Submitted URL: https://themarialeufffoundation.com/#ce
Effective URL: https://www.themarialeufffoundation.com/
Submission Tags: 0xscam
Submission: On March 20 via api from US — Scanned from DE

Summary

This website contacted 12 IPs in 2 countries across 10 domains to perform 99 HTTP transactions. The main IP is 34.149.87.45, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.themarialeufffoundation.com.
TLS certificate: Issued by R3 on January 21st 2024. Valid for: 3 months.
This is the only time www.themarialeufffoundation.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.230.63.186 58182 (WIX_COM)
4 34.149.87.45 396982 (GOOGLE-CL...)
14 107.22.145.71 14618 (AMAZON-AES)
1 2600:9000:205... 16509 (AMAZON-02)
2 2600:9000:215... 16509 (AMAZON-02)
61 2600:9000:215... 16509 (AMAZON-02)
1 167.233.8.77 24940 (HETZNER-AS)
2 12 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a01:4f8:c2c:... 24940 (HETZNER-AS)
1 34.149.206.255 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a01:4f8:1c1f... 24940 (HETZNER-AS)
99 12
Apex Domain
Subdomains
Transfer
63 parastorage.com
siteassets.parastorage.com — Cisco Umbrella Rank: 9096
static.parastorage.com — Cisco Umbrella Rank: 8079
622 KB
14 wix.com
frog.wix.com — Cisco Umbrella Rank: 7611
4 KB
12 ardalio.com
app.ardalio.com — Cisco Umbrella Rank: 135468
27 KB
5 themarialeufffoundation.com
themarialeufffoundation.com
www.themarialeufffoundation.com
218 KB
3 visitor-analytics.io
loadbalancer.visitor-analytics.io — Cisco Umbrella Rank: 62409
visits.visitor-analytics.io — Cisco Umbrella Rank: 58511
4 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 387
10 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 437
4 KB
1 wixapps.net
panorama.wixapps.net — Cisco Umbrella Rank: 8978
663 B
1 va-endpoint.com
statcounter.va-endpoint.com — Cisco Umbrella Rank: 412529
761 B
1 wixstatic.com
static.wixstatic.com — Cisco Umbrella Rank: 7707
5 KB
99 10
Domain Requested by
61 static.parastorage.com www.themarialeufffoundation.com
static.parastorage.com
statcounter.va-endpoint.com
loadbalancer.visitor-analytics.io
app.ardalio.com
14 frog.wix.com www.themarialeufffoundation.com
static.parastorage.com
12 app.ardalio.com 2 redirects static.parastorage.com
app.ardalio.com
4 www.themarialeufffoundation.com www.themarialeufffoundation.com
static.parastorage.com
2 visits.visitor-analytics.io loadbalancer.visitor-analytics.io
2 siteassets.parastorage.com www.themarialeufffoundation.com
1 cdnjs.cloudflare.com loadbalancer.visitor-analytics.io
1 cdn.jsdelivr.net loadbalancer.visitor-analytics.io
1 panorama.wixapps.net static.parastorage.com
1 loadbalancer.visitor-analytics.io static.parastorage.com
1 statcounter.va-endpoint.com static.parastorage.com
1 static.wixstatic.com www.themarialeufffoundation.com
1 themarialeufffoundation.com 1 redirects
99 13

This site contains no links.

Subject Issuer Validity Valid
themarialeufffoundation.com
R3
2024-01-21 -
2024-04-20
3 months crt.sh
*.frog.wix.com
Sectigo RSA Domain Validation Secure Server CA
2024-02-20 -
2024-08-18
6 months crt.sh
*.wixstatic.com
Sectigo RSA Domain Validation Secure Server CA
2024-01-01 -
2024-06-29
6 months crt.sh
*.parastorage.com
Sectigo RSA Domain Validation Secure Server CA
2024-01-11 -
2024-07-09
6 months crt.sh
*.va-endpoint.com
R3
2024-02-18 -
2024-05-18
3 months crt.sh
ardalio.com
GTS CA 1P5
2024-01-24 -
2024-04-23
3 months crt.sh
*.visitor-analytics.io
R3
2024-02-15 -
2024-05-15
3 months crt.sh
*.wixapps.net
Sectigo RSA Domain Validation Secure Server CA
2023-12-22 -
2024-06-19
6 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-02 -
2024-05-01
a year crt.sh

This page contains 7 frames:

Primary Page: https://www.themarialeufffoundation.com/
Frame ID: 0DC34E66FE212C99122685D0ADC117F0
Requests: 67 HTTP requests in this frame

Frame: https://statcounter.va-endpoint.com/widget.html?pageId=ebzd6&compId=comp-kiqu0mu9&viewerCompId=comp-kiqu0mu9&siteRevision=612&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&width=285&height=275&instance=TmSzHVhDLY_ViofBCbcYqLlS-EDoaDNcc1F3MHdU2Dg.eyJpbnN0YW5jZUlkIjoiMjY5NTNlMDAtN2ZmYi00NGYzLTg3MDktOWJkNjZjMTU3YTgyIiwiYXBwRGVmSWQiOiIxM2VlNTNiNC0yMzQzLWI2NDEtYzg0ZC0wNTZkMmU2ZWQyZTYiLCJzaWduRGF0ZSI6IjIwMjQtMDMtMjBUMTI6Mzk6MTkuMzcwWiIsImRlbW9Nb2RlIjpmYWxzZSwiYWlkIjoiYTFjYzQ4NTctN2FjMC00ZDNkLWEzMjAtNDRlMjgyMDI3YTAxIiwic2l0ZU93bmVySWQiOiJiMzAxMGM2Yi03YzUxLTQyZjMtOTI3NS01NjM3MTgzMzBiNGUifQ&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22host%22%3A%22VIEWER%22%2C%22bsi%22%3A%228135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1%22%2C%22BSI%22%3A%228135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1%22%7D&currentRoute=.%2F&vsi=bb5501fd-a9ef-4173-8c16-ef8ba716f600
Frame ID: 7D95A9F7EC589B54145C19E31D0F8997
Requests: 5 HTTP requests in this frame

Frame: https://app.ardalio.com/WixStatsWidget?pageId=ebzd6&compId=comp-kirnxogj&viewerCompId=comp-kirnxogj&siteRevision=612&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&width=169&height=58&instance=RJrxpMBRBm6zJu35YEtmJhSnemspwHUUXldRp2MQrmU.eyJpbnN0YW5jZUlkIjoiYzNhMTBiZjEtYTRjOC00M2E0LThmNWQtMWRmMzdlMmU1MzM1IiwiYXBwRGVmSWQiOiIxMmNhMmZkNi1hNGM5LWI5MWYtYWU2Yy05NDg2OGIyYThmMWMiLCJzaWduRGF0ZSI6IjIwMjQtMDMtMjBUMTI6Mzk6MTkuMzcwWiIsImRlbW9Nb2RlIjpmYWxzZSwiYWlkIjoiYTFjYzQ4NTctN2FjMC00ZDNkLWEzMjAtNDRlMjgyMDI3YTAxIiwic2l0ZU93bmVySWQiOiJiMzAxMGM2Yi03YzUxLTQyZjMtOTI3NS01NjM3MTgzMzBiNGUifQ&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22host%22%3A%22VIEWER%22%2C%22bsi%22%3A%228135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1%22%2C%22BSI%22%3A%228135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1%22%7D&currentRoute=.%2F&vsi=bb5501fd-a9ef-4173-8c16-ef8ba716f600
Frame ID: 6035DF44C7E9F6E1E8969631F36ABD7B
Requests: 7 HTTP requests in this frame

Frame: https://loadbalancer.visitor-analytics.io/worker?pageId=masterPage&compId=tpaWorker_36&viewerCompId=tpaWorker_36&siteRevision=612&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&endpointType=worker&instance=TmSzHVhDLY_ViofBCbcYqLlS-EDoaDNcc1F3MHdU2Dg.eyJpbnN0YW5jZUlkIjoiMjY5NTNlMDAtN2ZmYi00NGYzLTg3MDktOWJkNjZjMTU3YTgyIiwiYXBwRGVmSWQiOiIxM2VlNTNiNC0yMzQzLWI2NDEtYzg0ZC0wNTZkMmU2ZWQyZTYiLCJzaWduRGF0ZSI6IjIwMjQtMDMtMjBUMTI6Mzk6MTkuMzcwWiIsImRlbW9Nb2RlIjpmYWxzZSwiYWlkIjoiYTFjYzQ4NTctN2FjMC00ZDNkLWEzMjAtNDRlMjgyMDI3YTAxIiwic2l0ZU93bmVySWQiOiJiMzAxMGM2Yi03YzUxLTQyZjMtOTI3NS01NjM3MTgzMzBiNGUifQ&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22host%22%3A%22VIEWER%22%2C%22bsi%22%3A%228135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1%22%2C%22BSI%22%3A%228135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1%22%7D&currentRoute=.%2F&vsi=bb5501fd-a9ef-4173-8c16-ef8ba716f600
Frame ID: D239EA30F73FF3B6D22E1B08DCBCD192
Requests: 9 HTTP requests in this frame

Frame: https://app.ardalio.com/WixStatsWorker?pageId=masterPage&compId=tpaWorker_37&viewerCompId=tpaWorker_37&siteRevision=612&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&endpointType=worker&instance=RJrxpMBRBm6zJu35YEtmJhSnemspwHUUXldRp2MQrmU.eyJpbnN0YW5jZUlkIjoiYzNhMTBiZjEtYTRjOC00M2E0LThmNWQtMWRmMzdlMmU1MzM1IiwiYXBwRGVmSWQiOiIxMmNhMmZkNi1hNGM5LWI5MWYtYWU2Yy05NDg2OGIyYThmMWMiLCJzaWduRGF0ZSI6IjIwMjQtMDMtMjBUMTI6Mzk6MTkuMzcwWiIsImRlbW9Nb2RlIjpmYWxzZSwiYWlkIjoiYTFjYzQ4NTctN2FjMC00ZDNkLWEzMjAtNDRlMjgyMDI3YTAxIiwic2l0ZU93bmVySWQiOiJiMzAxMGM2Yi03YzUxLTQyZjMtOTI3NS01NjM3MTgzMzBiNGUifQ&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22host%22%3A%22VIEWER%22%2C%22bsi%22%3A%228135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1%22%2C%22BSI%22%3A%228135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1%22%7D&currentRoute=.%2F&vsi=bb5501fd-a9ef-4173-8c16-ef8ba716f600
Frame ID: 4087F6FA3C4527A7BECD3F67C22EB02D
Requests: 7 HTTP requests in this frame

Frame: https://app.ardalio.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js
Frame ID: 93CF3AC66E9B78016A096B5231220633
Requests: 2 HTTP requests in this frame

Frame: https://app.ardalio.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js
Frame ID: 5873E061AB949919106681F5FD47BF52
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

THE MARIA LEUFF FOUNDATION

Page URL History Show full URLs

  1. https://themarialeufffoundation.com/ HTTP 301
    https://www.themarialeufffoundation.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.parastorage\.com

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • fingerprint(\d)?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • lodash.*\.js

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

99
Requests

98 %
HTTPS

62 %
IPv6

10
Domains

13
Subdomains

12
IPs

2
Countries

893 kB
Transfer

3226 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://themarialeufffoundation.com/ HTTP 301
    https://www.themarialeufffoundation.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79
  • https://app.ardalio.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://app.ardalio.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js
Request Chain 83
  • https://app.ardalio.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://app.ardalio.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js

99 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.themarialeufffoundation.com/
Redirect Chain
  • https://themarialeufffoundation.com/
  • https://www.themarialeufffoundation.com/
286 KB
70 KB
Document
General
Full URL
https://www.themarialeufffoundation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.87.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
45.87.149.34.bc.googleusercontent.com
Software
Pepyaka /
Resource Hash
acc46501ac7d558c00d924dc9bab9731acb0dfa24e64f24094356815d08722e7
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
6172
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=0,must-revalidate
content-encoding
br
content-language
en
content-type
text/html; charset=UTF-8
date
Wed, 20 Mar 2024 12:39:19 GMT
etag
W/"7df84e9aa1a590bd31487015f475e964"
glb-x-seen-by
bS8wRlGzu0Hc+WrYuHB8QIg44yfcdCMJRkBoQ1h6Vjc=
link
<https://static.parastorage.com/>; rel=preconnect; crossorigin;,<https://static.parastorage.com/>; rel=preconnect;,<https://static.wixstatic.com/>; rel=preconnect; crossorigin;,<https://static.wixstatic.com/>; rel=preconnect;,<https://siteassets.parastorage.com>; rel=preconnect; crossorigin;,
server
Pepyaka
server-timing
cache;desc=hit, varnish;desc=hit_miss, dc;desc=fastly_84_g
strict-transport-security
max-age=3600
vary
Accept-Encoding
via
1.1 google
x-cache
MISS
x-content-type-options
nosniff
x-seen-by
yvSunuo/8ld62ehjr5B7kA==,W1c2/pqHBqplxcWufHCkILxkNjrXdwdgtu6E0yACibU=,m0j2EEknGIVUW/liY8BLLm+RUUxFrhyTYE58WvxHjkmdv/c7uH0ky0wFkt5EFvml,2d58ifebGbosy5xc+FRalodcjzzepspFVZP9Hl537JPpvTAVtlspauIzbFYYfG2mqZ3h03BY9YeTnROrmiT+IQ==,2UNV7KOq4oGjA5+PKsX47H8fcDDTK1h4pebfMCDOGYS8ZDY613cHYLbuhNMgAom1
x-served-by
cache-fra-etou8220065-FRA
x-wix-request-id
1710938359.26116800875363416095

