i74686972646d696c6co6f7267z.oszar.com Open in urlscan Pro
172.67.220.76 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://i74686972646d696c6co6f7267z.oszar.com/
Submission: On November 18 via api (November 18th 2024, 1:55:13 am UTC) from US — Scanned from US

Summary HTTP 62 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 10 domains to perform 62 HTTP transactions. The main IP is 172.67.220.76, located in United States and belongs to CLOUDFLARENET, US. The main domain is i74686972646d696c6co6f7267z.oszar.com.
TLS certificate: Issued by WE1 on November 14th 2024. Valid for: 3 months.

This is the only time i74686972646d696c6co6f7267z.oszar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 41	172.67.220.76 172.67.220.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:821::2008	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81c::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:821::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c19::9b	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
1	104.18.80.204 104.18.80.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.251.35.168 142.251.35.168	15169 (GOOGLE) (GOOGLE)
5	2606:4700:20:... 2606:4700:20::ac43:4415	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	31.13.71.7 31.13.71.7	() ()
2	31.13.71.36 31.13.71.36	() ()
62	13

41 172.67.220.76 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

i74686972646d696c6co6f7267z.oszar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i6a73o6873666f726d73o6e6574z.oszar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i777777o676f6f676c65o636f6dz.oszar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i6a73o68732d73637269707473o636f6dz.oszar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i6a73o68732d62616e6e6572o636f6dz.oszar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i6a73o68732d616e616c7974696373o6e6574z.oszar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i63646eo666561746872o636fz.oszar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i666f726d73o6873666f726d73o636f6dz.oszar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::200e (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c19::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::2002 (United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.80.204 (None, )

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.35.168 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::ac43:4415 (United States)

ASN13335 (CLOUDFLARENET, US)

polo.feathr.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.71.7 (None, )

ASN- ()

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.71.36 (None, )

ASN- ()

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	oszar.com 2 redirects i74686972646d696c6co6f7267z.oszar.com i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com i6a73o6873666f726d73o6e6574z.oszar.com i777777o676f6f676c65o636f6dz.oszar.com i6a73o68732d73637269707473o636f6dz.oszar.com i6a73o68732d62616e6e6572o636f6dz.oszar.com i6a73o68732d616e616c7974696373o6e6574z.oszar.com i63646eo666561746872o636fz.oszar.com i666f726d73o6873666f726d73o636f6dz.oszar.com i6d6172636fo666561746872o636fz.oszar.com Failed i6d61746368o616473727672o6f7267z.oszar.com Failed	1 MB
5	feathr.co polo.feathr.co — Cisco Umbrella Rank: 17927	4 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	431 KB
2	facebook.com www.facebook.com	214 B
2	facebook.net connect.facebook.net	75 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 135 td.doubleclick.net — Cisco Umbrella Rank: 182	570 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36
2	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 617	7 KB
1	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4839	3 KB
1	google.com analytics.google.com — Cisco Umbrella Rank: 142
62	10

	Domain	Requested by
26	i74686972646d696c6co6f7267z.oszar.com	1 redirects i74686972646d696c6co6f7267z.oszar.com
7	i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com	1 redirects i74686972646d696c6co6f7267z.oszar.com i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com static.cloudflareinsights.com
5	polo.feathr.co	i63646eo666561746872o636fz.oszar.com
4	www.googletagmanager.com	i74686972646d696c6co6f7267z.oszar.com i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com
2	www.facebook.com
2	connect.facebook.net	polo.feathr.co connect.facebook.net
2	i666f726d73o6873666f726d73o636f6dz.oszar.com	i74686972646d696c6co6f7267z.oszar.com
2	www.google-analytics.com	www.googletagmanager.com
2	static.cloudflareinsights.com	i74686972646d696c6co6f7267z.oszar.com i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com
1	i63646eo666561746872o636fz.oszar.com	i74686972646d696c6co6f7267z.oszar.com
1	forms.hsforms.com	i6a73o6873666f726d73o6e6574z.oszar.com
1	i6a73o68732d616e616c7974696373o6e6574z.oszar.com	i6a73o68732d73637269707473o636f6dz.oszar.com
1	i6a73o68732d62616e6e6572o636f6dz.oszar.com	i6a73o68732d73637269707473o636f6dz.oszar.com
1	td.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	i6a73o68732d73637269707473o636f6dz.oszar.com	i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com
1	i777777o676f6f676c65o636f6dz.oszar.com	i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com
1	i6a73o6873666f726d73o6e6574z.oszar.com	i74686972646d696c6co6f7267z.oszar.com
0	i6d61746368o616473727672o6f7267z.oszar.com Failed
0	i6d6172636fo666561746872o636fz.oszar.com Failed	i74686972646d696c6co6f7267z.oszar.com
62	21

This site contains links to these domains. Also see Links.

Domain
i656c6561726e696e67o74686972646d696c6co6f7267z.oszar.com
i736c6561726e696e67o74686972646d696c6co6f7267z.oszar.com
i636c6561726e696e67o74686972646d696c6co6f7267z.oszar.com
i726c6561726e696e67o74686972646d696c6co6f7267z.oszar.com
i616c6561726e696e67o74686972646d696c6co6f7267z.oszar.com
i74686972646d696c6c696e73746974757465o6f7267z.oszar.com
i74686972646d696c6c73656d696e617279o6f7267z.oszar.com
i777777o62656c686176656eo656475z.oszar.com
i6269626c656d657368o636f6dz.oszar.com
i6274736672656563636do6f7267z.oszar.com
i63697479766973696f6eo656475z.oszar.com
i696e73746974757465o6269626c656d657368o636f6dz.oszar.com
i777777o616d617a6f6eo636f6dz.oszar.com
i777777o796f7574756265o636f6dz.oszar.com
i6974756e6573o6170706c65o636f6dz.oszar.com
i706c6179o676f6f676c65o636f6dz.oszar.com
i6368616e6e656c73746f7265o726f6b75o636f6dz.oszar.com
i777777o7772696b65o636f6dz.oszar.com
i777777o66616365626f6f6bo636f6dz.oszar.com
i74776974746572o636f6dz.oszar.com
i696e7374616772616do636f6dz.oszar.com
i76696d656fo636f6dz.oszar.com
i777777o6c696e6b6564696eo636f6dz.oszar.com
i777777o65636661o6f7267z.oszar.com
i777777o677569646573746172o6f7267z.oszar.com
i777777o636861726974796e6176696761746f72o6f7267z.oszar.com
i616e616c7974696373o657863656c6c656e6365696e676976696e67o636f6dz.oszar.com
www.oszar.com

Subject Issuer	Validity	Valid
oszar.com WE1	`2024-11-14` - `2025-02-12`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-11-01` - `2025-01-30`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
hsforms.com WE1	`2024-10-10` - `2025-01-08`	3 months	crt.sh
feathr.co WE1	`2024-10-01` - `2024-12-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-27` - `2024-11-25`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://i74686972646d696c6co6f7267z.oszar.com/
Frame ID: 60DB4CDA7E1EC6DF0963BBBD97DD3154
Requests: 54 HTTP requests in this frame

Frame: https://i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fi74686972646d696c6co6f7267z.oszar.com
Frame ID: 76D380867E190D0D6E237DB0D9071F31
Requests: 3 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-GPYGBDJZE1&gacid=776506590.1731894903&gtm=45je4bc0v892224428za200zb894706512&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067554~102067808~102077855&z=1529631809
Frame ID: 09AE7490C53A9BF45F3153EEE3C9060B
Requests: 1 HTTP requests in this frame

Frame: https://i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Frame ID: AFCBC9A099702C948E980ED4D8D449BE
Requests: 2 HTTP requests in this frame

Frame: https://i74686972646d696c6co6f7267z.oszar.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Frame ID: D58399A4112C34E7F881543990860951
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

thirdmill.org: Biblical Education. For the World. For Free.

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

62
Requests

94 %
HTTPS

58 %
IPv6

10
Domains

21
Subdomains

13
IPs

2
Countries

1598 kB
Transfer

3887 kB
Size

16
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://i656c6561726e696e67o74686972646d696c6co6f7267z.oszar.com/
Title: English

Search URL Search Domain Scan URL

URL: https://i736c6561726e696e67o74686972646d696c6co6f7267z.oszar.com/
Title: Spanish

Search URL Search Domain Scan URL

URL: https://i636c6561726e696e67o74686972646d696c6co6f7267z.oszar.com/
Title: Chinese

Search URL Search Domain Scan URL

URL: https://i726c6561726e696e67o74686972646d696c6co6f7267z.oszar.com/
Title: Russian

Search URL Search Domain Scan URL

URL: https://i616c6561726e696e67o74686972646d696c6co6f7267z.oszar.com/
Title: Arabic

Search URL Search Domain Scan URL

URL: https://i74686972646d696c6c696e73746974757465o6f7267z.oszar.com/
Title: Thirdmill Institute

Search URL Search Domain Scan URL

URL: https://i74686972646d696c6c73656d696e617279o6f7267z.oszar.com/
Title: Thirdmill Seminary

Search URL Search Domain Scan URL

URL: http://i777777o62656c686176656eo656475z.oszar.com/news/articles/Belhaven-and-Thirdmill-Partner-for-Online-Degree-in-Biblical-Studies-2019-04-12.htm
Title: Belhaven University

Search URL Search Domain Scan URL

URL: https://i6269626c656d657368o636f6dz.oszar.com/degree-pathways/master-of-arts-in-christian-studies/
Title: BibleMesh

Search URL Search Domain Scan URL

URL: http://i6274736672656563636do6f7267z.oszar.com/
Title: Birmingham Theological Seminary

Search URL Search Domain Scan URL

URL: http://i63697479766973696f6eo656475z.oszar.com/thirdmill/
Title: City Vision University

Search URL Search Domain Scan URL

URL: https://i696e73746974757465o6269626c656d657368o636f6dz.oszar.com/uniononline/gdip-gcert-theology/
Title: Union Theological College

Search URL Search Domain Scan URL

URL: https://i777777o616d617a6f6eo636f6dz.oszar.com/Subsplash-Consulting-Third-Millennium-Ministries/dp/B00NX9CTFY/ref=sr_1_1?s=mobile-apps&ie=UTF8&qid=1453753898&sr=1-1&keywords=third+millennium
Title: Amazon Kindle

Search URL Search Domain Scan URL

URL: https://i777777o796f7574756265o636f6dz.oszar.com/channel/UC1qmb5wobxRIWfHZcgmG8bA
Title: YouTube

Search URL Search Domain Scan URL

URL: https://i6974756e6573o6170706c65o636f6dz.oszar.com/us/app/third-millennium-ministries/id435983758?mt=8
Title: Apple iOS

Search URL Search Domain Scan URL

URL: https://i706c6179o676f6f676c65o636f6dz.oszar.com/store/apps/details?id=com.subsplash.thechurchapp.ThirdMill&feature=search_result&t=W251bGwsMSwxLDEsImNvbS5zdWJzcGxhc2gudGhlY2h1cmNoYXBwLlRoaXJkTWlsbCJd
Title: Android

Search URL Search Domain Scan URL

URL: https://i6368616e6e656c73746f7265o726f6b75o636f6dz.oszar.com/details/237285/third-millennium-ministries
Title: Roku

Search URL Search Domain Scan URL

URL: https://i777777o7772696b65o636f6dz.oszar.com/form/eyJhY2NvdW50SWQiOjI0MjA4MTIsInRhc2tGb3JtSWQiOjMyNTgyOX0JNDc0NzkxODQ4Mjc1MAkwZmRhZTFmOThlNDRlODA2NDA4MDczYjAyNTNkNmQxODU1MDczMTNjNWU3M2U5ZDVjM2JjODZhZWRjZjNjZmFk
Title: U.S. Speaking Request

Search URL Search Domain Scan URL

URL: https://i777777o7772696b65o636f6dz.oszar.com/form/eyJhY2NvdW50SWQiOjI0MjA4MTIsInRhc2tGb3JtSWQiOjU1MzA5OH0JNDg0MjE2MzU5MzI3Mwk4MDg4NzE1YzcyY2VjMjc5NGY0NTBiMWYzNzY2YWNmZWNhMmVjYjBjZGQ4YmVlMGRjOTM0MzRkNWM1MjY1YWZi
Title: International Speaking Request

Search URL Search Domain Scan URL

URL: https://i777777o7772696b65o636f6dz.oszar.com/form/eyJhY2NvdW50SWQiOjI0MjA4MTIsInRhc2tGb3JtSWQiOjMyNzM3MH0JNDc0ODAxMjI2MTczMAkyYmY4MGYwYjQ5ZTFmYTFkODY4YzFhODkwYjAwOTRkMjdjZGFjNjViMTY4Y2M5YTUwNDY4NmJlNDc3OTI0YmJi
Title: Partnership Interest Form

Search URL Search Domain Scan URL

URL: https://i777777o66616365626f6f6bo636f6dz.oszar.com/ThirdMillennium
Title: Facebook

Search URL Search Domain Scan URL

URL: https://i74776974746572o636f6dz.oszar.com/thirdmill
Title: Twitter

Search URL Search Domain Scan URL

URL: https://i696e7374616772616do636f6dz.oszar.com/thirdmill/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://i76696d656fo636f6dz.oszar.com/user3066262
Title: Vimeo

Search URL Search Domain Scan URL

URL: https://i777777o6c696e6b6564696eo636f6dz.oszar.com/company/third-millennium-ministries/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://i777777o65636661o6f7267z.oszar.com/MemberProfile.aspx?ID=16352

Search URL Search Domain Scan URL

URL: https://i777777o677569646573746172o6f7267z.oszar.com/profile/31-1598585

Search URL Search Domain Scan URL

URL: https://i777777o636861726974796e6176696761746f72o6f7267z.oszar.com/ein/311598585

Search URL Search Domain Scan URL

URL: https://i616e616c7974696373o657863656c6c656e6365696e676976696e67o636f6dz.oszar.com/overview/thirdmill/

