755040cd6be758599a7
b0ee654e04aacc6dfa5a7bd9aec065c76d42ea678e5d05fb631bf111e71522ee
b56d96a93a03331a62e513c39c77b15fd4f554588d610b1b9de79d42fe276792
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c3be293bf9123827a61a2d0c23c55407d16be4d1a98a357023429f65ba294608
c65db6fd9432c5e52d9435936d1567d06e2501aea75d8c5bdc848b7afc7cfed2
c7a002a5e6a51e129c65e2b1ebd2f778238d4c9b566809b322111ac04c03271e
cbb5fc34b9ca64bf858023978f985fa6cc8ee83cd4f06c58437a1697efce209f
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d3070a466b840b215ed8bd56484b78317b2e1316caed633bc139af0b8d9170aa
db5560e6ae2ced7cdcfbc4e7886c575cd262d72d66007274d8a94244b889fdd7
db8c0612843f099873a04879b79ef675fb7f23691c379dacabb0648c0f9dee12
dd63b49b3b69de50157de0707a990cd7697c87242e19b58b8763739ea57d225c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e37213042500cae209c76d0c81262ebbb2662775753afb29fa8b6d4f17172383
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d190f15d68773bf9f3d14b55b85952011a188befdc2604d23947c4b686467b
e8a26468f1e324cd5f5b8df165f8ff2ad1751ce7ff9eadcdf3bef4d651667e82
e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f6137d020e2b1047d56a0caabf7087216ba98fc0e53e323c45fc9d050f08d5e6
fc3ef81b431fb3bebf53d64a826d7322916d68039c87906a7e2fa82d8b28c84c