Redirect headers

age
67
cache-control
no-cache
content-length
0
date
Wed, 20 Mar 2024 12:39:19 GMT
location
https://www.themarialeufffoundation.com/
server
Pepyaka/1.19.10
server-timing
cache;desc=hit, varnish;desc=hit, dc;desc=84
strict-transport-security
max-age=3600
x-content-type-options
nosniff
x-seen-by
wmgbEcS9zOENaefw7bU4YW8SH3gLjNZZjVt64yZ/SqY=,REmTqJKTo7BM/eF7JdTbUrxkNjrXdwdgtu6E0yACibU=,m0j2EEknGIVUW/liY8BLLrPqYKkRtIYY8UbngCHp0RnJftmKrOReD3ukbbas4YDo,2d58ifebGbosy5xc+FRaluhZDIN/bE73pz/MHiDhg/orDwTaAORs1k0oiy3d5k3Ye/tljFt3//XqvU97cd38Cw==,2UNV7KOq4oGjA5+PKsX47H8fcDDTK1h4pebfMCDOGYS8ZDY613cHYLbuhNMgAom1
x-wix-request-id
1710938359.0991684687722131105
bolt-performance
frog.wix.com/
0
264 B
Ping
General
Full URL
https://frog.wix.com/bolt-performance?src=72&evid=21&appName=thunderbolt&is_rollout=0&is_sav_rollout=0&is_dac_rollout=0&dc=84&microPop=fastly_84_g&is_cached=true&msid=e46a0cb6-e7fa-4131-81b4-94bdc8636288&session_id=bb7de689-e7c6-42ac-b949-5089c70a05ad&ish=true&isb=true&isbr=plugins-extra&vsi=bb5501fd-a9ef-4173-8c16-ef8ba716f600&caching=hit,hit_miss&pv=visible&pn=1&v=1.13753.0&url=https%3A%2F%2Fwww.themarialeufffoundation.com%2F&st=2&ts=1&tsn=365&platformOnSite=true
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.22.145.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-145-71.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarialeufffoundation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin
https://www.themarialeufffoundation.com
date
Wed, 20 Mar 2024 12:39:19 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST
dynamicmodel
www.themarialeufffoundation.com/_api/v2/
20 KB
8 KB
Fetch
General
Full URL
https://www.themarialeufffoundation.com/_api/v2/dynamicmodel
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.87.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
45.87.149.34.bc.googleusercontent.com
Software
Pepyaka /
Resource Hash
348ea4a55e560fe9912b907f59e7046474c125003da22f0bf5a52f3d8e49a34c
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarialeufffoundation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=3600
content-encoding
br
x-content-type-options
nosniff
date
Wed, 20 Mar 2024 12:39:19 GMT
via
1.1 google
age
577
x-cache
MISS
server-timing
cache;desc=hit, varnish;desc=hit_miss, dc;desc=fastly_84_g
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by
cache-fra-etou8220105-FRA
x-wix-request-id
1710938359.35916849861935029126
glb-x-seen-by
bS8wRlGzu0Hc+WrYuHB8QIg44yfcdCMJRkBoQ1h6Vjc=
server
Pepyaka
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private,no-cache,no-store
accept-ranges
bytes
x-seen-by
yvSunuo/8ld62ehjr5B7kA==,yI4PPEXc3bvXNWfpzSkUarxkNjrXdwdgtu6E0yACibU=,m0j2EEknGIVUW/liY8BLLn3T7+WtWeNwumXaa7IOwWDJftmKrOReD3ukbbas4YDo,2d58ifebGbosy5xc+FRalptT85QHmCt5piB5akQIqmJxEkKu+4EudB5tjQ56S//J4W0P8ixNzde6MLEIad4fkA==,2UNV7KOq4oGjA5+PKsX47LYxvJTCU1Md55lAkjhWLGNYgeUJqUXtid+86vZww+nL
THE%20MARIA%20LEUFF%20FOUNDATION%20JOSEPH%20BEUYS%20.jpg
static.wixstatic.com/media/b3010c_b1c2db9f02544666af2ecb0ca0bca3d4~mv2.jpg/v1/fill/w_478,h_320,al_c,q_80,usm_0.66_1.00_0.01,enc_auto/
4 KB
5 KB
Image
General
Full URL
https://static.wixstatic.com/media/b3010c_b1c2db9f02544666af2ecb0ca0bca3d4~mv2.jpg/v1/fill/w_478,h_320,al_c,q_80,usm_0.66_1.00_0.01,enc_auto/THE%20MARIA%20LEUFF%20FOUNDATION%20JOSEPH%20BEUYS%20.jpg
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:2a00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
2cb1ae053af8e01c12f0cc646803f590b7f615ea2fc4e034229ae511ab93965b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarialeufffoundation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-seen-by
image-manipulator-65b8785648-sqbxw
date
Wed, 20 Mar 2024 12:39:19 GMT
via
1.1 google, 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
server
openresty/1.21.4.1
x-amz-cf-pop
FRA6-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
_xXU3xpvi1uV3QY_UrH6P5Uy1VB9f9eUnsznghSaFIN-QveNAsXMwA==
content-length
4364
wix-tracer
2dx8RP4MSuyZ1PyBUdjQJh0s7Fg
thunderbolt
siteassets.parastorage.com/pages/pages/
89 KB
16 KB
Other
General
Full URL
https://siteassets.parastorage.com/pages/pages/thunderbolt?appDefinitionIdToSiteRevision=%7B%2214271d6f-ba62-d045-549b-ab972ae1f70e%22%3A%2225%22%7D&beckyExperiments=specs.thunderbolt.compCssMappers_catharsis%3Atrue%2Cspecs.thunderbolt.supportSpxInEEMappers%3Atrue%2Cspecs.thunderbolt.one_cell_grid_display_flex%3Atrue%2Cspecs.thunderbolt.MediaContainerAndPageBackgroundMapper%3Atrue%2Cspecs.thunderbolt.root_components_carmi%3Atrue%2Cspecs.thunderbolt.edixIsInFirstFold%3Atrue%2Cspecs.thunderbolt.proGalleryMasterInfo%3Atrue%2Cspecs.thunderbolt.app_reflow_with_lightboxes%3Atrue%2Cspecs.thunderbolt.DatePickerPortal%3Atrue%2Cspecs.thunderbolt.mlUtilsImport%3Atrue%2Cspecs.thunderbolt.useRefDisplayCssVar%3Atrue%2Cspecs.thunderbolt.facebookVideoPlayerDimensions%3Atrue%2Cspecs.thunderbolt.useElementoryRelativePath%3Atrue%2Cspecs.thunderbolt.enableTriggersOnDynamicMount%3Atrue%2Cspecs.thunderbolt.mesh_css_catharsis%3Atrue%2Cspecs.thunderbolt.DDMenuMigrateCssCarmiMapper%3Atrue%2Cspecs.thunderbolt.fiveGridLineStudioSkins%3Atrue%2Cspecs.thunderbolt.catharsis_fontFaces%3Atrue%2Cspecs.thunderbolt.accordionHeightAuto%3Atrue%2Cspecs.thunderbolt.fetch_widget_iteratively%3Atrue&contentType=application%2Fjson&deviceType=Desktop&dfCk=6&dfVersion=1.3125.0&disableStaticPagesUrlHierarchy=false&editorName=Unknown&experiments=bv_remove_add_chat_viewer_fixer%2Cdm_fixVectorImageModesOverridesProperties%2Cdm_migrateResponsiveSectionStyleItemToDesign%2Cdm_removePageDataUnderTranslations&externalBaseUrl=https%3A%2F%2Fwww.themarialeufffoundation.com&fileId=733f0039.bundle.min&formFactor=desktop&hasTPAWorkerOnSite=true&isHttps=true&isInSeo=false&isMultilingualEnabled=false&isPremiumDomain=true&isTrackClicksAnalyticsEnabled=false&isUrlMigrated=true&isWixCodeOnPage=false&isWixCodeOnSite=false&language=en&languageResolutionMethod=QueryParam&metaSiteId=e46a0cb6-e7fa-4131-81b4-94bdc8636288&module=thunderbolt-features&originalLanguage=en&pageId=b3010c_a305c75c27f6379e1f9e9b125f9a4c86_612.json&quickActionsMenuEnabled=false&registryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22wixui%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.11888.0%22%7D%2C%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22dsgnsys%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.11888.0%22%7D%5D&remoteWidgetStructureBuilderVersion=1.238.0&siteId=6780e8c6-e799-476f-a0ed-7415f331e9fa&siteRevision=612&staticHTMLComponentUrl=https%3A%2F%2Fwww-themarialeufffoundation-com.filesusr.com%2F&useSandboxInHTMLComp=false&viewMode=desktop
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4000:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.21.6 /
Resource Hash
cd26ff045f5eb6f03115c5aeead286f8c805b3dbdf076d8c03432cf7239726a6

Request headers

Referer
https://www.themarialeufffoundation.com/
Origin
https://www.themarialeufffoundation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 12:39:19 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
x-cluster-self-is-next
false
x-cluster-node-role
proxy
alt-svc
h3=":443"; ma=86400
content-length
15272
x-wix-request-id
1710938359.4541363189882601232212
server
Pepyaka/1.21.6
etag
W/"16534-EDQHTUYnLdSZHQ/TBCuRWTmQMDQ"
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
179268329 89237350, 752362322
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
age,via,x-cache-status,X-cache-status
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*,x-wix-client-artifact-id
x-amz-cf-id
e7cSyrhw1E7AF38bsWbeQidvuhCo6lsKrszcsgSIAvHlwxsnTudC8g==
x-seen-by
2iuX5LYwvZa9CoGaG8ZUZjb5j8fWnvnycWNmjdvR374RQdxc2YkTyvjbAKeo4Sr7,ZUT6NeJ/NsDmQ9DMGnwT1IZznndW0TCF2d09XsbxCxuuv7tdY1PkD7bjlEKmgszI
thunderbolt
siteassets.parastorage.com/pages/pages/
8 KB
4 KB
Other
General
Full URL
https://siteassets.parastorage.com/pages/pages/thunderbolt?appDefinitionIdToSiteRevision=%7B%2214271d6f-ba62-d045-549b-ab972ae1f70e%22%3A%2225%22%7D&beckyExperiments=specs.thunderbolt.compCssMappers_catharsis%3Atrue%2Cspecs.thunderbolt.supportSpxInEEMappers%3Atrue%2Cspecs.thunderbolt.one_cell_grid_display_flex%3Atrue%2Cspecs.thunderbolt.MediaContainerAndPageBackgroundMapper%3Atrue%2Cspecs.thunderbolt.root_components_carmi%3Atrue%2Cspecs.thunderbolt.edixIsInFirstFold%3Atrue%2Cspecs.thunderbolt.proGalleryMasterInfo%3Atrue%2Cspecs.thunderbolt.app_reflow_with_lightboxes%3Atrue%2Cspecs.thunderbolt.DatePickerPortal%3Atrue%2Cspecs.thunderbolt.mlUtilsImport%3Atrue%2Cspecs.thunderbolt.useRefDisplayCssVar%3Atrue%2Cspecs.thunderbolt.facebookVideoPlayerDimensions%3Atrue%2Cspecs.thunderbolt.useElementoryRelativePath%3Atrue%2Cspecs.thunderbolt.enableTriggersOnDynamicMount%3Atrue%2Cspecs.thunderbolt.mesh_css_catharsis%3Atrue%2Cspecs.thunderbolt.DDMenuMigrateCssCarmiMapper%3Atrue%2Cspecs.thunderbolt.fiveGridLineStudioSkins%3Atrue%2Cspecs.thunderbolt.catharsis_fontFaces%3Atrue%2Cspecs.thunderbolt.accordionHeightAuto%3Atrue%2Cspecs.thunderbolt.fetch_widget_iteratively%3Atrue&contentType=application%2Fjson&deviceType=Desktop&dfCk=6&dfVersion=1.3125.0&disableStaticPagesUrlHierarchy=false&editorName=Unknown&experiments=bv_remove_add_chat_viewer_fixer%2Cdm_fixVectorImageModesOverridesProperties%2Cdm_migrateResponsiveSectionStyleItemToDesign%2Cdm_removePageDataUnderTranslations&externalBaseUrl=https%3A%2F%2Fwww.themarialeufffoundation.com&fileId=733f0039.bundle.min&formFactor=desktop&hasTPAWorkerOnSite=true&isHttps=true&isInSeo=false&isMultilingualEnabled=false&isPremiumDomain=true&isTrackClicksAnalyticsEnabled=false&isUrlMigrated=true&isWixCodeOnPage=false&isWixCodeOnSite=false&language=en&languageResolutionMethod=QueryParam&metaSiteId=e46a0cb6-e7fa-4131-81b4-94bdc8636288&module=thunderbolt-features&originalLanguage=en&pageId=b3010c_5d94bdb1a91242b9ea5ab9e0f19aa7bf_612.json&quickActionsMenuEnabled=false&registryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22wixui%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.11888.0%22%7D%2C%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22dsgnsys%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.11888.0%22%7D%5D&remoteWidgetStructureBuilderVersion=1.238.0&siteId=6780e8c6-e799-476f-a0ed-7415f331e9fa&siteRevision=612&staticHTMLComponentUrl=https%3A%2F%2Fwww-themarialeufffoundation-com.filesusr.com%2F&useSandboxInHTMLComp=false&viewMode=desktop
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4000:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.21.6 /
Resource Hash
a2fc5e3b742533fddd94d3e1b1f7a813561299440a628bbd3cce0326f48dba50