Search URL Search Domain Scan URL

URL: https://www.oszar.com/
Title: OSZAR »

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js

Request Chain 44

https://i74686972646d696c6co6f7267z.oszar.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://i74686972646d696c6co6f7267z.oszar.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js

Request Chain 55

https://i6d61746368o616473727672o6f7267z.oszar.com/track/cmf/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=673a9e808fb63ec4e6184695&gdpr=0&ttd_passthrough=a_id%3D63333146e71b502d20454c6d HTTP 302
https://i6d61746368o616473727672o6f7267z.oszar.com/track/cmb/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=673a9e808fb63ec4e6184695&gdpr=0&ttd_passthrough=a_id%3D63333146e71b502d20454c6d

62 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
i74686972646d696c6co6f7267z.oszar.com/ 70 KB
18 KB 2246ms
2184ms Document
text/html 172.67.220.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i74686972646d696c6co6f7267z.oszar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 57c26d7181ffcd8445de0dcda60ac120069b563b588b0a594853fed638df0ad9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-methods: GET
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: private,max-age=31536000
cf-cache-status: DYNAMIC
cf-ray: 8e4455eebcf81d78-ATL
content-encoding: zstd
content-type: text/html;charset=UTF-8
date: Mon, 18 Nov 2024 01:55:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=40oqbeCjhNqLBW3DA0%2B473ZAPf%2BmIQ9cW7iQPS3Qbl7tF6IhoL%2F8tnXF%2B%2BBSK83jHJaA45qzjdNIX3pSRDkYYJQ%2BVA6iod8TDVXc1SI0UFt3akAtyefzWQFWlqRkRfPH7jeSJFdhMYKrzWcV6ej5waLyd8oO8sNq"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=QUIC&rtt=46471&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4143&recv_bytes=4503&delivery_rate=387&cwnd=12000&unsent_bytes=0&cid=33a35c8d81c85ee9&ts=2192&x=1" cfExtPri cfHdrFlush;dur=0
vary: Origin,Accept-Encoding
x-powered-by: ASP.NET

GET
H3 200 js Show response
i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com/gtag/ 392 KB
130 KB 1200ms
1198ms Script
application/javascript 172.67.220.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com/gtag/js?id=G-GPYGBDJZE1

Requested by

Host: i74686972646d696c6co6f7267z.oszar.com
URL: https://i74686972646d696c6co6f7267z.oszar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.2.18

Resource Hash

5f2f285d0c5c05574bb77c927382b5dfb352e3effd1ca1cee20cfc567191f787

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"group"
expires: Mon, 18 Nov 2024 01
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=61457&sent=84&recv=62&lost=0&retrans=0&sent_bytes=76157&recv_bytes=20174&delivery_rate=375259&cwnd=24000&unsent_bytes=0&cid=33a35c8d81c85ee9&ts=3580&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 18 Nov 2024 01:55:02 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
priority: u=3,i=?0
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https
cf-ray: 8e4455fdef4e1d78-ATL
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 132071
x-xss-protection: 0
x-powered-by: PHP/8.2.18
server: cloudflare

GET
H3 200 site_2024.2.css
i74686972646d696c6co6f7267z.oszar.com/s/ 44 KB
6 KB 1023ms
1022ms Stylesheet
text/css 172.67.220.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i74686972646d696c6co6f7267z.oszar.com/s/site_2024.2.css
Requested by: Host: i74686972646d696c6co6f7267z.oszar.com
URL: https://i74686972646d696c6co6f7267z.oszar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bd07963d20504c0b916a851e01f1e444cbfa953c5ce667d3b9d89a2ea2e250a6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "7f2e68ac7e35db1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rfGy0Y%2BVl9FJIs%2FVkASeLL9yIvaLis2kkyFJcjLNZijjfda63nG%2Ba%2FpP%2Flw3vcVzWgVJ%2F4MAvdZoWFwEYcL8AORe6Cqa%2FQtp50pJ0rN6cgFAgo880b4BCmpXdM1TKv%2FH0JymkOgcO0zXKoVci6zq0JNPjVxtLCIt"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=48619&sent=45&recv=44&lost=0&retrans=0&sent_bytes=34977&recv_bytes=18782&delivery_rate=67974&cwnd=24000&unsent_bytes=0&cid=33a35c8d81c85ee9&ts=3403&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 18 Nov 2024 01:55:02 GMT
content-type: text/css;charset=UTF-8
last-modified: Wed, 13 Nov 2024 03
vary: Origin,Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4455fd8e771d78-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5794
x-powered-by: ASP.NET
server: cloudflare

GET
H3 200 jquery-3.6.0.min.js Show response
i74686972646d696c6co6f7267z.oszar.com/js/ 105 KB
33 KB 1242ms
1239ms Script
application/x-javascript 172.67.220.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i74686972646d696c6co6f7267z.oszar.com/js/jquery-3.6.0.min.js
Requested by: Host: i74686972646d696c6co6f7267z.oszar.com
URL: https://i74686972646d696c6co6f7267z.oszar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cccb7038febe747d80b0a8991316de2fd4e6c6ddb007c14e5945a730ded3f04f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "a88fa247d4b0d81
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qcj4B%2FVw4uafHpBOZZve9LmaRsTG9EeDNE%2Fy5jIu2KoEmKVH2ZYZLYyhvh71hUt3Rg0%2BB41THOA9rSdsbIV4x3zOsrWdYSDYAF4h%2BfgFfjj0YiNMTmB5yPP4nhQ7liuzuLLKUjirhi4EtlalEp7SKVokvDUpQY0F"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=61457&sent=93&recv=62&lost=0&retrans=0&sent_bytes=85764&recv_bytes=20174&delivery_rate=375259&cwnd=24000&unsent_bytes=0&cid=33a35c8d81c85ee9&ts=3591&x=1", cfExtPri, cfHdrFlush;dur=12
date: Mon, 18 Nov 2024 01:55:02 GMT
content-type: application/x-javascript
last-modified: Mon, 15 Aug 2022 18
vary: Origin,Accept-Encoding
priority: u=3,i=?0
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4455fd8e921d78-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33079
x-powered-by: ASP.NET
server: cloudflare

GET
H3 200 header.min.js Show response
i74686972646d696c6co6f7267z.oszar.com/js/ 1 KB
1 KB 1000ms
997ms Script
application/x-javascript 172.67.220.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i74686972646d696c6co6f7267z.oszar.com/js/header.min.js
Requested by: Host: i74686972646d696c6co6f7267z.oszar.com
URL: https://i74686972646d696c6co6f7267z.oszar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d8cf3553369d2561101b7335bd2987c1697d3371e949dcf4256cbe2a9b7475c1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "3587e1ba1e3d61
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l%2BmzFnwJSQVIo7dLmAIHN%2F52b8bgcjc78nZQENHmr4QP9voT21ms1S9bZgDunFSwiDu4xIOfcwiLALv16hEKc7KbgiKNLPQS21sKKS4JbCVU2sKd%2BnKZFSZC5mHgtebWgyqts9kYplJySqrsvt6ikT3iAC3SQ49W"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=48851&sent=40&recv=43&lost=0&retrans=0&sent_bytes=30310&recv_bytes=18739&delivery_rate=30788&cwnd=24000&unsent_bytes=0&cid=33a35c8d81c85ee9&ts=3385&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 18 Nov 2024 01:55:02 GMT
content-type: application/x-javascript
last-modified: Tue, 05 Jan 2021 20
vary: Origin,Accept-Encoding
priority: u=3,i=?0
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4455fd8e961d78-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 468
x-powered-by: ASP.NET
server: cloudflare

GET
H3 200 layout.2021.min.js Show response
i74686972646d696c6co6f7267z.oszar.com/js/ 2 KB
1 KB 1085ms
1081ms Script
application/x-javascript 172.67.220.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i74686972646d696c6co6f7267z.oszar.com/js/layout.2021.min.js
Requested by: Host: i74686972646d696c6co6f7267z.oszar.com
URL: https://i74686972646d696c6co6f7267z.oszar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 92d0a6a92565043438f251040dbda5987a252f7ad1f4edff1b4bb1ada6da1d74

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "64d633489cd1d71
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FqxHi3TmHnTeRYLOfCX04BeoxP%2BFfm7%2B1xovQsd76M%2FymTOyZQAjfPmzH1EzkNLd5l83YBK%2FD8NesOTspn2erla2OUk%2B9YTTBzqBN7EYyqUXqPqzyFr2J7zR1Kbl8C28HF6RVklAy7%2F%2B%2FrgOTyl2xyn%2BjR9bxcqb"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=54790&sent=54&recv=52&lost=0&retrans=0&sent_bytes=43407&recv_bytes=19742&delivery_rate=198427&cwnd=24000&unsent_bytes=0&cid=33a35c8d81c85ee9&ts=3463&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 18 Nov 2024 01:55:02 GMT
content-type: application/x-javascript
last-modified: Thu, 04 Nov 2021 16
vary: Origin,Accept-Encoding
priority: u=3,i=?0
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4455fd8e9a1d78-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 560
x-powered-by: ASP.NET
server: cloudflare

GET
H3 200 ready_resize.2021.0.min.js Show response
i74686972646d696c6co6f7267z.oszar.com/js/ 1 KB
1 KB 1171ms
1168ms Script
application/x-javascript 172.67.220.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i74686972646d696c6co6f7267z.oszar.com/js/ready_resize.2021.0.min.js
Requested by: Host: i74686972646d696c6co6f7267z.oszar.com
URL: https://i74686972646d696c6co6f7267z.oszar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 189b006f88b97239ac8a11d2c6ef30efb3f595783cfd28644828ada92422d51d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "6534486ef57d71
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UVQQSnOtIh4JFjHllOUOiaT8d99HJSRj40S%2FLW1KW6pkVOyuopAxp4aHIdlYAwIi1lThIMA%2BPhuKlEgAe0qMh0BKW5P4jO0YCoGAFVJnsvhcrEOYC%2BoHs7eeYxyvL4%2FKrSMSu8UWycYdTOGIk9Ghu9XIuyCbFlgI"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=61457&sent=71&recv=62&lost=0&retrans=0&sent_bytes=61764&recv_bytes=20174&delivery_rate=375259&cwnd=24000&unsent_bytes=0&cid=33a35c8d81c85ee9&ts=3555&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 18 Nov 2024 01:55:02 GMT
content-type: application/x-javascript
last-modified: Wed, 02 Jun 2021 20
vary: Origin,Accept-Encoding
priority: u=3,i=?0
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4455fd8e9d1d78-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 544
x-powered-by: ASP.NET
server: cloudflare

GET
H3 200 2022Homepage_banner15.jpg
i74686972646d696c6co6f7267z.oszar.com/img/2020/ 96 KB
97 KB 1347ms
1346ms Image
image/jpeg 172.67.220.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i74686972646d696c6co6f7267z.oszar.com/img/2020/2022Homepage_banner15.jpg
Requested by: Host: i74686972646d696c6co6f7267z.oszar.com
URL: https://i74686972646d696c6co6f7267z.oszar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d446dc1e6b3a5295a374ecc7bf6ec4f4272ea73ffc45791809d3c1852e48529d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

cf-cache-status: MISS
etag: "1dcafc37a564d81
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dx8sdYJBn13dLEMuqKda15SoNubkukuR4OdFwKCusVL7IN9CX0S3pZft3LFzzr1nC0kyyNT2gBnp5fhP7strl%2BGMB8HPkM6vd47RxkLPRjQ2q5w2YcKZTJnNeCKdpZV1BTkeObakTKGg0TkLu2WSLjDfBN%2B1mOS5"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=52371&sent=189&recv=83&lost=0&retrans=0&sent_bytes=192076&recv_bytes=21105&delivery_rate=645873&cwnd=66600&unsent_bytes=0&cid=33a35c8d81c85ee9&ts=3710&x=1", cfExtPri, cfHdrFlush;dur=18
date: Mon, 18 Nov 2024 01:55:02 GMT
content-type: image/jpeg
last-modified: Tue, 10 May 2022 19
vary: Origin, Accept-Encoding
priority: u=1,i
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4455fd8e7a1d78-ATL
access-control-allow-origin: *
x-powered-by: ASP.NET
server: cloudflare

GET
H3 200 thirdmill_logo.svg
i74686972646d696c6co6f7267z.oszar.com/img/2020/ 4 KB
2 KB 980ms
976ms Image
image/svg+xml 172.67.220.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i74686972646d696c6co6f7267z.oszar.com/img/2020/thirdmill_logo.svg
Requested by: Host: i74686972646d696c6co6f7267z.oszar.com
URL: https://i74686972646d696c6co6f7267z.oszar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a20db9e8436b582155f43749cc324d1bf3cbaffc6c4751cbaedfa6fd1ba9459f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "eeb9bcaae389d51
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0u60DjerCm2NmaQcFRZXCRe1Y2fGjNvTJy4YYkFRIqe4NZ3hNVwVGg%2BUcLhnj8WyBPVaBY9eg1bSBHVVIqse2QU3CabZzAseZCGp%2FnJH%2B7pC4STm9ZxlYN7nPU78j9zoTNBamGuBsK6mvu8JNLUNMGvUjUfYqjdW"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=48851&sent=37&recv=43&lost=0&retrans=0&sent_bytes=26981&recv_bytes=18739&delivery_rate=30788&cwnd=24000&unsent_bytes=0&cid=33a35c8d81c85ee9&ts=3364&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 18 Nov 2024 01:55:02 GMT
content-type: image/svg+xml
last-modified: Wed, 23 Oct 2019 20
vary: Origin,Accept-Encoding
priority: u=3,i
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4455fd8ea01d78-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1593
x-powered-by: ASP.NET
server: cloudflare

GET
H3 200 nav180x183.png
i74686972646d696c6co6f7267z.oszar.com/img/ 252 B
954 B 982ms
979ms Image
image/png 172.67.220.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i74686972646d696c6co6f7267z.oszar.com/img/nav180x183.png
Requested by: Host: i74686972646d696c6co6f7267z.oszar.com
URL: https://i74686972646d696c6co6f7267z.oszar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f3f37ec727266fa26c32c8fde6b4784beefb4d709b69195133411c46de9a1763

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

cf-cache-status: MISS
etag: "71bbfac0847bd41
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MUVRFpCWFRI0LGxG8%2F0Ad41%2BRoiXBVLAjbyzrDka3Hq8REObItW9tHl0WmPqd9d1fW0DKPDWLsG%2FVElNfWYPcHMsyqPRPA9tG64nGEii0KokzQMhUjP8VFTROoMgc1%2FVIRswU%2FZo7O%2BKYXWHnzMDGq2flMsoPnmC"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=48851&sent=39&recv=43&lost=0&retrans=0&sent_bytes=29333&recv_bytes=18739&delivery_rate=30788&cwnd=24000&unsent_bytes=0&cid=33a35c8d81c85ee9&ts=3367&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 18 Nov 2024 01:55:02 GMT
content-type: image/png
last-modified: Tue, 13 Nov 2018 19
vary: Origin, Accept-Encoding
priority: u=3,i
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4455fd8ea31d78-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 252
x-powered-by: ASP.NET
server: cloudflare

GET
H3 200 thirdmill-institute-logo-white.png
i74686972646d696c6co6f7267z.oszar.com/img/banner/ 23 KB
24 KB 1537ms
1536ms Image
image/png 172.67.220.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i74686972646d696c6co6f7267z.oszar.com/img/banner/thirdmill-institute-logo-white.png
Requested by: Host: i74686972646d696c6co6f7267z.oszar.com
URL: https://i74686972646d696c6co6f7267z.oszar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8f87cc7ec6906b2ac24890a5bb3823a46ac08bcfa7db138363c81fca98238738

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

cf-cache-status: MISS
etag: "026e4cbafbed71
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pPXYCKvNjHy3tWrAx1gXAVFiEwe5%2B5yFBfCyNnqYLQiD12A8SWqTl4OzOlosUmISNGzkwT4ouKzne6QKuPZq0bEC7rDx4LwfRGqSw61wBW69BE%2BPU6naclWM08S9jQ9DCjSDzZpjlSMOmcsiPbEbQm51t6Hp2H2S"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=48196&sent=414&recv=113&lost=0&retrans=0&sent_bytes=449854&recv_bytes=24142&delivery_rate=573502&cwnd=129300&unsent_bytes=0&cid=33a35c8d81c85ee9&ts=3915&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 18 Nov 2024 01:55:02 GMT
content-type: image/png
last-modified: Mon, 11 Oct 2021 14
vary: Origin, Accept-Encoding
priority: u=2,i
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4455fd8e7d1d78-ATL
access-control-allow-origin: *
x-powered-by: ASP.NET
server: cloudflare

GET
H3 200 v2.js Show response
i6a73o6873666f726d73o6e6574z.oszar.com/forms/embed/ 484 KB
157 KB 5706ms
5694ms Script
application/javascript 172.67.220.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i6a73o6873666f726d73o6e6574z.oszar.com/forms/embed/v2.js

Requested by

Host: i74686972646d696c6co6f7267z.oszar.com
URL: https://i74686972646d696c6co6f7267z.oszar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.2.18

Resource Hash

01e22bc0fe47c72754d55611ed55b98fa06ef58ea73239c4910c5ca58eefceed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

x-request-id: 86fe4c28-7a9e-43bb-be01-c04199408549
content-encoding: gzip
cf-cache-status: BYPASS
etag: W/"53fa063fb1734ce6bb187c96e7665972"
x-amz-version-id: kLVNDW8Ykh6K0rP5.B3EI30fJIwAAkz3
report-to: {"endpoints"
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: ejApxKf1-07-ALdNif6jM03ICklCwoG4r7SKzL-cS3cseR4e_ZeH3A==
x-hubspot-correlation-id: 86fe4c28-7a9e-43bb-be01-c04199408549
content-type: application/javascript; charset=utf-8
last-modified: Mon, 30 Sep 2024 16
priority: u=1,i=?0
server-timing: cfL4;desc="?proto=QUIC&rtt=48259&sent=779&recv=185&lost=0&retrans=0&sent_bytes=852561&recv_bytes=50770&delivery_rate=515236&cwnd=129300&unsent_bytes=0&cid=33a35c8d81c85ee9&ts=8086&x=1", cfExtPri, cfHdrFlush;dur=0
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-6c6dd6864-hr74v
x-envoy-upstream-service-time: 1
accept-ranges: bytes
content-length: 158892
x-hs-target-asset: forms-embed/static-1.6227/bundles/project-v2.js
x-powered-by: PHP/8.2.18
server: cloudflare
x-evy-trace-virtual-host: all
x-amz-server-side-encryption: AES256
x-hs-cache-status: HIT
date: Mon, 18 Nov 2024 01:55:07 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction"
content-security-policy-report-only: frame-ancestors 'self'; report-uri https
via: 1.1 i6538656563313564393535316464343735643463343738663966626235663034o636c6f756466726f6e74o6e6574z.oszar.com (CloudFront)
cf-ray: 8e4455fd8eb51d78-ATL
access-control-allow-origin: *
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD12-P3

GET
H3 200 Facebook_white.svg
i74686972646d696c6co6f7267z.oszar.com/img/3rdParty/ 909 B
1 KB 1220ms
1219ms Image
image/svg+xml 172.67.220.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i74686972646d696c6co6f7267z.oszar.com/img/3rdParty/Facebook_white.svg
Requested by: Host: i74686972646d696c6co6f7267z.oszar.com
URL: https://i74686972646d696c6co6f7267z.oszar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 188b6fdf4f58695eafc7eb57d08ad2cdc9805d010d1f9c2563f99760a51dc37f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "7e3b8f1b8d41
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jHQiLu61nG20aLUyZW1wW6FGPMj5IGBNrUNQcgGQtyeYd%2FG%2Bgn4w6pywYQ8zjzHF2gb4mhSAQ6cK36y0K4RgREQtXRG%2F%2Bvdnq6FlwXAKJdW9ogs4fmHtUX8qnGbJozdXh1X95lsDdB3deMGaZZAXok33z%2Fe%2BoWwU"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=61457&sent=93&recv=62&lost=0&retrans=0&sent_bytes=85764&recv_bytes=20174&delivery_rate=375259&cwnd=24000&unsent_bytes=0&cid=33a35c8d81c85ee9&ts=3601&x=1", cfExtPri, cfHdrFlush;dur=2
date: Mon, 18 Nov 2024 01:55:02 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Jan 2019 18
vary: Origin,Accept-Encoding
priority: u=2,i
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4455fd8e811d78-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 565
x-powered-by: ASP.NET
server: cloudflare

GET
H3 200 Instagram_white2.svg
i74686972646d696c6co6f7267z.oszar.com/img/3rdParty/ 2 KB
2 KB 1324ms
1321ms Image
image/svg+xml 172.67.220.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i74686972646d696c6co6f7267z.oszar.com/img/3rdParty/Instagram_white2.svg
Requested by: Host: i74686972646d696c6co6f7267z.oszar.com
URL: https://i74686972646d696c6co6f7267z.oszar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f9a29dd6dd06a06aa69b40c68db884e22a1387319b3de58a809bf45a0a8fe9e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "ed7cb6e8cbb8d41
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uSWm9NuG72LrQCrlM%2BcxxVabYSS2LiCiT%2BejtTLBFJW3KJkO4h4Myk79WvpcTMdBZBpHvJL2AotN%2B3I%2BRz%2F1PI9R%2FXW8o8J2ddl%2FcIPy6fC59cKw2wiPROY64NEHcnUMNzfK9pjaUkzZNomufukDpzOQErAgeLfA"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=53241&sent=182&recv=82&lost=0&retrans=0&sent_bytes=185064&recv_bytes=21060&delivery_rate=509035&cwnd=63000&unsent_bytes=0&cid=33a35c8d81c85ee9&ts=3695&x=1", cfExtPri, cfHdrFlush;dur=13
date: Mon, 18 Nov 2024 01:55:02 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Jan 2019 18
vary: Origin,Accept-Encoding
priority: u=2,i
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4455fd8e8a1d78-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1005
x-powered-by: ASP.NET
server: cloudflare

GET
H3 200 LinkedIn_white.svg
i74686972646d696c6co6f7267z.oszar.com/img/3rdParty/ 2 KB
2 KB 1452ms
1448ms Image
image/svg+xml 172.67.220.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i74686972646d696c6co6f7267z.oszar.com/img/3rdParty/LinkedIn_white.svg
Requested by: Host: i74686972646d696c6co6f7267z.oszar.com
URL: https://i74686972646d696c6co6f7267z.oszar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 540565b7c566a6a3084a966bd0939f8ec0ce32c1e812825a751b838ea218162c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "4e833b8f1b8d41
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ysdon6tH%2BB8dqf9cviNaYLbLIoE4WmIPDuLRQdfRYBHyD6YBYxN0zJGlIt66j8BiiKOO46bHm9at2JMgCchStrF9fqjT2s%2FNPm1bzwa0J%2BD7gKr3PEEPMt87cz6I8ucS23GU8onvdmlmXb3I9G%2FzehbTZUvl4Z9m"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=49681&sent=364&recv=107&lost=0&retrans=0&sent_bytes=392045&recv_bytes=23062&delivery_rate=2485045&cwnd=129300&unsent_bytes=0&cid=33a35c8d81c85ee9&ts=3835&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 18 Nov 2024 01:55:02 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Jan 2019 18
vary: Origin,Accept-Encoding
priority: u=2,i
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4455fd8e8d1d78-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 957
x-powered-by: ASP.NET
server: cloudflare

GET
H3 200 Twitter_white.svg
i74686972646d696c6co6f7267z.oszar.com/img/3rdParty/ 2 KB
2 KB 1081ms
1078ms Image
image/svg+xml 172.67.220.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i74686972646d696c6co6f7267z.oszar.com/img/3rdParty/Twitter_white.svg
Requested by: Host: i74686972646d696c6co6f7267z.oszar.com
URL: https://i74686972646d696c6co6f7267z.oszar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: eefd6fb231e8a4ecf1588732a00d62fffe08133ca798e742b2f23274541b2c7c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "78d13b8f1b8d41
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LF9rdqbdzX093rHp7Fj1yFYlgIKWRh1CrgCtsnSDZD1WIrwgmVbZmuQljmqDdmOves0mmdQwANl69xAA64jLPrbX91Eu3i2jT2L4H8MMBZrQAnQrHCHpCJgt%2FXPqLkNtS39BtjWqi82J%2FlfjoQ9dA9xuuxwCrn3W"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=54790&sent=52&recv=52&lost=0&retrans=0&sent_bytes=41663&recv_bytes=19742&delivery_rate=198427&cwnd=24000&unsent_bytes=0&cid=33a35c8d81c85ee9&ts=3460&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 18 Nov 2024 01:55:02 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Jan 2019 18
vary: Origin,Accept-Encoding
priority: u=2,i
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4455fd8e901d78-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 988
x-powered-by: ASP.NET
server: cloudflare

GET
H3 200 Vimeo_white2.svg
i74686972646d696c6co6f7267z.oszar.com/img/3rdParty/ 2 KB
2 KB 964ms
961ms Image
image/svg+xml 172.67.220.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i74686972646d696c6co6f7267z.oszar.com/img/3rdParty/Vimeo_white2.svg
Requested by: Host: i74686972646d696c6co6f7267z.oszar.com
URL: https://i74686972646d696c6co6f7267z.oszar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7e092c0ba0a01ee259a8065919b7ac052ffb0d9a50c20f8a49b1d93b9b1c7c1b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "ce2aecc4ccb8d41
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0U9I46NndIBNuDVoeWFTeM2ZnB77aBNd3Sc6w12vNgNlRFwUo35CUWGfnbP8wMLwtbe9YbTgj9o6bUWJtpKdM2Md3P7xDZh%2BlC70CeYWs0SSuHczE6u82ytjziOuYUImMLNHDnMk9KrxLM6qscFOyybJp6ZqRta8"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=49064&sent=35&recv=42&lost=0&retrans=0&sent_bytes=25220&recv_bytes=18696&delivery_rate=15271&cwnd=24000&unsent_bytes=0&cid=33a35c8d81c85ee9&ts=3349&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 18 Nov 2024 01:55:02 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Jan 2019 18
vary: Origin,Accept-Encoding
priority: u=3,i
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4455fd8ea61d78-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1008
x-powered-by: ASP.NET
server: cloudflare

GET
H3 200 YoutubePlayButton_white.svg
i74686972646d696c6co6f7267z.oszar.com/img/3rdParty/ 1 KB
1 KB 926ms
922ms Image
image/svg+xml 172.67.220.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i74686972646d696c6co6f7267z.oszar.com/img/3rdParty/YoutubePlayButton_white.svg
Requested by: Host: i74686972646d696c6co6f7267z.oszar.com
URL: https://i74686972646d696c6co6f7267z.oszar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 50c490a299a311a7531bc8f0374b3230abf93baf8260a60a9dce24f7c3c45a20

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "d46d3c8f1b8d41
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rGyNtDE3lZhEf0ZeQXFTELLe1t2BRbRjOkbczs1RvwtIN7jdT%2FUzYi2NC%2FrN2qI8avg3%2Fb5dwWzK77%2BJ9xbSjv0IFikcCPzPT1LHj4HQ3Sj9uC98YZE5jA0PePyg772KTqGP0MN%2BQ3SW6B6pwRWD5ECWO6AVGB9V"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=49064&sent=33&recv=42&lost=0&retrans=0&sent_bytes=23762&recv_bytes=18696&delivery_rate=15271&cwnd=24000&unsent_bytes=0&cid=33a35c8d81c85ee9&ts=3311&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 18 Nov 2024 01:55:02 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Jan 2019 18
vary: Origin,Accept-Encoding
priority: u=3,i
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4455fd8eaa1d78-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 695
x-powered-by: ASP.NET
server: cloudflare