Request headers

Referer
https://www.themarialeufffoundation.com/
Origin
https://www.themarialeufffoundation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 12:39:19 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
x-cluster-self-is-next
false
x-cluster-node-role
proxy
alt-svc
h3=":443"; ma=86400
content-length
2655
x-wix-request-id
1710938359.453194871160651286009
server
Pepyaka/1.21.6
etag
W/"1f78-LmapdlbP8zzLDZTDuElJJZLEpBs"
access-control-allow-methods
GET, OPTIONS, POST
x-varnish
748504586 146422394, 740671170
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
age,via,x-cache-status,X-cache-status
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*,x-wix-client-artifact-id
x-amz-cf-id
AnSCzrOR7Udufo1N2dWPygRWktF2GXmUm61MIGjs93m2mse-nwYpXA==
x-seen-by
2iuX5LYwvZa9CoGaG8ZUZjb5j8fWnvnycWNmjdvR377ed0Z7HXP+lx6kZRodDkOH,ZUT6NeJ/NsDmQ9DMGnwT1IZznndW0TCF2d09XsbxCxvjGtI0uXX56slJq/a7KOoh
thunderbolt-commons.94cf14eb.bundle.min.js
static.parastorage.com/services/wix-thunderbolt/dist/
86 KB
27 KB
Script
General
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/thunderbolt-commons.94cf14eb.bundle.min.js
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.21.6 /
Resource Hash
511fff3b7473322e34b5dcd60d6248ed20172a86ee10d2cd642c88c191f2cea3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarialeufffoundation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 20:52:19 GMT
x-amz-version-id
fz0aLAuq3PrJNVgo_0HqR85PJzIBOjLC
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
316020
x-amz-server-side-encryption
AES256
x-cache-status
MISS
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
26171
x-wix-request-id
1710622339.125156600197911265632
last-modified
Sat, 16 Mar 2024 20:51:07 GMT
server
Pepyaka/1.21.6
etag
W/"cf64fc6c4d7fb5c5f498fc6d3cb0d1b9"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
1031979844
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
Hg8BxOcQRP7vpbPIbjbArwEFOhSEVKlhs-YEbuf9_nbq5PETBVFomQ==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgzV1/Iq9lbjXhgOeY1i+yl,aVxMblM8KFG3we5NLvyVc5bNbUTaEduvk0/hVNiwmC0eGdLDLXwpLd0CTVHPbfOd,2iuX5LYwvZa9CoGaG8ZUZsMbFSTOpUHonIrLzl1g5Xwf+oimh4ISoPVCG4VJp1EK
main.89e8f6cc.bundle.min.js
static.parastorage.com/services/wix-thunderbolt/dist/
197 KB
54 KB
Script
General
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/main.89e8f6cc.bundle.min.js
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.21.6 /
Resource Hash
f72f35ae9bb8d45449f519794d2dcc65a497cad21f14bc9bd9888df5aab4e540

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarialeufffoundation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 06:38:47 GMT
x-amz-version-id
8bxdRJ16NfVGM7gdPLsL53uD.mPvZRc8
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
194432
x-amz-server-side-encryption
AES256
x-cache-status
MISS
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
54267
x-wix-request-id
1710743927.291173612798111286006
last-modified
Sun, 17 Mar 2024 21:34:54 GMT
server
Pepyaka/1.21.6
etag
W/"d3c05cea8f41d05c666eb20706f1fc4e"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
2453244
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
SQI8jb0NQyRq61_sNynIwrEoEw5oUmf5CH3NwQzsrsjJWg7ATMv6_Q==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjMkS/rKz4Fn5ceohZ05hBF,aVxMblM8KFG3we5NLvyVc5bNbUTaEduvk0/hVNiwmC0eGdLDLXwpLd0CTVHPbfOd,2iuX5LYwvZa9CoGaG8ZUZsMbFSTOpUHonIrLzl1g5Xwf+oimh4ISoPVCG4VJp1EK
main.renderer.1d21f023.bundle.min.js
static.parastorage.com/services/wix-thunderbolt/dist/
166 B
1 KB
Script
General
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/main.renderer.1d21f023.bundle.min.js
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.21.6 /
Resource Hash
226680fb3c87df3d0b412f199089f4022314de5b6809ad148b460340b8bb70b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarialeufffoundation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 06:25:46 GMT
x-amz-version-id
iZNRJFF_sskB.VDOAAccpEU09Q7UspqQ
via
1.1 varnish (Varnish/6.0), 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
774032
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
166
x-wix-request-id
1710224746.765121771010621286002
last-modified
Mon, 11 Mar 2024 13:33:01 GMT
server
Pepyaka/1.21.6
etag
"7276034de396f62e15b7cc118d61c360"
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
420139392 343678105
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
2EGNxvKmY7Tco_1Yr8hheqfyt4BH-YwgWHI7_dXmnnqBDNinP_4BmA==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjMkS/rKz4Fn5ceohZ05hBF,aVxMblM8KFG3we5NLvyVc9FChXWD6QlpPTqglWyseEIeGdLDLXwpLd0CTVHPbfOd
lodash.min.js
static.parastorage.com/unpkg/lodash@4.17.21/
71 KB
26 KB
Script
General
Full URL
https://static.parastorage.com/unpkg/lodash@4.17.21/lodash.min.js
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
a9705dfc47c0763380d851ab1801be6f76019f6b67e40e9b873f8b4a0603f7a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarialeufffoundation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:50:50 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
6549605
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
25896
x-wix-request-id
1704419450.856367217837128666
last-modified
Mon, 01 Jan 2024 01:43:10 GMT
server
Pepyaka/1.19.10
etag
W/"9becc40fb1d85d21d0ca38e2f7069511"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
970592091 909940294
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
Uz56LCryiV95trk8Fkg_-E-MlmdompBIb4fuLs6UB8nuS6MrFPrdpw==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVczstYlvPrh50362MXOa5oWweGdLDLXwpLd0CTVHPbfOd
react.production.min.js
static.parastorage.com/unpkg/react@18.2.0/umd/
10 KB
5 KB
Script
General
Full URL
https://static.parastorage.com/unpkg/react@18.2.0/umd/react.production.min.js
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
4b4969fa4ef3594324da2c6d78ce8766fbbc2fd121fff395aedf997db0a99a06

Request headers

Referer
https://www.themarialeufffoundation.com/
Origin
https://www.themarialeufffoundation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:06:18 GMT
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
1528381
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
4111
x-wix-request-id
1701633978.29235531146032716242
last-modified
Sat, 14 Oct 2023 15:24:43 GMT
server
Pepyaka/1.19.10
etag
W/"d86dcdbfed4c273c4742744941259902"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
998360900 999036568
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
eA1u9F_TFdTyU8uEIGh5yugD_I-gzhpqbUtn7qfQjoyJqetGZB02dA==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciuywJq1k3i9boDUht6MLw5,aVxMblM8KFG3we5NLvyVc7BqDNFHAXxDhnSr3nbzCBC8ZDY613cHYLbuhNMgAom1
react-dom.production.min.js
static.parastorage.com/unpkg/react-dom@18.2.0/umd/
129 KB
41 KB
Script
General
Full URL
https://static.parastorage.com/unpkg/react-dom@18.2.0/umd/react-dom.production.min.js
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
21758ed084cd0e37e735722ee4f3957ea960628a29dfa6c3ce1a1d47a2d6e4f7