GET
H3 200 ECFA_logo_2color.png
i74686972646d696c6co6f7267z.oszar.com/img/ 175 KB
175 KB 1706ms
1703ms Image
image/png 172.67.220.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i74686972646d696c6co6f7267z.oszar.com/img/ECFA_logo_2color.png
Requested by: Host: i74686972646d696c6co6f7267z.oszar.com
URL: https://i74686972646d696c6co6f7267z.oszar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0cb2ec1d4c1d867fcdabcc4e0e40ca2d1d7d05667b93fe323e1c606c9b84c4dc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

cf-cache-status: MISS
etag: "d6d3c846d02bdb1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bnCCBVpHX5%2BIe9tJssyY%2BGM8iDRXiLLiYaMdfHg2mYqwo3PG3sReuHzIgZ6I1sFHOi8mUW6Df6vpBwv4Jmeaabh6uxBUlFbRuyJKJiCriuoiw%2BYsgtTSZHMws5%2BsOiDwfLfxWLZ86Qqy3p3Pm801k7A425nu4JP8"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=48120&sent=472&recv=124&lost=0&retrans=0&sent_bytes=512285&recv_bytes=24637&delivery_rate=676140&cwnd=129300&unsent_bytes=0&cid=33a35c8d81c85ee9&ts=4092&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 18 Nov 2024 01:55:03 GMT
content-type: image/png
last-modified: Thu, 31 Oct 2024 20
vary: Origin, Accept-Encoding
priority: u=3,i
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4455fd8eae1d78-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 178973
x-powered-by: ASP.NET
server: cloudflare

GET
H3 200 candid-guidestar-seal-platinum-2023.png
i74686972646d696c6co6f7267z.oszar.com/img/ 16 KB
16 KB 1090ms
1087ms Image
image/png 172.67.220.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i74686972646d696c6co6f7267z.oszar.com/img/candid-guidestar-seal-platinum-2023.png
Requested by: Host: i74686972646d696c6co6f7267z.oszar.com
URL: https://i74686972646d696c6co6f7267z.oszar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6c4205e167c52e4b78f630e1538c9b95618676cec472e4149794f128faf51bb7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

cf-cache-status: MISS
etag: "a643c546d02bdb1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ine18jKmstJHCyu9sRyPiaAH%2FnM8z0kH5rqnE5zSmmceydf7K9SuPowKJUhH8p6SqnqN3%2F5WEYQmRBxcZqdzeAyjxiMSxnbATZ8NqXOR0OXZpowkrGtNvQyPFqGSwpHksxakLOAJkpDCFZ18aDQ4kRBYiO%2BsyLAv"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=54790&sent=56&recv=52&lost=0&retrans=0&sent_bytes=44745&recv_bytes=19742&delivery_rate=198427&cwnd=24000&unsent_bytes=0&cid=33a35c8d81c85ee9&ts=3469&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 18 Nov 2024 01:55:02 GMT
content-type: image/png
last-modified: Thu, 31 Oct 2024 20
vary: Origin, Accept-Encoding
priority: u=3,i
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4455fdef521d78-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15942
x-powered-by: ASP.NET
server: cloudflare

GET
H3 200 charityNav_four_star_rating_badge.svg
i74686972646d696c6co6f7267z.oszar.com/img/ 8 KB
3 KB 1002ms
1000ms Image
image/svg+xml 172.67.220.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i74686972646d696c6co6f7267z.oszar.com/img/charityNav_four_star_rating_badge.svg
Requested by: Host: i74686972646d696c6co6f7267z.oszar.com
URL: https://i74686972646d696c6co6f7267z.oszar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3f86856875f9a25abab2f9856bc0ada9cea489b9220f967985405dfc02f89b68

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "e8e4c546d02bdb1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BsJNN2JMJk%2FtOZKnVOfltQCe6vH59aFbmrZuZ8w6U3JDKRSv0EvdeAssgWIki8JUvD7CFjmG0tJumYlDpHoOOQjjOVI7UXOqIix1jJWAALsCtswOwocj8rBXzGimlighB%2BJtX2keF4HwxEjxV4Vj6TdIlrMVOl8k"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=48851&sent=42&recv=43&lost=0&retrans=0&sent_bytes=31542&recv_bytes=18739&delivery_rate=30788&cwnd=24000&unsent_bytes=0&cid=33a35c8d81c85ee9&ts=3389&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 18 Nov 2024 01:55:02 GMT
content-type: image/svg+xml
last-modified: Thu, 31 Oct 2024 20
vary: Origin,Accept-Encoding
priority: u=3,i
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4455fd8eb01d78-ATL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2650
x-powered-by: ASP.NET
server: cloudflare

GET
H3 200 EIG_Certified_Transparent_Logo.png
i74686972646d696c6co6f7267z.oszar.com/img/ 35 KB
36 KB 1299ms
1297ms Image
image/png 172.67.220.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i74686972646d696c6co6f7267z.oszar.com/img/EIG_Certified_Transparent_Logo.png
Requested by: Host: i74686972646d696c6co6f7267z.oszar.com
URL: https://i74686972646d696c6co6f7267z.oszar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 297026c59a36bf2926c7da933b7440420d8b62b263556751aa750a8f87b569a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

cf-cache-status: MISS
etag: "8bf8c646d02bdb1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3jnvXNK3foxRWofI24EULSBxjbAcXW1ZTRsVd1XS22g5qh%2BYFvFJ%2FXJ42uuCkEgCDdiZSUhQbM8WJGknyQayAITx7qI0R91lJpkdcVE9WaulRz7qdl8W7%2Fqn%2FnASZQ4BcoFfg5gMaQWGq6%2F6ww%2FpDINrRLEZcpZU"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=68242&sent=126&recv=73&lost=0&retrans=0&sent_bytes=122064&recv_bytes=20663&delivery_rate=509120&cwnd=36300&unsent_bytes=0&cid=33a35c8d81c85ee9&ts=3645&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 18 Nov 2024 01:55:02 GMT
content-type: image/png
last-modified: Thu, 31 Oct 2024 20
vary: Origin, Accept-Encoding
priority: u=3,i
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4455fd8eb11d78-ATL
access-control-allow-origin: *
x-powered-by: ASP.NET
server: cloudflare

GET
H3 200 gtm.js Show response
i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com/ 302 KB
104 KB 1191ms
1189ms Script
application/javascript 172.67.220.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com/gtm.js?id=GTM-P82RXW6

Requested by

Host: i74686972646d696c6co6f7267z.oszar.com
URL: https://i74686972646d696c6co6f7267z.oszar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.2.18

Resource Hash

d39b3919ebddb766b263997783ebb24ac10fcd00294a0aa2b7ab7a7ca6a1923e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

content-encoding: gzip
cf-cache-status: BYPASS
report-to: {"group"
expires: Mon, 18 Nov 2024 01
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=61457&sent=73&recv=62&lost=0&retrans=0&sent_bytes=63076&recv_bytes=20174&delivery_rate=375259&cwnd=24000&unsent_bytes=0&cid=33a35c8d81c85ee9&ts=3579&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 18 Nov 2024 01:55:02 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 18 Nov 2024 00
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
priority: u=3,i=?0
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https
cf-ray: 8e4455fd8eb21d78-ATL
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
x-xss-protection: 0
x-powered-by: PHP/8.2.18
server: cloudflare

GET
H3 200 email-decode.min.js Show response
i74686972646d696c6co6f7267z.oszar.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 54ms
52ms Script
application/javascript 172.67.220.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i74686972646d696c6co6f7267z.oszar.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: i74686972646d696c6co6f7267z.oszar.com
URL: https://i74686972646d696c6co6f7267z.oszar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

x-frame-options: DENY
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"673379cd-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gOckZ6UQkdtuWKdgWgcm%2BXodH9AOTMDduIv7m%2F%2FMO7F8LXQSd8FJCcPvwkrAv3DqQItdDwktFwXQdxOaMAa91HgLVR9SsOLcqSgH3INUpwIhNDen0V9Rk3T3OLiA5a02gcdXovk07H7exI51zWgSx6AjupRNHJ3T"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8e4455fdcf231d78-ATL
expires: Wed, 20 Nov 2024 01:55:01 GMT
date: Mon, 18 Nov 2024 01:55:01 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 15:52:45 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 128ms
55ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: i74686972646d696c6co6f7267z.oszar.com
URL: https://i74686972646d696c6co6f7267z.oszar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://i74686972646d696c6co6f7267z.oszar.com
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8e4455fe2ecf5c79-MIA
access-control-allow-origin: *
date: Mon, 18 Nov 2024 01:55:01 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 325 KB
108 KB 219ms
78ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PNFHQ1FTKQ

Requested by

Host: i74686972646d696c6co6f7267z.oszar.com
URL: https://i74686972646d696c6co6f7267z.oszar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d7ffa244e2e1019f3bd56eea6e33baaad167ee1eee969025ded4987bb6638686

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 18 Nov 2024 01:55:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 01:55:01 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 110119
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 TMI_WebBanner-50.jpg
i74686972646d696c6co6f7267z.oszar.com/img/banner/ 87 KB
87 KB 1528ms
1527ms Image
image/jpeg 172.67.220.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i74686972646d696c6co6f7267z.oszar.com/img/banner/TMI_WebBanner-50.jpg
Requested by: Host: i74686972646d696c6co6f7267z.oszar.com
URL: https://i74686972646d696c6co6f7267z.oszar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bf825304f076f1120b99f10ae268a1794f28163e3f8f194d176234cf212a4720

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

cf-cache-status: MISS
etag: "cad6de2414c1d71
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yWNqP72wmN%2BVSmBYzlHAtv5wiLeh%2FIieqoGIfA3dELWlyypG1pNCdsuXAVPKj6B9iEu3iYGNE28k92s58srv3udDHRTd1YxUJZTXZB%2FMBplb8NjarW49BLtOd4FhiJJqX3JS1PYAAnrchg62JMytUWs2oBtoVq24"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=47558&sent=656&recv=169&lost=0&retrans=0&sent_bytes=709318&recv_bytes=50051&delivery_rate=60957&cwnd=129300&unsent_bytes=0&cid=33a35c8d81c85ee9&ts=4937&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 18 Nov 2024 01:55:03 GMT
content-type: image/jpeg
last-modified: Thu, 14 Oct 2021 15
vary: Origin, Accept-Encoding
priority: u=3,i
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e445603fb5f1d78-ATL
access-control-allow-origin: *
x-powered-by: ASP.NET
server: cloudflare

POST
H3 200 collect
i777777o676f6f676c65o636f6dz.oszar.com/ccm/ 15 B
759 B 443ms
432ms Ping
text/html 172.67.220.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i777777o676f6f676c65o636f6dz.oszar.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fi74686972646d696c6co6f7267z.oszar.com%2F&scrsrc=i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com&frm=0&rnd=1423146479.1731894903&auid=1517471910.1731894903&npa=0&gtm=45He4bc0v894706512za204&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855&tft=1731894902726&tfd=3820&apve=1
Requested by: Host: i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com
URL: https://i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com/gtm.js?id=GTM-P82RXW6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.18
Resource Hash: 6bd6d6803e0a9191ec775bb646dc32a1dba2c3043be403b5e042fda1238c0cda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

access-control-expose-headers: *
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gXfeGhCI4znLO7Hn931gbKo%2BHHCElMnwA8VGy48CJTSdGT9FdHK6%2FBPeIhc7C8g3MBCJC9xfcMIe2qE4FwmlL18gvL9tWzsGx5EHKK8d3ofLBIsfsrDZm4CZxCTuaMUjPXZttB5fkXpXnqLvXJ4oebnMbnGdYJiMTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=47263&sent=627&recv=132&lost=0&retrans=0&sent_bytes=696143&recv_bytes=25002&delivery_rate=409799&cwnd=129300&unsent_bytes=0&cid=33a35c8d81c85ee9&ts=4210&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 18 Nov 2024 01:55:03 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
priority: u=4,i
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8e4456064f381d78-ATL
refresh: 2;
access-control-allow-origin: https://i74686972646d696c6co6f7267z.oszar.com
x-powered-by: PHP/8.2.18
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
88 KB 89ms
88ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-15408218&l=dataLayer&cx=c&gtm=45He4bc0v894706512za204

Requested by

Host: i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com
URL: https://i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com/gtm.js?id=GTM-P82RXW6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

67bb6712b644e88b22156f63776041155a35d551f3f3a9801d990d116f000bed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 18 Nov 2024 01:55:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 01:55:02 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 18 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 89597
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 23381837.js Show response
i6a73o68732d73637269707473o636f6dz.oszar.com/ 1 KB
2 KB 585ms
573ms Script
application/javascript 172.67.220.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i6a73o68732d73637269707473o636f6dz.oszar.com/23381837.js

Requested by

Host: i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com
URL: https://i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com/gtm.js?id=GTM-P82RXW6

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.2.18

Resource Hash

2f38151e2bac87389d6b7770e9ea29297db35613dc20011d9992e680113aec0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

access-control-max-age: 3600
content-encoding: gzip
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xJw%2F7J8TRbe0sBVDZklXI8HxsZO9GFSqBt9CEgBzAiOjNq2K925Gp%2BsZR%2BJbWvYrJkG8l17Tzr6y2LYgkXbucvpM0SdASDWeDhE7JsnAD5xZw6cEsSsU4LpE%2B7sXJJLpQhnfyvI1RReyOVjqC7S1cs%2BOjRcdjuKEb13x9%2Bz7sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 18 Nov 2024 01
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=48318&sent=628&recv=143&lost=0&retrans=0&sent_bytes=696926&recv_bytes=25497&delivery_rate=1832337&cwnd=129300&unsent_bytes=0&cid=33a35c8d81c85ee9&ts=4357&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 18 Nov 2024 01:55:03 GMT
x-hubspot-correlation-id: eef68115-64f4-4d3a-b5e8-206a83e29ee2
content-type: application/javascript;charset=utf-8
vary: origin, Accept-Encoding,Accept-Encoding
last-modified: Mon, 18 Nov 2024 01
priority: u=3,i=?0
cache-control: public, max-age=90
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8e4456064f4e1d78-ATL
accept-ranges: bytes
access-control-allow-origin: https
content-length: 586
x-powered-by: PHP/8.2.18
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 391 KB
127 KB 103ms
102ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GPYGBDJZE1&l=dataLayer&cx=c&gtm=45He4bc0v894706512za204

Requested by

Host: i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com
URL: https://i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com/gtm.js?id=GTM-P82RXW6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4917ec69b98db3826c307b8b6183cb65107d80b54e29de100746ef3dc3f518a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 18 Nov 2024 01:55:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 01:55:02 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 130406
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 sw_iframe.html Show response
i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com/static/service_worker/4al0/ Frame 76D3 5 KB
3 KB 640ms
639ms Document
text/html 172.67.220.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fi74686972646d696c6co6f7267z.oszar.com

Requested by

Host: i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com
URL: https://i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com/gtm.js?id=GTM-P82RXW6

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.2.18

Resource Hash

cb5615bb5a20616d0e7d29d947c8fe8a73117c29f88ce5cc6fc52b5c2cc18fb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=31536000
cf-cache-status: DYNAMIC
cf-ray: 8e4456066f731d78-ATL
content-encoding: zstd
content-type: text/html;charset=UTF-8
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Mon, 18 Nov 2024 01:55:03 GMT
expires: Tue, 18 Nov 2025 01
last-modified: Mon, 21 Oct 2024 16
priority: u=0,i
report-to: {"group"
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=QUIC&rtt=48051&sent=631&recv=146&lost=0&retrans=0&sent_bytes=698821&recv_bytes=26428&delivery_rate=32202&cwnd=129300&unsent_bytes=0&cid=33a35c8d81c85ee9&ts=4439&x=1" cfExtPri cfHdrFlush;dur=0
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-powered-by: PHP/8.2.18
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 217ms
76ms Fetch
text/plain 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-15408218&gtm=45je4bc0z8894706512za200zb894706512&_p=1731894901341&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067554~102067808~102077855~102081484&cid=776506590.1731894903&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731894902&sct=1&seg=0&dl=https%3A%2F%2Fi74686972646d696c6co6f7267z.oszar.com%2F&dt=thirdmill.org%3A%20Biblical%20Education.%20For%20the%20World.%20For%20Free.&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4010
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-15408218&l=dataLayer&cx=c&gtm=45He4bc0v894706512za204
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://i74686972646d696c6co6f7267z.oszar.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 01:55:03 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
analytics.google.com/g/ 0
0 211ms
75ms Fetch
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-GPYGBDJZE1&gtm=45je4bc0v892224428za200zb894706512&_p=1731894901341&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067554~102067808~102077855&cid=776506590.1731894903&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1731894902&sct=1&seg=0&dl=https%3A%2F%2Fi74686972646d696c6co6f7267z.oszar.com%2F&dt=thirdmill.org%3A%20Biblical%20Education.%20For%20the%20World.%20For%20Free.&en=page_view&_fv=1&_ss=1&_ee=1&tfd=4064
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GPYGBDJZE1&l=dataLayer&cx=c&gtm=45He4bc0v894706512za204
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://i74686972646d696c6co6f7267z.oszar.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 01:55:03 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
570 B 186ms
63ms Ping
text/plain 2607:f8b0:4004:c19::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GPYGBDJZE1&cid=776506590.1731894903&gtm=45je4bc0v892224428za200zb894706512&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067554~102067808~102077855
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GPYGBDJZE1&l=dataLayer&cx=c&gtm=45He4bc0v894706512za204
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c19::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://i74686972646d696c6co6f7267z.oszar.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 01:55:03 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 09AE 0
0 223ms
79ms Document
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-GPYGBDJZE1&gacid=776506590.1731894903&gtm=45je4bc0v892224428za200zb894706512&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067554~102067808~102077855&z=1529631809

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GPYGBDJZE1&l=dataLayer&cx=c&gtm=45He4bc0v894706512za204

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://i74686972646d696c6co6f7267z.oszar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Nov 2024 01:55:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 banner.js Show response
i6a73o68732d62616e6e6572o636f6dz.oszar.com/v2/23381837/ 71 KB
24 KB 792ms
781ms Script
text/javascript 172.67.220.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i6a73o68732d62616e6e6572o636f6dz.oszar.com/v2/23381837/banner.js
Requested by: Host: i6a73o68732d73637269707473o636f6dz.oszar.com
URL: https://i6a73o68732d73637269707473o636f6dz.oszar.com/23381837.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.18
Resource Hash: c37a1cfab1ee181d47173ddbbf744d6aca69504f3d9c8ad76cc98df0b05383d8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

x-request-id: e299a50a-2309-4560-a194-9004b6c70c04
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
content-encoding: gzip
cf-cache-status: BYPASS
etag: W/"a22e34e117291edf260d7db921e1f40f"
x-amz-version-id: fDfOBVQ2W4DWYrX11VRQ5uy14ZpP60Po
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6G%2Bj8Nh4uzlzNebzrSjzbrZLFmACRJ4xMfAC3Gb77E%2FB%2Fsb9FD5ZLk0hwj4DgdZL9%2FEUtz8R%2FC5nZ%2BXJ03BOfZNRjz0IPD5T9RwGW3a1VMPlwGtpU18Y0vPXn6MbSgd7gYkEEyktz1wFxU0hyiijwMLlGoZ63g2NABRvbXE%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
server-timing: cfL4;desc="?proto=QUIC&rtt=48467&sent=758&recv=182&lost=0&retrans=0&sent_bytes=827887&recv_bytes=50634&delivery_rate=402001&cwnd=129300&unsent_bytes=0&cid=33a35c8d81c85ee9&ts=5153&x=1", cfExtPri, cfHdrFlush;dur=0
x-hubspot-correlation-id: e299a50a-2309-4560-a194-9004b6c70c04
content-type: text/javascript; charset=UTF-8
last-modified: Tue, 29 Oct 2024 13
priority: u=3,i=?0
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=300,public
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-58b4c4568d-g6f22
x-envoy-upstream-service-time: 29
x-amz-request-id: AZJ09K6E8G6281N2
accept-ranges: bytes
content-length: 21784
x-powered-by: PHP/8.2.18
server: cloudflare
x-evy-trace-virtual-host: all
x-amz-server-side-encryption: AES256
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expires: Mon, 18 Nov 2024 02
date: Mon, 18 Nov 2024 01:55:04 GMT
vary: origin, Accept-Encoding,Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
x-amz-id-2: lTb0Hq783wlwTso8Ybte0VAVUZOE9hKcy/JZp4+opBdfmFDN8vN9Vuh5Tum1YICmYIn2VvopmZ3xFwJn3afkLESSsMAFeJTV
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
access-control-allow-credentials: true
cf-ray: 8e445609fd361d78-ATL
access-control-allow-origin: https
x-evy-trace-route-configuration: listener_https/all

GET
H3 200 23381837.js Show response
i6a73o68732d616e616c7974696373o6e6574z.oszar.com/analytics/1731894900000/ 68 KB
22 KB 687ms
677ms Script
text/javascript 172.67.220.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i6a73o68732d616e616c7974696373o6e6574z.oszar.com/analytics/1731894900000/23381837.js
Requested by: Host: i6a73o68732d73637269707473o636f6dz.oszar.com
URL: https://i6a73o68732d73637269707473o636f6dz.oszar.com/23381837.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.18
Resource Hash: 64300d67f06576fb0ff9d0c8c02cc2152be3f6204a01c91c890534bb419b79d3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

x-request-id: f8eec063-2585-4557-a154-fb29d1e5a759
content-encoding: gzip
cf-cache-status: BYPASS
etag: W/"4e387d554fd9778047af9450476da84e"
x-amz-version-id: null
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xuoDM0WvIY%2BkyDtyBeeFnZSz3%2FF8vlUMKkhchzZGXS%2BRGDH5ZBhXRn%2BmsgLRh63IN%2FhjTkLT3BZiISDpD69l5GCJgotoAKYNkCg99mGlKfpK%2BMbQQDg6uHiHIWrc2bGVfc5snTzntZU8MRKEqIty1v8rNJxjXz%2Bmw6%2FGK9elX69QVus%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
server-timing: cfL4;desc="?proto=QUIC&rtt=48670&sent=737&recv=178&lost=0&retrans=0&sent_bytes=804823&recv_bytes=50452&delivery_rate=923720&cwnd=129300&unsent_bytes=0&cid=33a35c8d81c85ee9&ts=5048&x=1", cfExtPri, cfHdrFlush;dur=0
x-hubspot-correlation-id: f8eec063-2585-4557-a154-fb29d1e5a759
content-type: text/javascript;charset=UTF-8
last-modified: Wed, 13 Nov 2024 16
priority: u=3,i=?0
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=300,public
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-58b4c4568d-8xq2m
x-envoy-upstream-service-time: 26
x-amz-request-id: M4ZX7WPD0Y746MDS
accept-ranges: bytes
content-length: 20832
x-powered-by: PHP/8.2.18
server: cloudflare
x-evy-trace-virtual-host: all
x-amz-server-side-encryption: AES256
expires: Mon, 18 Nov 2024 02
date: Mon, 18 Nov 2024 01:55:03 GMT
vary: origin, Accept-Encoding,Accept-Encoding
x-amz-id-2: 378oLw4tBam4fvX85IVtFgkFKZz0KjAv/sAnS39WYnHR34hPETDKjA0wiHsGW6Hp3thDqGMHinw=
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: false
cf-ray: 8e445609fd351d78-ATL
x-evy-trace-route-configuration: listener_https/all

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 76D3 19 KB
0 0ms
0ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com
URL: https://i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fi74686972646d696c6co6f7267z.oszar.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com
Referer: https://i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8e4455fe2ecf5c79-MIA
access-control-allow-origin: *
date: Mon, 18 Nov 2024 01:55:01 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3

200

main.js Show response
i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame AFCB
Redirect Chain

https://i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?

8 KB
5 KB

58ms
57ms

Script
application/javascript

172.67.220.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?

Requested by

Host: i74686972646d696c6co6f7267z.oszar.com
URL: https://i74686972646d696c6co6f7267z.oszar.com/

Protocol

Server

172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2837bd0813fd31571c01ef5ca4649efabdb7e96eb70a97a0810d402b3da1d70

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LDYp1m80lMBOsgl0XhCnaHcZE4n7yfcS5HCtB4j%2BLmIUpT39sssjfibtbgLQZ%2F47A%2B59T%2FmERVaHQs4xuexGKtGvdYcyPfTWNGkiE4twSMZ0i%2FGuWc0I5zpRGFaUIaVEe0nhugfxDPypmCRJd%2BObvVXV1xFmPxaYBOQRNPYp1o6jYm2ZPaPhw6cCy8md"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8e44560b883c1d78-ATL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=47681&sent=642&recv=153&lost=0&retrans=0&sent_bytes=703177&recv_bytes=32106&delivery_rate=9539&cwnd=129300&unsent_bytes=0&cid=33a35c8d81c85ee9&ts=4677&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 18 Nov 2024 01:55:03 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v9%2FfwMj3j0ChPYjizUBbF9QgHtbDlxhmDh8R%2BXGEWU05vzDOE79vHaWZN29K03f%2BXSdhPfrM6ksIRh6oQ9zWE7n1VVfhIhf4l1%2BNKM3P5%2FWQviin8t31PCck87%2FE4Bx8JOaP738tLx1XaK8GpX5msdwbMb%2BzO5GzrDKJP70qsfv9NipgV3yt45wXjXwE"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e44560b1f6d1d78-ATL
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=47914&sent=639&recv=152&lost=0&retrans=0&sent_bytes=702199&recv_bytes=31303&delivery_rate=42696&cwnd=129300&unsent_bytes=0&cid=33a35c8d81c85ee9&ts=4620&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 18 Nov 2024 01:55:03 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

POST
H3 204 rum Show response
i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com/cdn-cgi/ Frame 76D3 0
172 B 91ms
90ms XHR
text/plain 172.67.220.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: application/json
Referer: https://i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fi74686972646d696c6co6f7267z.oszar.com

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8e44560b1f791d78-ATL
access-control-allow-origin: https://i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com
date: Mon, 18 Nov 2024 01:55:03 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

POST
H3 200 8e4456066f731d78 Show response
i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame AFCB 0
1 KB 89ms
79ms XHR
text/plain 172.67.220.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com/cdn-cgi/challenge-platform/h/b/jsd/r/8e4456066f731d78
Requested by: Host: i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com
URL: https://i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xQd3M2YtisVlWjdSY1z0cuyW2nc1nVakbR3z1ZZSL16ufXL3SCFqcWQXe2iTjXxScS2FOIVyPWaLz0kXjAftUCXoyXbSgLkjbc0HMOAQ7MirffYF1grYJp%2FMn0rK41yhjHFTZFCtnjLFWj9%2B77hUhYGiKsvWMnEr6L%2BdBggMaF%2FuNXU89iwPFpRxYluG"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e44560caaa01d78-ATL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=47558&sent=654&recv=169&lost=0&retrans=0&sent_bytes=708084&recv_bytes=50051&delivery_rate=60957&cwnd=129300&unsent_bytes=0&cid=33a35c8d81c85ee9&ts=4893&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 0
date: Mon, 18 Nov 2024 01:55:03 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare
priority: u=1,i

GET
H3 200 json Show response
forms.hsforms.com/embed/v3/form/23381837/55513ee1-14f8-4207-8415-1e76a54eec20/ 5 KB
3 KB 140ms
97ms XHR
application/json 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/23381837/55513ee1-14f8-4207-8415-1e76a54eec20/json?hs_static_app=forms-embed&hs_static_app_version=1.6227&X-HubSpot-Static-App-Info=forms-embed-1.6227