Request headers

Referer
https://www.themarialeufffoundation.com/
Origin
https://www.themarialeufffoundation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 20:45:42 GMT
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
6278017
x-amz-server-side-encryption
AES256
x-cache-status
MISS
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
40789
x-wix-request-id
1704660341.881603250751517355
last-modified
Fri, 05 Jan 2024 20:23:54 GMT
server
Pepyaka/1.19.10
etag
W/"64141792105ea4861f9f33294d65ab81"
access-control-max-age
3000
access-control-allow-methods
GET, GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
372096242
cache-control
public, max-age=7776000, immutable
vary
Accept-Encoding
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
Cddbah_dyXd_xv15ymtqvaox-eBICKdya8YtsqaDJmwUj4dTBHqzTw==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciIhzGxulME7YKteYTeCw6C,aVxMblM8KFG3we5NLvyVc7BqDNFHAXxDhnSr3nbzCBC8ZDY613cHYLbuhNMgAom1,2iuX5LYwvZa9CoGaG8ZUZu5XlfJc81bg/9yqD5g4dYQFjVKS1KW45pDD7kwcelUf
bt
frog.wix.com/
0
264 B
Ping
General
Full URL
https://frog.wix.com/bt?src=29&evid=3&viewer_name=thunderbolt&caching=hit,hit_miss&dc=84&microPop=fastly_84_g&et=1&event_name=Init&is_cached=true&is_platform_loaded=0&is_rollout=0&ism=1&isp=0&isjp=true&iss=1&ita=1&msid=e46a0cb6-e7fa-4131-81b4-94bdc8636288&pn=1&sessionId=bb7de689-e7c6-42ac-b949-5089c70a05ad&siterev=612-__siteCacheRevision__&st=2&ts=23&tts=387&url=https%3A%2F%2Fwww.themarialeufffoundation.com%2F&v=1.13753.0&vsi=bb5501fd-a9ef-4173-8c16-ef8ba716f600&_brandId=wix
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.22.145.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-145-71.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarialeufffoundation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin
https://www.themarialeufffoundation.com
date
Wed, 20 Mar 2024 12:39:19 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST
bt
frog.wix.com/
0
265 B
Ping
General
Full URL
https://frog.wix.com/bt?src=29&evid=3&viewer_name=thunderbolt&caching=hit,hit_miss&dc=84&microPop=fastly_84_g&et=12&event_name=Partially%20visible&is_cached=true&is_platform_loaded=0&is_rollout=0&ism=1&isp=0&isjp=true&iss=1&ita=1&msid=e46a0cb6-e7fa-4131-81b4-94bdc8636288&pn=1&sessionId=bb7de689-e7c6-42ac-b949-5089c70a05ad&siterev=612-__siteCacheRevision__&st=2&ts=24&tts=387&url=https%3A%2F%2Fwww.themarialeufffoundation.com%2F&v=1.13753.0&vsi=bb5501fd-a9ef-4173-8c16-ef8ba716f600&_brandId=wix
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.22.145.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-145-71.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarialeufffoundation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin
https://www.themarialeufffoundation.com
date
Wed, 20 Mar 2024 12:39:19 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST
bolt-performance
frog.wix.com/
0
264 B
Ping
General
Full URL
https://frog.wix.com/bolt-performance?src=72&evid=28&appName=thunderbolt&is_rollout=0&is_sav_rollout=0&is_dac_rollout=0&dc=84&microPop=fastly_84_g&is_cached=true&msid=e46a0cb6-e7fa-4131-81b4-94bdc8636288&session_id=bb7de689-e7c6-42ac-b949-5089c70a05ad&ish=true&isb=true&isbr=plugins-extra&vsi=bb5501fd-a9ef-4173-8c16-ef8ba716f600&caching=hit,hit_miss&pv=visible&pn=1&v=1.13753.0&url=https%3A%2F%2Fwww.themarialeufffoundation.com%2F&st=2&ts=1&tsn=365&name=partially_visible&duration=1710938359349&pageId=ebzd6&isSuccessfulSSR=true
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.22.145.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-145-71.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarialeufffoundation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin
https://www.themarialeufffoundation.com
date
Wed, 20 Mar 2024 12:39:19 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST
siteTags.bundle.min.js
static.parastorage.com/services/tag-manager-client/1.827.0/
7 KB
4 KB
Script
General
Full URL
https://static.parastorage.com/services/tag-manager-client/1.827.0/siteTags.bundle.min.js
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
86e9b3587c8419756abe19dac3aa42a054d28b11f56d27912acfb2053781df82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarialeufffoundation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 13:02:17 GMT
x-amz-version-id
x8S3djfKGKU12oNJLLPX_mInfKaFhg6j
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
2936222
x-amz-server-side-encryption
AES256
x-cache-status
MISS
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
3069
x-wix-request-id
1708002137.0053359453870310171
last-modified
Wed, 14 Feb 2024 15:52:53 GMT
server
Pepyaka/1.19.10
etag
W/"a76f370ea20b812382ebe915671e3e24"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
749203649
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
xwmwenEG7J8a26djjBUeQbV9QOHA0A5pDfipPRe0RjPGpfArbcP2Tg==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVczstYlvPrh50362MXOa5oWweGdLDLXwpLd0CTVHPbfOd,2iuX5LYwvZa9CoGaG8ZUZgqsM72LknxyIGq7MjJjVJO4yutzfb5CZU2reQDuc3NW
wix-perf-measure.umd.min.js
static.parastorage.com/services/wix-perf-measure/1.1095.0/
30 KB
12 KB
Script
General
Full URL
https://static.parastorage.com/services/wix-perf-measure/1.1095.0/wix-perf-measure.umd.min.js
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
d0e6054d7b47b8de059e88c419a16a3e745e038b05b75af9d57c2e8593bd1d78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarialeufffoundation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
d_65nj5pIwn6CoD0aRGfXMjjwX8shxmq
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
date
Tue, 19 Mar 2024 13:13:29 GMT
x-amz-cf-pop
FRA50-C1
age
187531
x-amz-server-side-encryption
AES256
x-cache-status
MISS
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
11261
x-wix-request-id
1703078008.7625234391129313845
last-modified
Mon, 02 Oct 2023 07:39:57 GMT
server
Pepyaka/1.19.10
etag
W/"5e646fa090a760653cfa56c727bb5a13"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
764188473
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
9phIrsju05k32Xcdo0EmTyq7edmcgbKUG5uITEUfNsjmmVk7pc4WDw==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciuywJq1k3i9boDUht6MLw5,aVxMblM8KFG3we5NLvyVc3FBmG3gpsA2kw8lNlv7wMa8ZDY613cHYLbuhNMgAom1,2iuX5LYwvZa9CoGaG8ZUZomYmPgSwc4aU7J40H7VRoqpqfu2ZNPNSvVQHTOqAtVI
clientWorker.80886cee.bundle.min.js
www.themarialeufffoundation.com/_partials/wix-thunderbolt/dist/
496 KB
139 KB
Other
General
Full URL
https://www.themarialeufffoundation.com/_partials/wix-thunderbolt/dist/clientWorker.80886cee.bundle.min.js
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.87.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
45.87.149.34.bc.googleusercontent.com
Software
Pepyaka /
Resource Hash
7fa756930dd54e07205fec5b9ccee88e3c98fc5954a01e3746f4d5d2d678ccf9
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarialeufffoundation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
36uUHGgjsZEXEtiy84XDMRLe13n5FwFI
content-encoding
br
x-content-type-options
nosniff
date
Wed, 20 Mar 2024 12:39:19 GMT
via
1.1 google
strict-transport-security
max-age=300
age
176858
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
REPLICA
server-timing
cache;desc=hit, varnish;desc=hit_hit, dc;desc=fastly_g
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141865
x-served-by
cache-fra-etou8220086-FRA
x-wix-request-id
1710938359.373849017099184590
last-modified
Mon, 18 Mar 2024 11:27:30 GMT
server
Pepyaka
glb-x-seen-by
bS8wRlGzu0Hc+WrYuHB8QIg44yfcdCMJRkBoQ1h6Vjc=
etag
W/"5d78dfebfd15beb5eb50fc134c41b01e"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
yvSunuo/8ld62ehjr5B7kA==
thunderbolt-components-registry.e1099503.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/
65 KB
22 KB
Script
General
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/thunderbolt-components-registry.e1099503.chunk.min.js
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.21.6 /
Resource Hash
2c7e13472bc9fbc04647d4abfaccbac54065ff2a9409dc6a043dbb89396f72ec

Request headers

Referer
https://www.themarialeufffoundation.com/
Origin
https://www.themarialeufffoundation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 06:20:12 GMT
x-amz-version-id
EGb7ttyM4DaRlwsLn6aXUxHvrEoWRZEX
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
713947
x-amz-server-side-encryption
AES256
x-cache-status
MISS
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
21190
x-wix-request-id
1710224412.24863804798521232207
last-modified
Tue, 12 Mar 2024 05:53:52 GMT
server
Pepyaka/1.21.6
etag
W/"5cf40b65f3120296b0e55eafe35a590a"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
900269270
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
9_hNB1GSBiI1xbAkjyvP8GGh1qmf3L6B-347YqWqBR_Iel_WuPrv3Q==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgnqsbGv+9JOcjxAgFkOQdj,aVxMblM8KFG3we5NLvyVc7tnpyQ/1ThW8d6OVxL3lam8ZDY613cHYLbuhNMgAom1,2iuX5LYwvZa9CoGaG8ZUZsMbFSTOpUHonIrLzl1g5Xyr8R+/hZURmNj/t5XZRPjV
group_2.26df1148.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/
28 KB
10 KB
Script
General
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_2.26df1148.chunk.min.js
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.21.6 /
Resource Hash
3a202a160846a0690438970722cd94ae3f65fbda690231b1c3f08ff115654468

Request headers

Referer
https://www.themarialeufffoundation.com/
Origin
https://www.themarialeufffoundation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 14:38:56 GMT
x-amz-version-id
OGIaibu9v_.AKxs15g91dsxdQhByhdn8
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
165623
x-amz-server-side-encryption
AES256
x-cache-status
MISS
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
9298
x-wix-request-id
1710772736.448177439460931286009
last-modified
Mon, 18 Mar 2024 14:38:34 GMT
server
Pepyaka/1.21.6
etag
W/"20b0b1ea276fff30f89ff16f75c54cd5"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
37605261
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
UesQq_kIgtsuVHt35BsqTWgRNNX8ve0yEAw3Kw1T1PVLIefk5DfHbg==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjMkS/rKz4Fn5ceohZ05hBF,aVxMblM8KFG3we5NLvyVc5bNbUTaEduvk0/hVNiwmC0eGdLDLXwpLd0CTVHPbfOd,2iuX5LYwvZa9CoGaG8ZUZsMbFSTOpUHonIrLzl1g5Xwf+oimh4ISoPVCG4VJp1EK
assetsLoader.fa02c789.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/
4 KB
2 KB
Script
General
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/assetsLoader.fa02c789.chunk.min.js
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
cffd585fcd0c75b1008fe6c9f7c005f1c3ef40ebd630ddc6fc00794b4aa2d911

Request headers

Referer
https://www.themarialeufffoundation.com/
Origin
https://www.themarialeufffoundation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:41:53 GMT
x-amz-version-id
byiYhWpMV5gIHBKVPXmZCcT1aSJDByxE
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
2326743
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
1622
x-wix-request-id
1708616513.607418292655312144
last-modified
Thu, 22 Feb 2024 14:18:05 GMT
server
Pepyaka/1.19.10
etag
W/"ac4988fc42d585a46ff236155b08e465"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
745564385 727589026
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
xC_2eBrLHqvLJhdjx7tqMyoTFnmKwxce4prHCxp1Z0soCpbAdavWsQ==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciIhzGxulME7YKteYTeCw6C,aVxMblM8KFG3we5NLvyVc2240yoD0MlMpM73djr11roeGdLDLXwpLd0CTVHPbfOd
group_3.3f4ac3a2.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/
62 KB
21 KB
Script
General
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_3.3f4ac3a2.chunk.min.js
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.21.6 /
Resource Hash
395308d279f3b5eed27347bbaa7679581e60e8acf30f152799cb0c5139e042e4

Request headers

Referer
https://www.themarialeufffoundation.com/
Origin
https://www.themarialeufffoundation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 06:38:47 GMT
x-amz-version-id
wS.Tyk7bf1EsU8hIIX.f5kyRF3rioFvo
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
194431
x-amz-server-side-encryption
AES256
x-cache-status
MISS
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
20984
x-wix-request-id
1710743927.943115275253011232206
last-modified
Sun, 17 Mar 2024 21:34:54 GMT
server
Pepyaka/1.21.6
etag
W/"77519a0e99f21368bc272704154fde4d"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
935702894
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
sqzmEIP6z66wCM9gm68st0q23Hp3o6tqhDRMFmja9d--zXYrMCl9Vw==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgnqsbGv+9JOcjxAgFkOQdj,aVxMblM8KFG3we5NLvyVc/ez+mKSicOFhmjRkkvIL6EeGdLDLXwpLd0CTVHPbfOd,2iuX5LYwvZa9CoGaG8ZUZomYmPgSwc4aU7J40H7VRoqw+VcyxNhUXA3W6z9zZRqI
componentsLoader.4c3131a5.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/
3 KB
2 KB
Script
General
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/componentsLoader.4c3131a5.chunk.min.js
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.21.6 /
Resource Hash
a748fc128e728ddf6980100bec1a3dcfb8ac299417baa3ddc2703a977d9afaec

Request headers

Referer
https://www.themarialeufffoundation.com/
Origin
https://www.themarialeufffoundation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 14:38:56 GMT
x-amz-version-id
P942yYHR1Kd1S9pXeIchNi_Syi9ULtIw
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
165623
x-amz-server-side-encryption
AES256
x-cache-status
MISS
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
1049
x-wix-request-id
1710772736.574173344054741262343
last-modified
Mon, 18 Mar 2024 14:38:34 GMT
server
Pepyaka/1.21.6
etag
W/"de08d95168c632662c48d45b4d7fb9e3"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
673990763
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
7X5hrNIEjZUqJAyam2LIfakU3Haph401eSaNmz1w2MKdxTSexFeH4w==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgF4/U1opHLiGhWxtG36bT7,aVxMblM8KFG3we5NLvyVc1tQmS28JMtgHj+uYScAmBW8ZDY613cHYLbuhNMgAom1,2iuX5LYwvZa9CoGaG8ZUZomYmPgSwc4aU7J40H7VRopJhZCw/L9IOaAvqbWNoDPe
group_7.abdf7650.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/
14 KB
6 KB
Script
General
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_7.abdf7650.chunk.min.js
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.21.6 /
Resource Hash
73ba326e2ff42569133834f9069a6e0afde06e28c2f7e90e96a75d4881eb1d8f

Request headers

Referer
https://www.themarialeufffoundation.com/
Origin
https://www.themarialeufffoundation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 20:52:19 GMT
x-amz-version-id
NzSLHNZ2qM_TJJCs0MIlraj6vxnUcgRi
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
age
316020
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
MISS
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
5377
x-wix-request-id
1710622339.595156600238811265629
last-modified
Sat, 16 Mar 2024 20:51:05 GMT
server
Pepyaka/1.21.6
etag
W/"cba175768165680912d048aa2f4a9dbe"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
467201889
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
1_DlHoldG7XMCVGsuM0PnEuQT1jxw5W27ib7kH6Ccsen5v6_8Trk7g==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgzV1/Iq9lbjXhgOeY1i+yl,aVxMblM8KFG3we5NLvyVc1tQmS28JMtgHj+uYScAmBW8ZDY613cHYLbuhNMgAom1,2iuX5LYwvZa9CoGaG8ZUZomYmPgSwc4aU7J40H7VRopJhZCw/L9IOaAvqbWNoDPe
ooi.508c7cd6.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/
3 KB
2 KB
Script
General
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/ooi.508c7cd6.chunk.min.js
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.21.6 /
Resource Hash
7a7b57eba15f7ee959e02bf637eab525dc3682216cb4a6af0579e25061df9f18