Requested by

Host: i6a73o6873666f726d73o6e6574z.oszar.com
URL: https://i6a73o6873666f726d73o6e6574z.oszar.com/forms/embed/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0340bf0e84a43065a428069ddc632c9a2a68283249634b89149fb78a461cbca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

x-robots-tag: none
access-control-max-age: 180
x-request-id: d3c57a7d-c917-400d-8c8e-77d3ec3084d4
access-control-expose-headers: X-Origin-Hublet
content-encoding: gzip
cf-cache-status: DYNAMIC
x-origin-hublet: na1
access-control-allow-methods: OPTIONS, GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
date: Mon, 18 Nov 2024 01:55:07 GMT
x-hubspot-correlation-id: d3c57a7d-c917-400d-8c8e-77d3ec3084d4
content-type: application/json;charset=utf-8
vary: origin
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-b8czt
x-envoy-upstream-service-time: 20
access-control-allow-credentials: false
cf-ray: 8e4456229f19ed32-MIA
access-control-allow-origin: https://i74686972646d696c6co6f7267z.oszar.com
x-evy-trace-route-configuration: listener_https/all
content-length: 1903
server: cloudflare
x-evy-trace-virtual-host: all

GET
H3 200 Teacher_teaching_group.jpg
i74686972646d696c6co6f7267z.oszar.com/img/2020/ 48 KB
49 KB 1127ms
1126ms Image
image/jpeg 172.67.220.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i74686972646d696c6co6f7267z.oszar.com/img/2020/Teacher_teaching_group.jpg
Requested by: Host: i74686972646d696c6co6f7267z.oszar.com
URL: https://i74686972646d696c6co6f7267z.oszar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: aa99dd1db7ebc3ac921c07f3615a860b394000ec0ffea002f0b05d4f41be8f99

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

cf-cache-status: MISS
etag: "dfbcb31d754d71
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vqpHGbbUlyKBlPctJPAb53jadAWWSMG5HTfnanIig9%2FbFCsqZmEigoE5EA0R3cHsB3SNeNURFFHF0CKSSfabZqY3W%2BG%2Fz36Nzsy%2F38ifwXSk3IEOVmYyURqTxfk4Wy8O0zfz8%2BKz6%2FRCEqWUWz3Zq1iNdNCnmGDK"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=48820&sent=1002&recv=232&lost=0&retrans=1&sent_bytes=1090858&recv_bytes=76929&delivery_rate=27224&cwnd=141300&unsent_bytes=0&cid=33a35c8d81c85ee9&ts=9416&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 18 Nov 2024 01:55:08 GMT
content-type: image/jpeg
last-modified: Fri, 28 May 2021 21
vary: Origin, Accept-Encoding
priority: u=3,i
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4456227a831d78-ATL
access-control-allow-origin: *
x-powered-by: ASP.NET
server: cloudflare

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 325 KB
108 KB 87ms
87ms Script
application/javascript 142.251.35.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PNFHQ1FTKQ&l=dataLayer&cx=c&gtm=45He4bc0v894706512za204

Requested by

Host: i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com
URL: https://i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com/gtm.js?id=GTM-P82RXW6

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.168 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

84798dc308f6358801d02f628d395213cad1a04d1db26f628efb1d0bd1c98e48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 18 Nov 2024 01:55:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 01:55:07 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 110124
x-xss-protection: 0
server: Google Tag Manager

GET
H3

200

main.js Show response
i74686972646d696c6co6f7267z.oszar.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame D583
Redirect Chain

https://i74686972646d696c6co6f7267z.oszar.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://i74686972646d696c6co6f7267z.oszar.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?

8 KB
4 KB

58ms
57ms

Script
application/javascript

172.67.220.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i74686972646d696c6co6f7267z.oszar.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?

Requested by

Host: i74686972646d696c6co6f7267z.oszar.com
URL: https://i74686972646d696c6co6f7267z.oszar.com/

Protocol

Server

172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de8e26a8f69b9193ef5a780935bab6fd3c7b1a55eeed77502f6cd54f18fce7c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i16TkbkDXjtT81e6MfDuDIUamFhlCr0HpNMIUYcBXR%2BWk0JOcsicHWB%2BwKCQ36vuEVh2dZBYtl2xOhZLzwLL7s4bjd8CBxuVJ4buGd0oNqSeFWCRjZS%2BHTDZB%2FCcKCipIFdDwgRCE1M%2F1ObdnIW7f%2BCiW%2FN1eJ6F"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8e4456231bad1d78-ATL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=52331&sent=923&recv=204&lost=0&retrans=1&sent_bytes=1018847&recv_bytes=55623&delivery_rate=47638&cwnd=141300&unsent_bytes=0&cid=33a35c8d81c85ee9&ts=8446&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 18 Nov 2024 01:55:07 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2AGiHcMw7DRaIl5MukOU9FHrDTLJy9sV%2B0MAQOeva59GLFKNHgUstuSmy2RPIQ2fWeePvO5eRloyRefGvhOD5gO8auSn8K9oFLDKMjYRAmBUOEjB5akTMdbO5gvBu24t18919FaIeCGkmfKsfHHwdHiehbTrY36f"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e445622aadb1d78-ATL
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=53868&sent=920&recv=201&lost=0&retrans=1&sent_bytes=1018072&recv_bytes=53622&delivery_rate=2659871&cwnd=141300&unsent_bytes=0&cid=33a35c8d81c85ee9&ts=8386&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 18 Nov 2024 01:55:07 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 79ms
77ms Fetch
text/plain 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-PNFHQ1FTKQ&gtm=45je4bc0v9137753640za200zb894706512&_p=1731894901341&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855&cid=776506590.1731894903&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731894907&sct=1&seg=0&dl=https%3A%2F%2Fi74686972646d696c6co6f7267z.oszar.com%2F&dt=thirdmill.org%3A%20Biblical%20Education.%20For%20the%20World.%20For%20Free.&en=page_view&_fv=1&_ss=1&_ee=1&tfd=8397
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PNFHQ1FTKQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://i74686972646d696c6co6f7267z.oszar.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 01:55:07 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 boomerang.min.js Show response
i63646eo666561746872o636fz.oszar.com/js/ 189 KB
60 KB 598ms
587ms Script
text/javascript 172.67.220.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i63646eo666561746872o636fz.oszar.com/js/boomerang.min.js
Requested by: Host: i74686972646d696c6co6f7267z.oszar.com
URL: https://i74686972646d696c6co6f7267z.oszar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.18
Resource Hash: 6e1ee5ff9cbf87a9dcfb21ef9e6de7ab9a61a135bc57bc9cd4755581305706ee

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

content-encoding: gzip
cf-cache-status: BYPASS
x-amz-version-id: t9VeB9LtEBiqscsCPVbCsL1KRthXw33S
etag: W/"bc0a9ef390de0ab7c2b8deaad5a6b82e"
report-to: {"endpoints"
server-timing: cfL4;desc="?proto=TCP&rtt=5211&sent=4&recv=7&lost=0&retrans=0&sent_bytes=2800&recv_bytes=954&delivery_rate=487686&cwnd=242&unsent_bytes=0&cid=5f37fbb6c30d9214&ts=36&x=0", cfL4;desc="?proto=QUIC&rtt=50925&sent=944&recv=223&lost=0&retrans=1&sent_bytes=1025098&recv_bytes=75662&delivery_rate=5358&cwnd=141300&unsent_bytes=0&cid=33a35c8d81c85ee9&ts=8948&x=1", cfExtPri, cfHdrFlush;dur=0
alt-svc: h3=":443"; ma=86400
date: Mon, 18 Nov 2024 01:55:07 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 21 Jun 2024 01
x-amz-id-2: ekZSw7lq0nMtG900Ow5qHch8y0Np8YQQfzUGPLBsHDHo81aVfFVnHhhHu1Ux4QLP8yb/fIQvhUk=
priority: u=3,i=?0
cache-control: max-age=14400
nel: {"success_fraction"
x-amz-request-id: FARB7BJTNAKJSA6N
cf-ray: 8e445622eb6f1d78-ATL
accept-ranges: bytes
content-length: 59893
x-powered-by: PHP/8.2.18
server: cloudflare

GET
H3 200 counters.gif
i666f726d73o6873666f726d73o636f6dz.oszar.com/embed/v3/ 35 B
2 KB 632ms
624ms Image
image/gif 172.67.220.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i666f726d73o6873666f726d73o636f6dz.oszar.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Host: i74686972646d696c6co6f7267z.oszar.com
URL: https://i74686972646d696c6co6f7267z.oszar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.2.18

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

x-robots-tag: none
x-request-id: 79ba19ed-38c3-4898-98ef-0ade2fca9470
access-control-expose-headers: X-Origin-Hublet
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RwogZk5b4nVSiGUn2Smdkdd6seddizsYfaWDZYOmgZD916XDUS%2F50%2FJqU0DamScvkMhjcNhzJo0X6Xv1ogs5KXuNbWy2uzMOEdJl6wnXbs3RUV8TKexroepOg%2FHOb293xvvLzdbcxzljj7nu5IKkHyHEjq9TCg01ZLjOauaMpA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
server-timing: cfL4;desc="?proto=QUIC&rtt=49420&sent=997&recv=228&lost=0&retrans=1&sent_bytes=1087548&recv_bytes=75883&delivery_rate=506519&cwnd=141300&unsent_bytes=0&cid=33a35c8d81c85ee9&ts=9065&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 18 Nov 2024 01:55:07 GMT
x-hubspot-correlation-id: 79ba19ed-38c3-4898-98ef-0ade2fca9470
content-type: image/gif
vary: origin, Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-6gcth
x-envoy-upstream-service-time: 2
access-control-allow-credentials: false
cf-ray: 8e4456236c371d78-ATL
accept-ranges: bytes
x-evy-trace-route-configuration: listener_https/all
content-length: 35
x-powered-by: PHP/8.2.18
server: cloudflare
x-evy-trace-virtual-host: all

GET
H3 200 counters.gif
i666f726d73o6873666f726d73o636f6dz.oszar.com/embed/v3/ 35 B
2 KB 706ms
705ms Image
image/gif 172.67.220.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i666f726d73o6873666f726d73o636f6dz.oszar.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Host: i74686972646d696c6co6f7267z.oszar.com
URL: https://i74686972646d696c6co6f7267z.oszar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.2.18

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

x-robots-tag: none
x-request-id: dc3c5f01-3542-4c7c-810c-6bcc9ac2d4bd
access-control-expose-headers: X-Origin-Hublet
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4PsgTvxAVQU9B5HavcWeOIh7g%2FG5Cmkt30o%2F4JgyV6G8TNaopVmnf%2FbgkVwGB8vZ0CYyhaThd%2FGlB2jEqFwfha%2Bmg3gvLy%2B6%2F8Q2dct%2FgD8SRIgJihdryoW1448msa1Sxc1Cg0jMEcPiy5IXTnxYrcnlB%2FTOvxgk1Hu%2BueoiVg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
server-timing: cfL4;desc="?proto=QUIC&rtt=48842&sent=1000&recv=231&lost=0&retrans=1&sent_bytes=1089215&recv_bytes=76884&delivery_rate=159401&cwnd=141300&unsent_bytes=0&cid=33a35c8d81c85ee9&ts=9167&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 18 Nov 2024 01:55:08 GMT
x-hubspot-correlation-id: dc3c5f01-3542-4c7c-810c-6bcc9ac2d4bd
content-type: image/gif
vary: origin, Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-xrw7l
x-envoy-upstream-service-time: 2
access-control-allow-credentials: false
cf-ray: 8e4456238c8e1d78-ATL
accept-ranges: bytes
x-evy-trace-route-configuration: listener_https/all
content-length: 35
x-powered-by: PHP/8.2.18
server: cloudflare
x-evy-trace-virtual-host: all

POST
H3 200 8e4455eebcf81d78 Show response
i74686972646d696c6co6f7267z.oszar.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame D583 0
1 KB 79ms
68ms XHR
text/plain 172.67.220.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i74686972646d696c6co6f7267z.oszar.com/cdn-cgi/challenge-platform/h/b/jsd/r/8e4455eebcf81d78
Requested by: Host: i74686972646d696c6co6f7267z.oszar.com
URL: https://i74686972646d696c6co6f7267z.oszar.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.220.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pbtW8%2B18E%2B0sDnShZU8xE4WTNxdPPITb9WkXS09uutibNrSDj8mh%2BaKIky9Pkx5SF407jvJIgOKNAYEncyNOhTIK%2Fw2jlGohSQHpkRHXk4f%2FzuonltyNHdRlkz8C%2BvrQbNq0lotGtukb5aN9ZyTFBzTXdEKNXB6s"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e4456245e221d78-ATL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=51656&sent=943&recv=222&lost=0&retrans=1&sent_bytes=1023906&recv_bytes=75617&delivery_rate=70435&cwnd=141300&unsent_bytes=0&cid=33a35c8d81c85ee9&ts=8675&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 0
date: Mon, 18 Nov 2024 01:55:07 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare
priority: u=1,i

GET
H2 200 integrations Show response
polo.feathr.co/v1/accounts/63333146e71b502d20454c6d/ 43 B
848 B 161ms
85ms XHR
application/json 2606:4700:20::ac43:4415
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://polo.feathr.co/v1/accounts/63333146e71b502d20454c6d/integrations

Requested by

Host: i63646eo666561746872o636fz.oszar.com
URL: https://i63646eo666561746872o636fz.oszar.com/js/boomerang.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4415 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f100675cb597df4d9c18d390963b0062703e5d617244ccdd494beb39037190d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m1xwryhKjkjfCdgH%2FOshciwVDzM6CXho0zkW1GIGsU73y288QVK%2BEJexXVWrByaowTA2n0Adt5Q8IAvEqA1raKGmZ4NBMaalNWR1ePHNripB%2B8POPAilNSYFNLwFiuicPgLUJWXMRKgCZ6LU"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e445627a8ffa675-MIA
access-control-allow-origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=31546&sent=7&recv=12&lost=0&retrans=0&sent_bytes=4003&recv_bytes=2356&delivery_rate=125983&cwnd=254&unsent_bytes=0&cid=456ee892f3904559&ts=91&x=0"
content-length: 43
date: Mon, 18 Nov 2024 01:55:08 GMT
content-type: application/json
server: cloudflare
access-control-allow-headers: AccountId, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Range, ReportObject, ReportType, User-Agent, X-API-Key, X-Requested-With

GET refresh
i6d6172636fo666561746872o636fz.oszar.com/v1/ 0
0

GET
H2 200 script.js Show response
polo.feathr.co/v1/analytics/match/ 290 B
988 B 160ms
95ms Script
text/javascript 2606:4700:20::ac43:4415
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://polo.feathr.co/v1/analytics/match/script.js?a_id=63333146e71b502d20454c6d&pk=feathr

Requested by

Host: i63646eo666561746872o636fz.oszar.com
URL: https://i63646eo666561746872o636fz.oszar.com/js/boomerang.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4415 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

388275754308d75c604525a7fa48f07b256e5c782ab69f7ce4ca3f80172c013d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"673a9e808fb63ec4e6184695"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y2m3uR5HqkMnWZV1BXyxORVK6mm%2FfV1J3mFm2S05uVu%2Fm31dwUPPUPsm%2BAGHO1%2BedxTM2eVXNRnxrtPcm1TbMG6aajHQD86YUe6hN%2FNu7MSXfYF5XeYAuSzwUnTdZJnhzMnUUHo%2BU%2Fhk8guc"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=30672&sent=6&recv=13&lost=0&retrans=0&sent_bytes=3981&recv_bytes=2417&delivery_rate=128449&cwnd=253&unsent_bytes=0&cid=1da67a923096c9e2&ts=96&x=0"
date: Mon, 18 Nov 2024 01:55:12 GMT
content-type: text/javascript
access-control-allow-headers: AccountId, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Range, ReportObject, ReportType, User-Agent, X-API-Key, X-Requested-With
cache-control: max-age=0,must-revalidate,no-cache,private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8e4456406f49a51e-MIA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 pixel.js Show response
polo.feathr.co/v1/accounts/63333146e71b502d20454c6d/ 32 B
445 B 190ms
125ms Script
text/javascript 2606:4700:20::ac43:4415
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://polo.feathr.co/v1/accounts/63333146e71b502d20454c6d/pixel.js?pk=feathr

Requested by

Host: i63646eo666561746872o636fz.oszar.com
URL: https://i63646eo666561746872o636fz.oszar.com/js/boomerang.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4415 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eacfa4f711eaca1336ff82619c8a2d310dec11266d594fbc7e5a91259cebf848

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

cache-control: must-revalidate, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WtP4CeLSu9dbsW3y76oA3ZLFdBYQYugnI8aD7FGfRX%2BcSHfTvk37fbe9JlSUOTgATT%2BBYMj3X2Og5uSdWtOGAeMWEwQxRhmWf7A3a12R8fnMVUS94L19BG7MkOKgpFjWhR63fGmKZvZVnhI%2B"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e4456406f4ca51e-MIA
access-control-allow-origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=30672&sent=12&recv=13&lost=0&retrans=0&sent_bytes=5846&recv_bytes=2417&delivery_rate=128449&cwnd=253&unsent_bytes=0&cid=1da67a923096c9e2&ts=127&x=0"
content-length: 32
date: Mon, 18 Nov 2024 01:55:12 GMT
content-type: text/javascript
server: cloudflare
access-control-allow-headers: AccountId, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Range, ReportObject, ReportType, User-Agent, X-API-Key, X-Requested-With

GET
H2 200 pixel.js Show response
polo.feathr.co/v1/accounts/63333146e71b502d20454c6d/integrations/facebook/ 512 B
745 B 176ms
112ms Script
text/javascript 2606:4700:20::ac43:4415
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://polo.feathr.co/v1/accounts/63333146e71b502d20454c6d/integrations/facebook/pixel.js?pk=feathr

Requested by

Host: i63646eo666561746872o636fz.oszar.com
URL: https://i63646eo666561746872o636fz.oszar.com/js/boomerang.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4415 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e72cd0a631e419d21fa99b3a42432e75e03b695f0009a4181baef6a8705a4d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

cache-control: must-revalidate, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g2VBcg%2FBYZeJE35%2FWT3NZRebzmRFE%2FoC7nK3qy8ZvO7pU6pOFlcDMfRvxCV130ox1E3xhr70Eln3D8wrZh2YRnUikbgCOrLVyAEWlxsqF%2Bp2xB3xIxShXqgFiW9ttIBf%2FMpO7NqL9GsxYBnG"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e4456406f4aa51e-MIA
access-control-allow-origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=30672&sent=9&recv=13&lost=0&retrans=0&sent_bytes=5035&recv_bytes=2417&delivery_rate=128449&cwnd=253&unsent_bytes=0&cid=1da67a923096c9e2&ts=114&x=0"
date: Mon, 18 Nov 2024 01:55:12 GMT
content-type: text/javascript
server: cloudflare
access-control-allow-headers: AccountId, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Range, ReportObject, ReportType, User-Agent, X-API-Key, X-Requested-With

GET

generic
i6d61746368o616473727672o6f7267z.oszar.com/track/cmb/
Redirect Chain

https://i6d61746368o616473727672o6f7267z.oszar.com/track/cmf/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=673a9e808fb63ec4e6184695&gdpr=0&ttd_passthrough=a_id%3D63333146e71b502d20454c6d
https://i6d61746368o616473727672o6f7267z.oszar.com/track/cmb/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=673a9e808fb63ec4e6184695&gdpr=0&ttd_passthrough=a_id%3D63333146e71b502d20454c6d

0
0

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 127ms
63ms Script
application/x-javascript 31.13.71.7

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: polo.feathr.co
URL: https://polo.feathr.co/v1/accounts/63333146e71b502d20454c6d/integrations/facebook/pixel.js?pk=feathr

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.7 -, , ASN (),

Reverse DNS

Software

Resource Hash

43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-ijslmGi9' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 18 Nov 2024 01:55:12 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-ijslmGi9' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: GOOD; q=0.7, rtt=59, rtx=0, c=23, mss=1232, tbw=4408, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: CVXgm3zcKb6c9zOSWDtBgrM8NA+LrBl9jUFLd8g4wnzaKsBUtIEeIZn0Ni6cEhV2vG9fN0Jjvx3F2hjlRVG7EA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62152
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 3507397202824136 Show response
connect.facebook.net/signals/config/ 69 KB
14 KB 141ms
140ms Script
application/x-javascript 31.13.71.7

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3507397202824136?v=2.9.177&r=stable&domain=i74686972646d696c6co6f7267z.oszar.com&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.7 -, , ASN (),

Reverse DNS

Software

Resource Hash

e80094d2ce885713d41ee3b0234b6887dfcaef61ab824e5aaeb879ba6a192786

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-qUTcL8hl' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 18 Nov 2024 01:55:12 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-qUTcL8hl' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=59, rtx=0, c=77, mss=1232, tbw=70934, tp=67, tpl=0, uplat=78, ullat=0
pragma: public
x-fb-debug: 0HJndLkqtgSDXPaqlHwY8fRWlYOHFvbDRmmBZLtT4066YWDkW5dWuxfzBxh5MaTlerOcqPW9WXYR3+YmxBxbAg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 crumb
polo.feathr.co/v1/analytics/ 43 B
617 B 97ms
97ms Image
image/gif 2606:4700:20::ac43:4415
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://polo.feathr.co/v1/analytics/crumb?cb=58decbc39183f&a_id=63333146e71b502d20454c6d&f_id=673a9e808fb63ec4e6184695&ses_id=673a9e7c632f30a5b284b748&flvr=page_view&loc_url=https%3A%2F%2Fi74686972646d696c6co6f7267z.oszar.com%2F&s_w=1600&s_h=1200&b_w=1600&b_h=1200&cust_params=e30=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4415 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

cache-control: max-age=0,must-revalidate,no-cache,private,no-store
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uukpUF7NecY7YgbEibj0%2FCHjoITNX4sYM7DSO%2F%2FBwP2CKSgIOKMfiPk0ojXJlZQLOZ8koYkqj2yvFtREiK1%2FTgMJJYJp1CXgLsEXscClD7usUnmYlvaiDt1BDxXchAN6KRPQGYHajX3LK204"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e445646683da51e-MIA
access-control-allow-origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=32363&sent=15&recv=18&lost=0&retrans=0&sent_bytes=6357&recv_bytes=2721&delivery_rate=169370&cwnd=257&unsent_bytes=0&cid=1da67a923096c9e2&ts=1064&x=0"
content-length: 43
date: Mon, 18 Nov 2024 01:55:13 GMT
content-type: image/gif
server: cloudflare
access-control-allow-headers: AccountId, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Range, ReportObject, ReportType, User-Agent, X-API-Key, X-Requested-With

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 124ms
59ms Image
text/plain 31.13.71.36

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3507397202824136&ev=ViewContent&dl=https%3A%2F%2Fi74686972646d696c6co6f7267z.oszar.com%2F&rl=&if=false&ts=1731894913020&cd[b_w]=1600&cd[b_h]=1200&cd[s_w]=1600&cd[s_h]=1200&cd[loc_url]=https%3A%2F%2Fi74686972646d696c6co6f7267z.oszar.com%2F&cd[ses_id]=673a9e7c632f30a5b284b748&cd[flvr]=page_view&cd[a_id]=63333146e71b502d20454c6d&cd[debug]=0&cd[bypass_hash]=0&cd[f_id]=673a9e808fb63ec4e6184695&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=4126&fbp=fb.1.1731894913019.261139530120549204&ler=empty&cdl=API_unavailable&it=1731894912374&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.36 -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=58, rtx=0, c=23, mss=1232, tbw=4458, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 18 Nov 2024 01:55:13 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
198 B 214ms
150ms Image
image/png 31.13.71.36

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=3507397202824136&ev=ViewContent&dl=https%3A%2F%2Fi74686972646d696c6co6f7267z.oszar.com%2F&rl=&if=false&ts=1731894913020&cd[b_w]=1600&cd[b_h]=1200&cd[s_w]=1600&cd[s_h]=1200&cd[loc_url]=https%3A%2F%2Fi74686972646d696c6co6f7267z.oszar.com%2F&cd[ses_id]=673a9e7c632f30a5b284b748&cd[flvr]=page_view&cd[a_id]=63333146e71b502d20454c6d&cd[debug]=0&cd[bypass_hash]=0&cd[f_id]=673a9e808fb63ec4e6184695&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=4126&fbp=fb.1.1731894913019.261139530120549204&ler=empty&cdl=API_unavailable&it=1731894912374&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.36 -, , ASN (),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i74686972646d696c6co6f7267z.oszar.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7438432012951368466"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 18 Nov 2024 01:55:13 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: ntH6M+RDdgPNV9uNbJFNlpHVevxc5Jq3Y+yQf2pY9UyX9eT4to7qKoMlmwh46jNEBCr+GaQshJGiGSMiIZ5ZJQ==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7438432012951368466", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=58, rtx=0, c=23, mss=1232, tbw=4826, tp=13, tpl=0, uplat=89, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: i6d6172636fo666561746872o636fz.oszar.com
URL: https://i6d6172636fo666561746872o636fz.oszar.com/v1/refresh

Domain: i6d61746368o616473727672o6f7267z.oszar.com
URL: https://i6d61746368o616473727672o6f7267z.oszar.com/track/cmb/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=673a9e808fb63ec4e6184695&gdpr=0&ttd_passthrough=a_id%3D63333146e71b502d20454c6d