Request headers

Referer
https://www.themarialeufffoundation.com/
Origin
https://www.themarialeufffoundation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 14:38:56 GMT
x-amz-version-id
z1WjkHqa0dCxLtv2eisYIh2nHDeenscx
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
age
165623
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
MISS
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
1047
x-wix-request-id
1710772736.504119073038411232210
last-modified
Mon, 18 Mar 2024 14:38:36 GMT
server
Pepyaka/1.21.6
etag
W/"c2abdd58342d2634f5aa39ea7196c25e"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
25247538
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
YvO_Pq94-OmzeV9PdINQEM2v_Bxw7iCVjm-9nThJxJRKhyVPnplyCg==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgnqsbGv+9JOcjxAgFkOQdj,aVxMblM8KFG3we5NLvyVc9FChXWD6QlpPTqglWyseEIeGdLDLXwpLd0CTVHPbfOd,2iuX5LYwvZa9CoGaG8ZUZu5XlfJc81bg/9yqD5g4dYQPejayJDKWwFcEqNcrrPAY
group_4.134fd905.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/
32 KB
11 KB
Script
General
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_4.134fd905.chunk.min.js
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.21.6 /
Resource Hash
87f0df6a5c9655d101ce649fa60ffb0653381455c47000712faf85763ebc90fc

Request headers

Referer
https://www.themarialeufffoundation.com/
Origin
https://www.themarialeufffoundation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 06:16:42 GMT
x-amz-version-id
ocP8mPxuiz3L0wsYKLMHc_9QjOLl63aS
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
age
149408
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
10680
x-wix-request-id
1710829002.197183670416411286005
last-modified
Mon, 18 Mar 2024 19:05:22 GMT
server
Pepyaka/1.21.6
etag
W/"f376f9032949f27331be5cda1e380b01"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
149986890 69434188
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
u2Osf29si8QGVQ__HS8jx41uQxViRTHXJCWYBqe3Z4zvGSYQBg6qXg==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjMkS/rKz4Fn5ceohZ05hBF,aVxMblM8KFG3we5NLvyVc9FChXWD6QlpPTqglWyseEIeGdLDLXwpLd0CTVHPbfOd
group_5.df80f594.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/
30 KB
11 KB
Script
General
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_5.df80f594.chunk.min.js
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.21.6 /
Resource Hash
1cc5b87ee0d039b1c3477cf013e42be34575f08586c5dc413a9708c48b2d710a

Request headers

Referer
https://www.themarialeufffoundation.com/
Origin
https://www.themarialeufffoundation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 12:53:43 GMT
x-amz-version-id
ODU7vBM_8BjaRzwV8gR.zv5KTbf.abfG
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
age
517536
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
MISS
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
10914
x-wix-request-id
1710420823.3321469602672131286009
last-modified
Thu, 14 Mar 2024 12:41:41 GMT
server
Pepyaka/1.21.6
etag
W/"e0a63d50f4db790958b97252154a17af"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
492195668
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
9XjpbT5SOnTCFagx7t86z-JJkcZK6_kb70J6wjrVKD5c6CnyZfyINA==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjMkS/rKz4Fn5ceohZ05hBF,aVxMblM8KFG3we5NLvyVc/ez+mKSicOFhmjRkkvIL6EeGdLDLXwpLd0CTVHPbfOd,2iuX5LYwvZa9CoGaG8ZUZomYmPgSwc4aU7J40H7VRoqw+VcyxNhUXA3W6z9zZRqI
cyclicTabbing.725103e8.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/
517 B
1 KB
Script
General
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/cyclicTabbing.725103e8.chunk.min.js
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
667c0a09c28ae0106b4d2e55c84dcaf606746016ca15416e1a004fad51127601

Request headers

Referer
https://www.themarialeufffoundation.com/
Origin
https://www.themarialeufffoundation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:41:54 GMT
x-amz-version-id
8hy8Qbr6R.9gV__pcTn6nfeR5TINX1ud
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
age
2326742
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
319
x-wix-request-id
1708616514.08732503562413145
last-modified
Thu, 22 Feb 2024 14:18:05 GMT
server
Pepyaka/1.19.10
etag
W/"31741413c4a14fcb168799578f2ab87a"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
293621216 285252894
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
Qp93UZzS5a4RLgpEN7KzUjHDqdOBz-577ArQZIL8CuC3ZwzkYNt3WA==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciojw7JhbMq0/mOtSqa+HwB,aVxMblM8KFG3we5NLvyVc3FBmG3gpsA2kw8lNlv7wMa8ZDY613cHYLbuhNMgAom1
environmentWixCodeSdk.7690a40b.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/
562 B
1 KB
Script
General
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/environmentWixCodeSdk.7690a40b.chunk.min.js
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
40dcd2c4ddada8144a373cd0625362ff867cca04505316608fb865a92b9398e2

Request headers

Referer
https://www.themarialeufffoundation.com/
Origin
https://www.themarialeufffoundation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:41:54 GMT
x-amz-version-id
m_pCbadOYyw58b97GCAvXeyoOtYeccTC
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
age
2326742
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
349
x-wix-request-id
1708616514.158418292655322144
last-modified
Thu, 22 Feb 2024 14:18:05 GMT
server
Pepyaka/1.19.10
etag
W/"a2caea91d084a69654583d1b6d1c3f87"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
983616884 1005666639
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
zLZ9kBTiFps3w4QzlYAI3yVyie6BOzuO6zhWNTpJUxiPVHreTP7qrw==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciIhzGxulME7YKteYTeCw6C,aVxMblM8KFG3we5NLvyVczcu59EpmtW9m1QeKn/Zhei8ZDY613cHYLbuhNMgAom1
panorama.051dc072.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/
723 B
1 KB
Script
General
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/panorama.051dc072.chunk.min.js
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
0961654169b6d25f597e4c20355764cb7ca372f6e023054c3fd529ca48c2c8d2

Request headers

Referer
https://www.themarialeufffoundation.com/
Origin
https://www.themarialeufffoundation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:41:54 GMT
x-amz-version-id
t_R1tdYarObaNQApXSwzXd37J6xMuvY0
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
age
2326743
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
440
x-wix-request-id
1708616514.24732503593513146
last-modified
Thu, 22 Feb 2024 14:18:07 GMT
server
Pepyaka/1.19.10
etag
W/"ac568ff884adcd94b75987d359bceb51"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
687119765 681300422
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
il4rWxBYFVvwZ6kKJkTJVXok8KEUwM9z1tzbXFcjWoMs24zRRB5HAg==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciojw7JhbMq0/mOtSqa+HwB,aVxMblM8KFG3we5NLvyVc7BqDNFHAXxDhnSr3nbzCBC8ZDY613cHYLbuhNMgAom1
group_6.aabc9856.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/
257 KB
60 KB
Script
General
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_6.aabc9856.chunk.min.js
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.21.6 /
Resource Hash
79921886b495861255a4baa3b744751396c0da5f696ae451c8b2c2316494127e

Request headers

Referer
https://www.themarialeufffoundation.com/
Origin
https://www.themarialeufffoundation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 06:38:48 GMT
x-amz-version-id
e32wGl1aRc9EZIJ09h_Nnoj9YZUODZ9x
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
age
194431
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
MISS
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
61058
x-wix-request-id
1710743927.934169567187111262340
last-modified
Sun, 17 Mar 2024 21:34:54 GMT
server
Pepyaka/1.21.6
etag
W/"45deca3345f3de866ed50683e8a74084"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
934559074
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
bvDKI4Y4bBxIuAwe4pRpAli6MLpG13Zrvn-tUv7SR34awd1Q2Hsdrg==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgF4/U1opHLiGhWxtG36bT7,aVxMblM8KFG3we5NLvyVc/ez+mKSicOFhmjRkkvIL6EeGdLDLXwpLd0CTVHPbfOd,2iuX5LYwvZa9CoGaG8ZUZomYmPgSwc4aU7J40H7VRoqw+VcyxNhUXA3W6z9zZRqI
siteMembersWixCodeSdk.4b5a099e.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/
8 KB
4 KB
Script
General
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/siteMembersWixCodeSdk.4b5a099e.chunk.min.js
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.21.6 /
Resource Hash
cc0e6dc9e6a432667b502cce543213dda525efd42d773dbfff6e5711b9888f57

Request headers

Referer
https://www.themarialeufffoundation.com/
Origin
https://www.themarialeufffoundation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 06:16:42 GMT
x-amz-version-id
0lcwZWgtbek3zMnMSklK.AnVIhy9ptWp
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
age
109357
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
MISS
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
3070
x-wix-request-id
1710829002.211183670417611286005
last-modified
Tue, 19 Mar 2024 06:13:12 GMT
server
Pepyaka/1.21.6
etag
W/"012ab692d78f99231326d9dd1f74738b"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
461899953
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
UNrl-lFqAhN44dRXxmDMMuI37eaRkeGuuoi0RGIiegh3TZVIuPseDw==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjMkS/rKz4Fn5ceohZ05hBF,aVxMblM8KFG3we5NLvyVcxXCkSrKbVttFv2SShbFg6m8ZDY613cHYLbuhNMgAom1,2iuX5LYwvZa9CoGaG8ZUZgqsM72LknxyIGq7MjJjVJMbc6ZO93n0xtcNLcucTm2i
group_9.dff1335f.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/
73 KB
23 KB
Script
General
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_9.dff1335f.chunk.min.js
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.21.6 /
Resource Hash
19bba7006f333b101a55c4e4cd21ec968c10e93faf26fbc3ab39531f636a5e38

Request headers

Referer
https://www.themarialeufffoundation.com/
Origin
https://www.themarialeufffoundation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 23:16:48 GMT
x-amz-version-id
p7iWzAhS.v.Q10iGXcHdxfYxqYTiR0wV
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
age
307351
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
MISS
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
22297
x-wix-request-id
1710631008.232162939461811262343
last-modified
Sat, 16 Mar 2024 22:55:22 GMT
server
Pepyaka/1.21.6
etag
W/"be00a951cc1d272359ceb4e88937e512"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
967451049
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
cVr2hrn8bSWk83bkQBhCtOpyaBF_8lLAZkTHg0xRcyvNGOGnVD41LA==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgF4/U1opHLiGhWxtG36bT7,aVxMblM8KFG3we5NLvyVc9FChXWD6QlpPTqglWyseEIeGdLDLXwpLd0CTVHPbfOd,2iuX5LYwvZa9CoGaG8ZUZu5XlfJc81bg/9yqD5g4dYQPejayJDKWwFcEqNcrrPAY
passwordProtectedPage.bfbc1f3b.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/
33 KB
12 KB
Script
General
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/passwordProtectedPage.bfbc1f3b.chunk.min.js
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.21.6 /
Resource Hash
fe3abc951beadea7e741eff394b22b2d7d544603e070cd5dec2437cf65c7a303

Request headers

Referer
https://www.themarialeufffoundation.com/
Origin
https://www.themarialeufffoundation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 06:20:18 GMT
x-amz-version-id
YZ_xFWaovwGbOU58YD3clvGsK2DD8C54
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
age
713941
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
MISS
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
11688
x-wix-request-id
1710224418.024114246713811265632
last-modified
Tue, 12 Mar 2024 05:53:50 GMT
server
Pepyaka/1.21.6
etag
W/"1d7d1c1f72e64b4f9a23d45cbdb4ab5c"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
694188520
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
IsH0OBWUmXZ1X-gaU3f6kMxIDGt1IoSkIH36v_e7_qz-fd6Ln2jhlg==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgzV1/Iq9lbjXhgOeY1i+yl,aVxMblM8KFG3we5NLvyVc1tQmS28JMtgHj+uYScAmBW8ZDY613cHYLbuhNMgAom1,2iuX5LYwvZa9CoGaG8ZUZomYmPgSwc4aU7J40H7VRopJhZCw/L9IOaAvqbWNoDPe
siteMembers.34368f4b.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/
8 KB
4 KB
Script
General
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/siteMembers.34368f4b.chunk.min.js
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.21.6 /
Resource Hash
3c1e45dee94118b77b8ba3ce1ef5502e26b040731c812c4ef5182c3d294b3031