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.i74686972646d696c6co6f7267z.oszar.com/	1970-01-21 01:04:58	Name: thirdmill_org Value: %7B%22HttpHost%22%3A%22thirdmill.org%22%2C%22HttpDomain%22%3A%22thirdmill.org%22%2C%22Protokol%22%3A%22http%22%2C%22Port%22%3A80%2C%22KulAdSifre%22%3Anull%2C%22UrlAdresi%22%3A%22%5C%2F%22%2C%22GetVeri%22%3Anull%2C%22GitOpjeId%22%3Anull%2C%22DnsAdresi%22%3A0%2C%22URL_Adresi%22%3A%22http%3A%5C%2F%5C%2Fthirdmill.org%5C%2F%22%2C%22GirisIP%22%3A%22216.98.5.56%22%7D
.i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com/	1970-01-21 01:04:58	Name: googletagmanager_com Value: %7B%22HttpHost%22%3A%22www.googletagmanager.com%22%2C%22HttpDomain%22%3A%22googletagmanager.com%22%2C%22Protokol%22%3A%22http%22%2C%22Port%22%3A80%2C%22KulAdSifre%22%3Anull%2C%22UrlAdresi%22%3A%22%5C%2Fgtag%5C%2Fjs%22%2C%22GetVeri%22%3A%22%3Fid%3DG-GPYGBDJZE1%22%2C%22GitOpjeId%22%3Anull%2C%22DnsAdresi%22%3A0%2C%22URL_Adresi%22%3A%22http%3A%5C%2F%5C%2Fwww.googletagmanager.com%5C%2Fgtag%5C%2Fjs%3Fid%3DG-GPYGBDJZE1%22%2C%22GirisIP%22%3A%22142.251.140.72%22%7D
.oszar.com/	1970-01-21 03:14:30	Name: _gcl_au Value: 1.1.1517471910.1731894903
.oszar.com/	1970-01-21 10:40:54	Name: _ga_15408218 Value: GS1.1.1731894902.1.0.1731894902.0.0.0
.oszar.com/	1970-01-21 10:40:54	Name: _ga Value: GA1.1.776506590.1731894903
.oszar.com/	1970-01-21 10:40:54	Name: _ga_GPYGBDJZE1 Value: GS1.1.1731894902.1.0.1731894902.60.0.0
.doubleclick.net/	1970-01-21 01:04:55	Name: test_cookie Value: CheckForPermission
.i6a73o68732d73637269707473o636f6dz.oszar.com/	1970-01-21 01:04:58	Name: js_hs-scripts_com Value: %7B%22HttpHost%22%3A%22js.hs-scripts.com%22%2C%22HttpDomain%22%3A%22js.hs-scripts.com%22%2C%22Protokol%22%3A%22http%22%2C%22Port%22%3A80%2C%22KulAdSifre%22%3Anull%2C%22UrlAdresi%22%3A%22%5C%2F23381837.js%22%2C%22GetVeri%22%3Anull%2C%22GitOpjeId%22%3Anull%2C%22DnsAdresi%22%3A0%2C%22URL_Adresi%22%3A%22http%3A%5C%2F%5C%2Fjs.hs-scripts.com%5C%2F23381837.js%22%2C%22GirisIP%22%3A%22104.16.138.209%22%7D
.i6a73o68732d616e616c7974696373o6e6574z.oszar.com/	1970-01-21 01:04:58	Name: js_hs-analytics_net Value: %7B%22HttpHost%22%3A%22js.hs-analytics.net%22%2C%22HttpDomain%22%3A%22js.hs-analytics.net%22%2C%22Protokol%22%3A%22http%22%2C%22Port%22%3A80%2C%22KulAdSifre%22%3Anull%2C%22UrlAdresi%22%3A%22%5C%2Fanalytics%5C%2F1731894900000%5C%2F23381837.js%22%2C%22GetVeri%22%3Anull%2C%22GitOpjeId%22%3Anull%2C%22DnsAdresi%22%3A0%2C%22URL_Adresi%22%3A%22http%3A%5C%2F%5C%2Fjs.hs-analytics.net%5C%2Fanalytics%5C%2F1731894900000%5C%2F23381837.js%22%2C%22GirisIP%22%3A%22104.17.175.201%22%7D
.i6a73o68732d62616e6e6572o636f6dz.oszar.com/	1970-01-21 01:04:58	Name: js_hs-banner_com Value: %7B%22HttpHost%22%3A%22js.hs-banner.com%22%2C%22HttpDomain%22%3A%22js.hs-banner.com%22%2C%22Protokol%22%3A%22http%22%2C%22Port%22%3A80%2C%22KulAdSifre%22%3Anull%2C%22UrlAdresi%22%3A%22%5C%2Fv2%5C%2F23381837%5C%2Fbanner.js%22%2C%22GetVeri%22%3Anull%2C%22GitOpjeId%22%3Anull%2C%22DnsAdresi%22%3A0%2C%22URL_Adresi%22%3A%22http%3A%5C%2F%5C%2Fjs.hs-banner.com%5C%2Fv2%5C%2F23381837%5C%2Fbanner.js%22%2C%22GirisIP%22%3A%22104.18.40.240%22%7D
.i6a73o6873666f726d73o6e6574z.oszar.com/	1970-01-21 01:04:58	Name: js_hsforms_net Value: %7B%22HttpHost%22%3A%22js.hsforms.net%22%2C%22HttpDomain%22%3A%22js.hsforms.net%22%2C%22Protokol%22%3A%22http%22%2C%22Port%22%3A80%2C%22KulAdSifre%22%3Anull%2C%22UrlAdresi%22%3A%22%5C%2Fforms%5C%2Fembed%5C%2Fv2.js%22%2C%22GetVeri%22%3Anull%2C%22GitOpjeId%22%3Anull%2C%22DnsAdresi%22%3A0%2C%22URL_Adresi%22%3A%22http%3A%5C%2F%5C%2Fjs.hsforms.net%5C%2Fforms%5C%2Fembed%5C%2Fv2.js%22%2C%22GirisIP%22%3A%22104.18.142.119%22%7D
.oszar.com/	1970-01-21 10:40:54	Name: _ga_PNFHQ1FTKQ Value: GS1.1.1731894907.1.0.1731894907.0.0.0
.oszar.com/	1970-01-21 09:50:30	Name: cf_clearance Value: ct92jJkm6Bqm4zMRcD1brV3ABTnue3aC1UTjUepZz3Q-1731894907-1.2.1.1-atRjLuHweR5IMfA3F_1B2KlPLk0sg5XMJVfz9x0qKZy80iJD99QkEUdtYY5rneqrRYl2fbp7Y7f5EFsJToK6HP_AHwGjC91.muFWIHFABw6Ue2GiGPqBc.DVPWJ547g3RR2glZjZMJ1iy3nZUwz05y14jUn9zb4RUVSG0eSpgrvRXGzyVEwF0rDOlJ2y6DmvJWL7TMNpxIgwfkSxAqAllwarD6aLaVhEHNkrYgGC9vOWjhguFSMdGwBE1SIq.W0h21KiVwYbQhKsupp16ZvdI90LV2ieMnKfvAX7GTAZhZBDAOR8sahhQgko2DK9z_SGyR.BC9v8zFb6k0Q8vjOPC4OwrzQfRqt5MCOG7yzaUtZlVsI_HW1ts9p_.bsYnT3m
.i63646eo666561746872o636fz.oszar.com/	1970-01-21 01:04:58	Name: cdn_feathr_co Value: %7B%22HttpHost%22%3A%22cdn.feathr.co%22%2C%22HttpDomain%22%3A%22cdn.feathr.co%22%2C%22Protokol%22%3A%22http%22%2C%22Port%22%3A80%2C%22KulAdSifre%22%3Anull%2C%22UrlAdresi%22%3A%22%5C%2Fjs%5C%2Fboomerang.min.js%22%2C%22GetVeri%22%3Anull%2C%22GitOpjeId%22%3Anull%2C%22DnsAdresi%22%3A0%2C%22URL_Adresi%22%3A%22http%3A%5C%2F%5C%2Fcdn.feathr.co%5C%2Fjs%5C%2Fboomerang.min.js%22%2C%22GirisIP%22%3A%22104.26.14.119%22%7D
.i74686972646d696c6co6f7267z.oszar.com/	1970-01-21 01:04:58	Name: feathr_session_id Value: 673a9e7c632f30a5b284b748
.i666f726d73o6873666f726d73o636f6dz.oszar.com/	1970-01-21 01:04:58	Name: forms_hsforms_com Value: %7B%22HttpHost%22%3A%22forms.hsforms.com%22%2C%22HttpDomain%22%3A%22forms.hsforms.com%22%2C%22Protokol%22%3A%22http%22%2C%22Port%22%3A80%2C%22KulAdSifre%22%3Anull%2C%22UrlAdresi%22%3A%22%5C%2Fembed%5C%2Fv3%5C%2Fcounters.gif%22%2C%22GetVeri%22%3A%22%3Fkey%3Dforms-embed-v2-RENDER_SUCCESS%26count%3D1%22%2C%22GitOpjeId%22%3Anull%2C%22DnsAdresi%22%3A0%2C%22URL_Adresi%22%3A%22http%3A%5C%2F%5C%2Fforms.hsforms.com%5C%2Fembed%5C%2Fv3%5C%2Fcounters.gif%3Fkey%3Dforms-embed-v2-RENDER_SUCCESS%26count%3D1%22%2C%22GirisIP%22%3A%22104.18.80.204%22%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
connect.facebook.net
forms.hsforms.com
i63646eo666561746872o636fz.oszar.com
i666f726d73o6873666f726d73o636f6dz.oszar.com
i6a73o68732d616e616c7974696373o6e6574z.oszar.com
i6a73o68732d62616e6e6572o636f6dz.oszar.com
i6a73o68732d73637269707473o636f6dz.oszar.com
i6a73o6873666f726d73o6e6574z.oszar.com
i6d6172636fo666561746872o636fz.oszar.com
i6d61746368o616473727672o6f7267z.oszar.com
i74686972646d696c6co6f7267z.oszar.com
i777777o676f6f676c657461676d616e61676572o636f6dz.oszar.com
i777777o676f6f676c65o636f6dz.oszar.com
polo.feathr.co
static.cloudflareinsights.com
stats.g.doubleclick.net
td.doubleclick.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
i6d6172636fo666561746872o636fz.oszar.com
i6d61746368o616473727672o6f7267z.oszar.com
104.18.80.204
142.251.35.168
172.67.220.76
2606:4700:20::ac43:4415
2606:4700::6810:5049
2607:f8b0:4004:c19::9b
2607:f8b0:4006:80c::2002
2607:f8b0:4006:81c::200e
2607:f8b0:4006:821::2008
2607:f8b0:4006:821::200e
31.13.71.36
31.13.71.7
01e22bc0fe47c72754d55611ed55b98fa06ef58ea73239c4910c5ca58eefceed
0340bf0e84a43065a428069ddc632c9a2a68283249634b89149fb78a461cbca5
0cb2ec1d4c1d867fcdabcc4e0e40ca2d1d7d05667b93fe323e1c606c9b84c4dc
188b6fdf4f58695eafc7eb57d08ad2cdc9805d010d1f9c2563f99760a51dc37f
189b006f88b97239ac8a11d2c6ef30efb3f595783cfd28644828ada92422d51d
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
297026c59a36bf2926c7da933b7440420d8b62b263556751aa750a8f87b569a3
2e72cd0a631e419d21fa99b3a42432e75e03b695f0009a4181baef6a8705a4d2
2f38151e2bac87389d6b7770e9ea29297db35613dc20011d9992e680113aec0b
388275754308d75c604525a7fa48f07b256e5c782ab69f7ce4ca3f80172c013d
3f86856875f9a25abab2f9856bc0ada9cea489b9220f967985405dfc02f89b68
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
4917ec69b98db3826c307b8b6183cb65107d80b54e29de100746ef3dc3f518a4
50c490a299a311a7531bc8f0374b3230abf93baf8260a60a9dce24f7c3c45a20
540565b7c566a6a3084a966bd0939f8ec0ce32c1e812825a751b838ea218162c
57c26d7181ffcd8445de0dcda60ac120069b563b588b0a594853fed638df0ad9
5f2f285d0c5c05574bb77c927382b5dfb352e3effd1ca1cee20cfc567191f787
64300d67f06576fb0ff9d0c8c02cc2152be3f6204a01c91c890534bb419b79d3
67bb6712b644e88b22156f63776041155a35d551f3f3a9801d990d116f000bed
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bd6d6803e0a9191ec775bb646dc32a1dba2c3043be403b5e042fda1238c0cda
6c4205e167c52e4b78f630e1538c9b95618676cec472e4149794f128faf51bb7
6e1ee5ff9cbf87a9dcfb21ef9e6de7ab9a61a135bc57bc9cd4755581305706ee
7e092c0ba0a01ee259a8065919b7ac052ffb0d9a50c20f8a49b1d93b9b1c7c1b
7f100675cb597df4d9c18d390963b0062703e5d617244ccdd494beb39037190d
84798dc308f6358801d02f628d395213cad1a04d1db26f628efb1d0bd1c98e48
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8f87cc7ec6906b2ac24890a5bb3823a46ac08bcfa7db138363c81fca98238738
92d0a6a92565043438f251040dbda5987a252f7ad1f4edff1b4bb1ada6da1d74
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
a20db9e8436b582155f43749cc324d1bf3cbaffc6c4751cbaedfa6fd1ba9459f
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aa99dd1db7ebc3ac921c07f3615a860b394000ec0ffea002f0b05d4f41be8f99
bd07963d20504c0b916a851e01f1e444cbfa953c5ce667d3b9d89a2ea2e250a6
bf825304f076f1120b99f10ae268a1794f28163e3f8f194d176234cf212a4720
c37a1cfab1ee181d47173ddbbf744d6aca69504f3d9c8ad76cc98df0b05383d8
cb5615bb5a20616d0e7d29d947c8fe8a73117c29f88ce5cc6fc52b5c2cc18fb1
cccb7038febe747d80b0a8991316de2fd4e6c6ddb007c14e5945a730ded3f04f
d39b3919ebddb766b263997783ebb24ac10fcd00294a0aa2b7ab7a7ca6a1923e
d446dc1e6b3a5295a374ecc7bf6ec4f4272ea73ffc45791809d3c1852e48529d
d7ffa244e2e1019f3bd56eea6e33baaad167ee1eee969025ded4987bb6638686
d8cf3553369d2561101b7335bd2987c1697d3371e949dcf4256cbe2a9b7475c1
de8e26a8f69b9193ef5a780935bab6fd3c7b1a55eeed77502f6cd54f18fce7c0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e80094d2ce885713d41ee3b0234b6887dfcaef61ab824e5aaeb879ba6a192786
eacfa4f711eaca1336ff82619c8a2d310dec11266d594fbc7e5a91259cebf848
eefd6fb231e8a4ecf1588732a00d62fffe08133ca798e742b2f23274541b2c7c
f2837bd0813fd31571c01ef5ca4649efabdb7e96eb70a97a0810d402b3da1d70
f3f37ec727266fa26c32c8fde6b4784beefb4d709b69195133411c46de9a1763
f9a29dd6dd06a06aa69b40c68db884e22a1387319b3de58a809bf45a0a8fe9e0

i74686972646d696c6co6f7267z.oszar.com Open in urlscan Pro 172.67.220.76 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

62 Requests

94 %HTTPS

58 %IPv6

10 Domains

21 Subdomains

13 IPs

2 Countries

1598 kBTransfer

3887 kBSize

16 Cookies

30 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

i74686972646d696c6co6f7267z.oszar.com Open in urlscan Pro
172.67.220.76 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

94 %
HTTPS

58 %
IPv6

10
Domains

21
Subdomains

13
IPs

2
Countries

1598 kB
Transfer

3887 kB
Size

16
Cookies

62 HTTP transactions
0 data transactions