Request headers

Referer
https://www.themarialeufffoundation.com/
Origin
https://www.themarialeufffoundation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 06:16:42 GMT
x-amz-version-id
Muq3yasfTlnYZUTzK0oedVDRsI83yRxQ
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
age
149408
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
3062
x-wix-request-id
1710829002.338179505987511262339
last-modified
Mon, 18 Mar 2024 19:05:24 GMT
server
Pepyaka/1.21.6
etag
W/"9e37c9993cace70d067c4a63b291504b"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
1025497348 989688030
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
xSkjfYDIoXpeb74fdCs8qQz-B0_PVcH6ma3vWnTuycrdKUk6FqfAGQ==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgF4/U1opHLiGhWxtG36bT7,aVxMblM8KFG3we5NLvyVc/ez+mKSicOFhmjRkkvIL6EeGdLDLXwpLd0CTVHPbfOd
tslib.inline.affe2026.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/
4 KB
2 KB
Script
General
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/tslib.inline.affe2026.chunk.min.js
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
73ef2946715b97df12bf2413670716f679a73707c3c398494e20d4b707a26066

Request headers

Referer
https://www.themarialeufffoundation.com/
Origin
https://www.themarialeufffoundation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:41:54 GMT
x-amz-version-id
6UXsZefLSHUPJQE2woaBOtcNBPfBZ7Sb
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
age
2326743
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
1522
x-wix-request-id
1708616514.40932502959523145
last-modified
Thu, 22 Feb 2024 14:18:10 GMT
server
Pepyaka/1.19.10
etag
W/"f48cb079e791e427514f5d4ac721a1b3"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
901206681 886108904
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
xh-nItCkfFRv0EygIKJpq9Q5-mhrC2czp-CcBo4AA40PpUMdLPjwkA==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciojw7JhbMq0/mOtSqa+HwB,aVxMblM8KFG3we5NLvyVczstYlvPrh50362MXOa5oWweGdLDLXwpLd0CTVHPbfOd
tpaCommons.0e16a51b.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/
3 KB
2 KB
Script
General
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/tpaCommons.0e16a51b.chunk.min.js
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
7324735870b174ca94fad989d7ec7c3d077dfafd31c6e31f233470c6e4e95530

Request headers

Referer
https://www.themarialeufffoundation.com/
Origin
https://www.themarialeufffoundation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:41:54 GMT
x-amz-version-id
sfZheZa.XUa6ZCxobht5mmyam2vbw2fe
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
age
2326743
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
1335
x-wix-request-id
1708616514.511418290985972144
last-modified
Thu, 22 Feb 2024 14:18:10 GMT
server
Pepyaka/1.19.10
etag
W/"d2a65db15628ccdbe22a8b1596afb8aa"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
1023513655 1008947696
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
A_vl9Eb1pp6PiiuVdBd6M_A4zMB3fA-GL5gVx6q5XVCQhbKhlOdzeg==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciIhzGxulME7YKteYTeCw6C,aVxMblM8KFG3we5NLvyVczcu59EpmtW9m1QeKn/Zhei8ZDY613cHYLbuhNMgAom1
group_26.420453fa.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/
2 KB
2 KB
Script
General
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_26.420453fa.chunk.min.js
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.21.6 /
Resource Hash
1903f5c41b30a5798edd7e483772413c551b12e81e2a943cf6f8a2ac6e543da5

Request headers

Referer
https://www.themarialeufffoundation.com/
Origin
https://www.themarialeufffoundation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 19:21:01 GMT
x-amz-version-id
NFwxqxoCLqNBE0R_J_BZGyp7gemGLUBB
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
age
1099161
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
1131
x-wix-request-id
1709839261.08815897679921232210
last-modified
Thu, 07 Mar 2024 18:38:29 GMT
server
Pepyaka/1.21.6
etag
W/"c60a44dc07f7ec208edf8a5e80e279e2"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
666979661 666238686
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
RWoPs66KBqnw-N-gYp89nL52t50ye3JAL4SwlZIgYe7AmY-5i7PpTQ==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgnqsbGv+9JOcjxAgFkOQdj,aVxMblM8KFG3we5NLvyVc/ez+mKSicOFhmjRkkvIL6EeGdLDLXwpLd0CTVHPbfOd
group_23.b8114cbd.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/
2 KB
2 KB
Script
General
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_23.b8114cbd.chunk.min.js
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.21.6 /
Resource Hash
9d045df345296df2881cb17f54fcdafd432bfc5431422395f2f4d27c1531adc8

Request headers

Referer
https://www.themarialeufffoundation.com/
Origin
https://www.themarialeufffoundation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 19:17:29 GMT
x-amz-version-id
vjlJF9MnJ_uDSojZaXGdB.ao..uDOG5C
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
age
1099388
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
1153
x-wix-request-id
1709839049.94915862395411232206
last-modified
Thu, 07 Mar 2024 18:38:29 GMT
server
Pepyaka/1.21.6
etag
W/"2989d39a11d189eeaf627348728d006b"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
646666901 647386221
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
nNwI_Kd2h5rJmV_Lh4yEvWERhxiXvRN5apwvWKAR0L11tNaKF4Q1_Q==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgnqsbGv+9JOcjxAgFkOQdj,aVxMblM8KFG3we5NLvyVc1tQmS28JMtgHj+uYScAmBW8ZDY613cHYLbuhNMgAom1
site-members
frog.wix.com/
0
264 B
Ping
General
Full URL
https://frog.wix.com/site-members?_msid=e46a0cb6-e7fa-4131-81b4-94bdc8636288&vsi=bb5501fd-a9ef-4173-8c16-ef8ba716f600&_av=thunderbolt-1.13753.0&isb=true&isbr=plugins-extra&_brandId=wix&_siteBranchId=undefined&_ms=680&_isHeadless=undefined&_hostingPlatform=VIEWER&_lv=2.0.985%7CC&_visitorId=a1cc4857-7ac0-4d3d-a320-44e282027a01&_siteMemberId=undefined&bsi=8135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1&src=5&evid=698&biToken=e46a0cb6-e7fa-4131-81b4-94bdc8636288&context=undefined&ts=316&viewmode=undefined&visitor_id=a1cc4857-7ac0-4d3d-a320-44e282027a01&site_member_id=undefined&site_settings_lng=en&browser_lng=en&lng_mismatch=false&layout=undefined&_isca=1&_iscf=1&_ispd=0&_ise=0&_=17109383596430
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/main.89e8f6cc.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.22.145.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-145-71.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarialeufffoundation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin
https://www.themarialeufffoundation.com
date
Wed, 20 Mar 2024 12:39:19 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST
reporter-api.f78ab811.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/
25 KB
8 KB
Script
General
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/reporter-api.f78ab811.chunk.min.js
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
2ed709f59204f0fd94c705b0248e48113397d4a0e602a8ebed4d00308f660644

Request headers

Referer
https://www.themarialeufffoundation.com/
Origin
https://www.themarialeufffoundation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 06:19:45 GMT
x-amz-version-id
sIJmtHFT7INqysTYpY_cf0yYVcH6.13G
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
age
2009974
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
MISS
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
7222
x-wix-request-id
1708928385.956452752860722144
last-modified
Mon, 26 Feb 2024 06:13:49 GMT
server
Pepyaka/1.19.10
etag
W/"e45db0ce5bf06b3aafda0b5721f41b8f"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
254353433
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
hTjmYQxprtLw3IZHD4DxZrSU4fVRHXMeOkuXDKX6TcMylM8Uo9f7vA==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciIhzGxulME7YKteYTeCw6C,aVxMblM8KFG3we5NLvyVc2240yoD0MlMpM73djr11roeGdLDLXwpLd0CTVHPbfOd,2iuX5LYwvZa9CoGaG8ZUZomYmPgSwc4aU7J40H7VRoonyNuED/+UieZaPOkDEHk+
group_0.fbab12aa.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/
894 B
1 KB
Script
General
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_0.fbab12aa.chunk.min.js
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
f3e2e5fc89074f136430ab99d72836e2b07d4da7284e71cb88dbe9f3f60bcd92

Request headers

Referer
https://www.themarialeufffoundation.com/
Origin
https://www.themarialeufffoundation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:41:54 GMT
x-amz-version-id
kxZ3gYL.Zo1FyafinU0LZgBWel1XMWur
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
age
2326743
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
417
x-wix-request-id
1708616514.789324999845153146
last-modified
Thu, 22 Feb 2024 14:18:06 GMT
server
Pepyaka/1.19.10
etag
W/"411dda2acffd1072fbf7d608d9b19fcd"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
1014161129 1003093472
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
8lBuhpGemkWNdfbj7ZOKp-ti3VuSuwqaeQLiQwqHLXO24KHSnMnuHQ==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciojw7JhbMq0/mOtSqa+HwB,aVxMblM8KFG3we5NLvyVczcu59EpmtW9m1QeKn/Zhei8ZDY613cHYLbuhNMgAom1
e46a0cb6-e7fa-4131-81b4-94bdc8636288
www.themarialeufffoundation.com/_api/tag-manager/api/v1/tags/sites/
1 KB
381 B
XHR
General
Full URL
https://www.themarialeufffoundation.com/_api/tag-manager/api/v1/tags/sites/e46a0cb6-e7fa-4131-81b4-94bdc8636288?wixSite=false&htmlsiteId=6780e8c6-e799-476f-a0ed-7415f331e9fa&language=en&partytown=false
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/tag-manager-client/1.827.0/siteTags.bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.87.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
45.87.149.34.bc.googleusercontent.com
Software
Pepyaka /
Resource Hash
30534d3328a724a02358f40d5d388932d0041cc54d6e1caa3b52e8f76901397e
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Referer
https://www.themarialeufffoundation.com/
accept-language
de-DE,de;q=0.9
authorization
S4DYH_Ricxzv9hX0Etg2IiChCnmmk0Is5zSLQDWAxOk.eyJpbnN0YW5jZUlkIjoiZTQ2YTBjYjYtZTdmYS00MTMxLTgxYjQtOTRiZGM4NjM2Mjg4IiwiYXBwRGVmSWQiOiIyMmJlZjM0NS0zYzViLTRjMTgtYjc4Mi03NGQ0MDg1MTEyZmYiLCJtZXRhU2l0ZUlkIjoiZTQ2YTBjYjYtZTdmYS00MTMxLTgxYjQtOTRiZGM4NjM2Mjg4Iiwic2lnbkRhdGUiOiIyMDI0LTAzLTIwVDEyOjM5OjE5LjM3MFoiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6ImExY2M0ODU3LTdhYzAtNGQzZC1hMzIwLTQ0ZTI4MjAyN2EwMSIsInNpdGVPd25lcklkIjoiYjMwMTBjNmItN2M1MS00MmYzLTkyNzUtNTYzNzE4MzMwYjRlIn0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type
application/json

Response headers

date
Wed, 20 Mar 2024 12:39:19 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=300
via
1.1 google
x-cache
MISS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by
cache-fra-etou8220122-FRA
pragma
no-cache
x-wix-request-id
1710938359.685168516885210018181
glb-x-seen-by
bS8wRlGzu0Hc+WrYuHB8QIg44yfcdCMJRkBoQ1h6Vjc=
server
Pepyaka
etag
W/"41e-Gp1ibsiCusQlTkUeFnPHCn72TSU"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-store, no-cache
accept-ranges
bytes
x-seen-by
yvSunuo/8ld62ehjr5B7kA==,REmTqJKTo7BM/eF7JdTbUrxkNjrXdwdgtu6E0yACibU=,m0j2EEknGIVUW/liY8BLLm+RUUxFrhyTYE58WvxHjklsl0ueLMGCVziLUYuJmnC9,rXUceJIlvIg2Ftogbhjv0KIk6nh8DLEJJ7Y34dBfen6GfkNHN95mQAslTqQlzWwx7thMxkrHd40Or6sTKPZSXg==,C1HuGeBYQ+K9tTyizYtyc7bWC5PognMB4bbwu9xKVD8=,3CGiQP39qCQ0kzSo/awQuvkQE+n51beW8Bjo6KpqX0w=,MDFDoTqjWxpWhAuWfTm+PNELnU9mYHmIoP1dZunVzJ8anFcaU/d5yebmb0fvk7UwN3/MGgb9Do/ywABTRBNHJg==,3CGiQP39qCQ0kzSo/awQuvkQE+n51beW8Bjo6KpqX0w=,WpQmQEGki3jmC6OKCjOi+OJyr0mxsRFLrAYYZ0HzFWw=,mvxQ9qSAmY38asKjFCcmG2xHYsxLpbGk9sDWTbA0fFhoGOXPIV2w8n9IVFkOK0K6JX55d7KID+zsENJ3SMKoLA==,x3jfU+r9sCBlc1Y+lmS+87Syq8x8SOVix5AhaJN4Lm8=,tznMqpp3e1oucszW+OT1FFedpk4iOYEO3MahL0nsvJzkucs+scIObIKFTxWj8qmuLMdQ1DtQeP1f19NXVzezc96fxIgBYHW4BjNdyn4fnBY=
rb_wixui.thunderbolt.manifest.min.json
static.parastorage.com/services/editor-elements/1.11888.0/
39 KB
11 KB
Fetch
General
Full URL
https://static.parastorage.com/services/editor-elements/1.11888.0/rb_wixui.thunderbolt.manifest.min.json
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/thunderbolt-components-registry.e1099503.chunk.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.21.6 /
Resource Hash
adc13eab2d6fb540a9f9fa1f68d4c87e4c5b7a1316caf5ca3728b473ffc9ad8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarialeufffoundation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 06:01:13 GMT
x-amz-version-id
Yc4vaOO5rq50SoKlTgvgP6c0J_hHLu5x
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
age
110287
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
10028
x-wix-request-id
1710828073.766173172326651265628
last-modified
Mon, 18 Mar 2024 22:55:14 GMT
server
Pepyaka/1.21.6
etag
W/"ce72d44647c12f4b984d4ef8870b97cc"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/json
access-control-allow-origin
*
x-varnish
147399913 147929590
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
gjdjUC6cmXBgFbT8gwgGRcWHoVvWjLw6G-OvVRslNGt5YgV7F8K3Lg==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgzV1/Iq9lbjXhgOeY1i+yl,aVxMblM8KFG3we5NLvyVc9FChXWD6QlpPTqglWyseEIeGdLDLXwpLd0CTVHPbfOd
rb_dsgnsys.thunderbolt.manifest.min.json
static.parastorage.com/services/editor-elements/1.11888.0/
4 KB
2 KB
Fetch
General
Full URL
https://static.parastorage.com/services/editor-elements/1.11888.0/rb_dsgnsys.thunderbolt.manifest.min.json
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/thunderbolt-components-registry.e1099503.chunk.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.21.6 /
Resource Hash
561a777615de8dc4265ee0f9d24d045e83008f4776acb5c6eb045b7edaf96400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarialeufffoundation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 06:01:13 GMT
x-amz-version-id
Q5FniJRRBOyJiinKFXwtfMiaGaQdeaLw
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
age
110287
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
1317
x-wix-request-id
1710828073.768179412311421262343
last-modified
Mon, 18 Mar 2024 22:55:14 GMT
server
Pepyaka/1.21.6
etag
W/"172d1d5b76724bfcb74d3563fbec194f"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/json
access-control-allow-origin
*
x-varnish
784903901 785136984
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
N1-nMdIH0Jspbil1B8rINQxYehz5ch83JpJCeYUJrX1XgKp_seILLg==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgF4/U1opHLiGhWxtG36bT7,aVxMblM8KFG3we5NLvyVc1tQmS28JMtgHj+uYScAmBW8ZDY613cHYLbuhNMgAom1
TPABaseComponent.83c18b22.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/
5 KB
3 KB
Script
General
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/TPABaseComponent.83c18b22.chunk.min.js
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.21.6 /
Resource Hash
2877a471a18187f26a9fe2e39b892a5f46fe9e43d545ee256e3a06adb282066a

Request headers

Referer
https://www.themarialeufffoundation.com/
Origin
https://www.themarialeufffoundation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 19:29:10 GMT
x-amz-version-id
PKAP28KfEmAJPpZuw4CltvcrnnDejQi_
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
age
1703409
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
MISS
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
1893
x-wix-request-id
1709234950.38822319399729883
last-modified
Thu, 29 Feb 2024 19:07:20 GMT
server
Pepyaka/1.21.6
etag
W/"2a22c705fb5b9f404b2ca51ba0d8fae3"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
26767809
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
zoQ0e6-X7jCU3Gg3ObWRLuk4OWGNR2qpPKlA7F9F8QGkU1e6C-zavg==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgzV1/Iq9lbjXhgOeY1i+yl,aVxMblM8KFG3we5NLvyVc9FChXWD6QlpPTqglWyseEIeGdLDLXwpLd0CTVHPbfOd,2iuX5LYwvZa9CoGaG8ZUZu5XlfJc81bg/9yqD5g4dYQPejayJDKWwFcEqNcrrPAY
bpm
frog.wix.com/
0
264 B
Ping
General
Full URL
https://frog.wix.com/bpm?_msid=e46a0cb6-e7fa-4131-81b4-94bdc8636288&vsi=bb5501fd-a9ef-4173-8c16-ef8ba716f600&_av=thunderbolt-1.13753.0&isb=true&isbr=plugins-extra&_brandId=wix&_siteBranchId=undefined&_ms=702&_isHeadless=undefined&_hostingPlatform=VIEWER&_lv=2.0.985%7CC&_visitorId=a1cc4857-7ac0-4d3d-a320-44e282027a01&_siteMemberId=undefined&bsi=8135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1&src=72&evid=520&widgets_ids=NO_APPS&apps_ids=NO_APPS&pageNumber=1&hasBlocksWidget=false&_isca=1&_iscf=1&_ispd=0&_ise=1&_=17109383596651
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/main.89e8f6cc.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.22.145.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-145-71.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarialeufffoundation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin
https://www.themarialeufffoundation.com
date
Wed, 20 Mar 2024 12:39:19 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST
animations.3c83b88f.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/
12 KB
5 KB
Script
General
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/animations.3c83b88f.chunk.min.js
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.21.6 /
Resource Hash
987a9d894990385b9fdfa4efb70fdff4ec178d6a5de685bdebc7ab6488e93bdc

Request headers

Referer
https://www.themarialeufffoundation.com/
Origin
https://www.themarialeufffoundation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 06:20:25 GMT
x-amz-version-id
BLDAMGmDbLE5Dv67S83mp_OxWexCWmqo
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
age
713934
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
MISS
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
4022
x-wix-request-id
1710224425.306114247265611265628
last-modified
Tue, 12 Mar 2024 05:53:47 GMT
server
Pepyaka/1.21.6
etag
W/"4656e1420f1dea359c76f059a8c82898"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
900018193
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
RDlaZoCLFgDwVhLx4w_2eydi885dKclIfEZFSlbmMc6zb0ydQFEVKg==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgzV1/Iq9lbjXhgOeY1i+yl,aVxMblM8KFG3we5NLvyVc7tnpyQ/1ThW8d6OVxL3lam8ZDY613cHYLbuhNMgAom1,2iuX5LYwvZa9CoGaG8ZUZsMbFSTOpUHonIrLzl1g5Xyr8R+/hZURmNj/t5XZRPjV
group_25.69a4f336.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/
2 KB
2 KB
Script
General
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_25.69a4f336.chunk.min.js
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.21.6 /
Resource Hash
bd55a3af5a80061d86849db6094454bb295e9be770d104e0654f6aef5365840d

Request headers

Referer
https://www.themarialeufffoundation.com/
Origin
https://www.themarialeufffoundation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 12:53:43 GMT
x-amz-version-id
XoS.C_p.ResweoYFhGakbpeR_e95Zxcn
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
age
517536
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
MISS
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
1196
x-wix-request-id
1710420823.6181433057509131262343
last-modified
Thu, 14 Mar 2024 12:41:40 GMT
server
Pepyaka/1.21.6
etag
W/"5e4b6a3691cddaf523c4866a0fa35f5e"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
189266509
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
cK6ko0FrJMr-lZPdMdM8vTpstAvk_jSvm4GseORGVSyL2iDVXQNZhw==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgF4/U1opHLiGhWxtG36bT7,aVxMblM8KFG3we5NLvyVc7tnpyQ/1ThW8d6OVxL3lam8ZDY613cHYLbuhNMgAom1,2iuX5LYwvZa9CoGaG8ZUZsMbFSTOpUHonIrLzl1g5Xyr8R+/hZURmNj/t5XZRPjV
platformPubsub.7d20d1f9.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/
2 KB
2 KB
Script
General
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/platformPubsub.7d20d1f9.chunk.min.js
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.21.6 /
Resource Hash
70fbc90b582e908639dc2c2979b96dd427a944381d5a8591da1c3ac50ee18988

Request headers

Referer
https://www.themarialeufffoundation.com/
Origin
https://www.themarialeufffoundation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 19:17:51 GMT
x-amz-version-id
7vtpmQ_bLIOFwrGwWmbisNku4aKpQeYl
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
age
1099387
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
971
x-wix-request-id
1709839071.45173400672111286004
last-modified
Thu, 07 Mar 2024 18:38:30 GMT
server
Pepyaka/1.21.6
etag
W/"c2565c0b2c17943e6032b3155dff40f9"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
916199650 915235616
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
ZWJAOe1H67AABDYIxslKEcL7CPLelS0tDPsxza4KeQyf-z88znC82A==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjMkS/rKz4Fn5ceohZ05hBF,aVxMblM8KFG3we5NLvyVc9FChXWD6QlpPTqglWyseEIeGdLDLXwpLd0CTVHPbfOd
group_8.0e0ae79e.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/
48 KB
16 KB
Script
General
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_8.0e0ae79e.chunk.min.js
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.21.6 /
Resource Hash
c8f9a7c164fb79e848b12f9a6b19873825242eb1bd2f2b648d463346a410588a

Request headers

Referer
https://www.themarialeufffoundation.com/
Origin
https://www.themarialeufffoundation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 06:38:48 GMT
x-amz-version-id
6yaN82fkCS5lFfpx.S.aWIsdTh9CpKm_
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
age
194431
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
MISS
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
15682
x-wix-request-id
1710743928.512115275253021232206
last-modified
Sun, 17 Mar 2024 21:34:54 GMT
server
Pepyaka/1.21.6
etag
W/"1c65dfdc791b6106235ac228ee718b09"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
1047966246
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
_JP3Vbddb8TrndCPE0LNQT978iqr3u0pS2ri-c5To5oNNRUSRNL5Vg==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgnqsbGv+9JOcjxAgFkOQdj,aVxMblM8KFG3we5NLvyVc9FChXWD6QlpPTqglWyseEIeGdLDLXwpLd0CTVHPbfOd,2iuX5LYwvZa9CoGaG8ZUZu5XlfJc81bg/9yqD5g4dYQPejayJDKWwFcEqNcrrPAY
tpa.01bac9e1.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/
2 KB
2 KB
Script
General
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/tpa.01bac9e1.chunk.min.js
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.21.6 /
Resource Hash
1e908b3b6eb76314a01faf12a0868f40c9608a0dd8754b12a45448853d34acd9

Request headers

Referer
https://www.themarialeufffoundation.com/
Origin
https://www.themarialeufffoundation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 19:17:51 GMT
x-amz-version-id
E.MNMBE_O.EPsJa3BCS3tu0hYCtqhtGK
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
age
1099387
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
964
x-wix-request-id
1709839071.45173400672311286006
last-modified
Thu, 07 Mar 2024 18:38:31 GMT
server
Pepyaka/1.21.6
etag
W/"04215c5ef9f1aed48a4fccffab204f78"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
916199648 915235607
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
rfZHZXayj0QpbFdjz1bB2P5oWbrZ9ZXH0EV7O3ZZuYsjIEFP9qP69g==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjMkS/rKz4Fn5ceohZ05hBF,aVxMblM8KFG3we5NLvyVc9FChXWD6QlpPTqglWyseEIeGdLDLXwpLd0CTVHPbfOd
group_11.3fa95a07.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/
886 B
1 KB
Script
General
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_11.3fa95a07.chunk.min.js
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.21.6 /
Resource Hash
87fb9b051b8b946938dee113c1eb701339ddf997be59ca5f731eb9106ddb0e46

Request headers

Referer
https://www.themarialeufffoundation.com/
Origin
https://www.themarialeufffoundation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 19:17:51 GMT
x-amz-version-id
z82056oRUKiWx0GQi_MtwpHua5a67Sl.
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
age
1099387
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
533
x-wix-request-id
1709839071.37273400519821286007
last-modified
Thu, 07 Mar 2024 18:38:29 GMT
server
Pepyaka/1.21.6
etag
W/"2abdd663659ce735b3ddc631c0801789"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
107780151 108463791
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
QiAPP2T3Zb3G8Wtp6nC7t5OqPqUfaUZCGj1FHKAdO0QDjrXyoJuKcQ==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjMkS/rKz4Fn5ceohZ05hBF,aVxMblM8KFG3we5NLvyVc7tnpyQ/1ThW8d6OVxL3lam8ZDY613cHYLbuhNMgAom1
rb_wixui.thunderbolt_bootstrap.4b0482d6.bundle.min.js
static.parastorage.com/services/editor-elements-library/dist/thunderbolt/
41 KB
15 KB
Script
General
Full URL
https://static.parastorage.com/services/editor-elements-library/dist/thunderbolt/rb_wixui.thunderbolt_bootstrap.4b0482d6.bundle.min.js
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/thunderbolt-components-registry.e1099503.chunk.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.21.6 /
Resource Hash
fa3e37fabb2a79f31c1e1105780ee2121ffd4077830a70567930921c684574d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarialeufffoundation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 06:13:16 GMT
x-amz-version-id
qRq5m7EBaSnl.W5iGQj6HeUnPMPXiQLC
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
age
714363
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
MISS
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
14073
x-wix-request-id
1710223996.53063769694241232211
last-modified
Tue, 12 Mar 2024 05:42:20 GMT
server
Pepyaka/1.21.6
etag
W/"82b584674544e4ec5d6454e53e105755"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
68386622
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
FglK30PSnciJ95lb42LO8FuI29aVbDQ8vGbnmkCLPmCJxNenw0V49w==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgnqsbGv+9JOcjxAgFkOQdj,aVxMblM8KFG3we5NLvyVc/ez+mKSicOFhmjRkkvIL6EeGdLDLXwpLd0CTVHPbfOd,2iuX5LYwvZa9CoGaG8ZUZomYmPgSwc4aU7J40H7VRoqw+VcyxNhUXA3W6z9zZRqI
rb_wixui.thunderbolt_bootstrap-classic.6dfe44eb.bundle.min.js
static.parastorage.com/services/editor-elements-library/dist/thunderbolt/
37 KB
13 KB
Script
General
Full URL
https://static.parastorage.com/services/editor-elements-library/dist/thunderbolt/rb_wixui.thunderbolt_bootstrap-classic.6dfe44eb.bundle.min.js
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/thunderbolt-components-registry.e1099503.chunk.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.21.6 /
Resource Hash
a060d27f2e5d3846e3b4ffb2f8e13655213a18b317ab31162465ff90d06d41d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarialeufffoundation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 19:26:26 GMT
x-amz-version-id
A0UIWyCgvI8fXzu7HPHi8oI9JfF_tRC1
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
age
580373
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
MISS
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
12536
x-wix-request-id
1710357986.817139667301231286009
last-modified
Wed, 13 Mar 2024 19:03:38 GMT
server
Pepyaka/1.21.6
etag
W/"70a100570053074f0a34f2264b45bb17"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
646014376
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
c1pk419DkbhtMxGOuCpiESFReVkJJ43o9Rrnp1ZxlibnlUp8h7nNjA==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjMkS/rKz4Fn5ceohZ05hBF,aVxMblM8KFG3we5NLvyVc9FChXWD6QlpPTqglWyseEIeGdLDLXwpLd0CTVHPbfOd,2iuX5LYwvZa9CoGaG8ZUZu5XlfJc81bg/9yqD5g4dYQPejayJDKWwFcEqNcrrPAY
rb_wixui.thunderbolt[SkipToContentButton].a2d57d10.bundle.min.js
static.parastorage.com/services/editor-elements-library/dist/thunderbolt/
3 KB
2 KB
Script
General
Full URL
https://static.parastorage.com/services/editor-elements-library/dist/thunderbolt/rb_wixui.thunderbolt[SkipToContentButton].a2d57d10.bundle.min.js
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/thunderbolt-components-registry.e1099503.chunk.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
63f71023f3b6b9f39f7133f47c40bac372024142a124856036eb4fdc44e7364f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarialeufffoundation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 09:37:19 GMT
x-amz-version-id
Ga5tAczB1G8olWHJzDy6kJQONxTohfHN
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
age
4340231
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
1228
x-wix-request-id
1706693839.4661938618778324922
last-modified
Tue, 30 Jan 2024 05:34:29 GMT
server
Pepyaka/1.19.10
etag
W/"62bf38eeb5f26768463d6a50d5235f11"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
343795978 208779938
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
0DgE1ejdEhIcB2sMLroXV-U21jwABlJ5COs1Snap7yck5NWpS5Q1QA==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVczstYlvPrh50362MXOa5oWweGdLDLXwpLd0CTVHPbfOd
rb_wixui.thunderbolt[ClassicSection].97f120c5.bundle.min.js
static.parastorage.com/services/editor-elements-library/dist/thunderbolt/
12 KB
5 KB
Script
General
Full URL
https://static.parastorage.com/services/editor-elements-library/dist/thunderbolt/rb_wixui.thunderbolt[ClassicSection].97f120c5.bundle.min.js
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/thunderbolt-components-registry.e1099503.chunk.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.21.6 /
Resource Hash
7f359379dfcb52e8cb72cdcac1d17a10447f94215740e5bc050c0fad80805d18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarialeufffoundation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 06:02:31 GMT
x-amz-version-id
n0EB2bc7BTtyJWKOJ3hl_itir8UDqF5C
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
age
542208
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
MISS
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
4806
x-wix-request-id
1710396151.870143061666211286005
last-modified
Thu, 14 Mar 2024 04:56:52 GMT
server
Pepyaka/1.21.6
etag
W/"c6f4505de432ec3ed94de93667fae5d4"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
134518770
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
dYC9i1b2Piw5mLPCVGLcDTyPOHLQ4G0vdprrfeLNEkbfLe05SuyG1g==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjMkS/rKz4Fn5ceohZ05hBF,aVxMblM8KFG3we5NLvyVc7tnpyQ/1ThW8d6OVxL3lam8ZDY613cHYLbuhNMgAom1,2iuX5LYwvZa9CoGaG8ZUZsMbFSTOpUHonIrLzl1g5Xyr8R+/hZURmNj/t5XZRPjV
widget.html
statcounter.va-endpoint.com/ Frame 7D95
234 B
761 B
Document
General
Full URL
https://statcounter.va-endpoint.com/widget.html?pageId=ebzd6&compId=comp-kiqu0mu9&viewerCompId=comp-kiqu0mu9&siteRevision=612&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&width=285&height=275&instance=TmSzHVhDLY_ViofBCbcYqLlS-EDoaDNcc1F3MHdU2Dg.eyJpbnN0YW5jZUlkIjoiMjY5NTNlMDAtN2ZmYi00NGYzLTg3MDktOWJkNjZjMTU3YTgyIiwiYXBwRGVmSWQiOiIxM2VlNTNiNC0yMzQzLWI2NDEtYzg0ZC0wNTZkMmU2ZWQyZTYiLCJzaWduRGF0ZSI6IjIwMjQtMDMtMjBUMTI6Mzk6MTkuMzcwWiIsImRlbW9Nb2RlIjpmYWxzZSwiYWlkIjoiYTFjYzQ4NTctN2FjMC00ZDNkLWEzMjAtNDRlMjgyMDI3YTAxIiwic2l0ZU93bmVySWQiOiJiMzAxMGM2Yi03YzUxLTQyZjMtOTI3NS01NjM3MTgzMzBiNGUifQ&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22host%22%3A%22VIEWER%22%2C%22bsi%22%3A%228135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1%22%2C%22BSI%22%3A%228135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1%22%7D&currentRoute=.%2F&vsi=bb5501fd-a9ef-4173-8c16-ef8ba716f600
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/unpkg/react-dom@18.2.0/umd/react-dom.production.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.8.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.77.8.233.167.clients.your-server.de
Software
istio-envoy / PHP/7.4.33
Resource Hash
ab85308ccf97bb7a843f82685e52130239c1793f135ef98847d91845d6599e27

Request headers

Referer
https://www.themarialeufffoundation.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
Keep-Alive, X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding, X-Wix-Instance-Id, sec-ch-ua-platform, Referer, User-Agent, sec-ch-ua-mobile, sec-ch-ua, If-Modified-Since, Cache-Control
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT, PATCH
access-control-allow-origin
*
access-control-max-age
1000
cache-control
no-cache, private
content-encoding
gzip
content-length
196
content-type
text/html; charset=UTF-8
date
Wed, 20 Mar 2024 12:39:19 GMT
server
istio-envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
22
x-powered-by
PHP/7.4.33
WixStatsWidget
app.ardalio.com/ Frame 6035
6 KB
3 KB
Document
General
Full URL
https://app.ardalio.com/WixStatsWidget?pageId=ebzd6&compId=comp-kirnxogj&viewerCompId=comp-kirnxogj&siteRevision=612&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&width=169&height=58&instance=RJrxpMBRBm6zJu35YEtmJhSnemspwHUUXldRp2MQrmU.eyJpbnN0YW5jZUlkIjoiYzNhMTBiZjEtYTRjOC00M2E0LThmNWQtMWRmMzdlMmU1MzM1IiwiYXBwRGVmSWQiOiIxMmNhMmZkNi1hNGM5LWI5MWYtYWU2Yy05NDg2OGIyYThmMWMiLCJzaWduRGF0ZSI6IjIwMjQtMDMtMjBUMTI6Mzk6MTkuMzcwWiIsImRlbW9Nb2RlIjpmYWxzZSwiYWlkIjoiYTFjYzQ4NTctN2FjMC00ZDNkLWEzMjAtNDRlMjgyMDI3YTAxIiwic2l0ZU93bmVySWQiOiJiMzAxMGM2Yi03YzUxLTQyZjMtOTI3NS01NjM3MTgzMzBiNGUifQ&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22host%22%3A%22VIEWER%22%2C%22bsi%22%3A%228135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1%22%2C%22BSI%22%3A%228135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1%22%7D&currentRoute=.%2F&vsi=bb5501fd-a9ef-4173-8c16-ef8ba716f600
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/unpkg/react-dom@18.2.0/umd/react-dom.production.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4890 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1becc05c52aec6b745c8970a2d4d4a4eed904746727f24652ddafb720dbcb430
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://www.themarialeufffoundation.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
Content-Type
alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8675c3acec1d65c9-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 20 Mar 2024 12:39:19 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3WEV73091Rrt2239BJzke%2F1PjEpHJ3kOAFspa6c1MoHcZzXnBKNpMrUwMCvP8X2Mhn15Au1EymE9P2RQh9zhr8RHzws8jOMkYL6k%2FTS2aufpxAq115smgKXqs2RAMgxYuOa21cWqvtMJIMmXlw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding
ugc-viewer
frog.wix.com/
0
264 B
Ping
General
Full URL
https://frog.wix.com/ugc-viewer?_msid=e46a0cb6-e7fa-4131-81b4-94bdc8636288&vsi=bb5501fd-a9ef-4173-8c16-ef8ba716f600&_av=thunderbolt-1.13753.0&isb=true&isbr=plugins-extra&_brandId=wix&_siteBranchId=undefined&_ms=784&_isHeadless=undefined&_hostingPlatform=VIEWER&_lv=2.0.985%7CC&_visitorId=a1cc4857-7ac0-4d3d-a320-44e282027a01&_siteMemberId=undefined&bsi=8135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1&appId=13ee53b4-2343-b641-c84d-056d2e6ed2e6&widget_id=14b2d589-33e5-af98-ec53-a386bbb29a4f&instance_id=comp-kiqu0mu9&src=42&evid=642&tts=784&pid=ebzd6&pn=1&_isca=1&_iscf=1&_ispd=0&_ise=0&_=17109383597512
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/main.89e8f6cc.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.22.145.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-145-71.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarialeufffoundation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin
https://www.themarialeufffoundation.com
date
Wed, 20 Mar 2024 12:39:19 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST
ugc-viewer
frog.wix.com/
0
264 B
Ping
General
Full URL
https://frog.wix.com/ugc-viewer?_msid=e46a0cb6-e7fa-4131-81b4-94bdc8636288&vsi=bb5501fd-a9ef-4173-8c16-ef8ba716f600&_av=thunderbolt-1.13753.0&isb=true&isbr=plugins-extra&_brandId=wix&_siteBranchId=undefined&_ms=784&_isHeadless=undefined&_hostingPlatform=VIEWER&_lv=2.0.985%7CC&_visitorId=a1cc4857-7ac0-4d3d-a320-44e282027a01&_siteMemberId=undefined&bsi=8135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1&appId=12ca2fd6-a4c9-b91f-ae6c-94868b2a8f1c&widget_id=12ca30a4-046f-c448-5b9b-39a197d32713&instance_id=comp-kirnxogj&src=42&evid=642&tts=784&pid=ebzd6&pn=1&_isca=1&_iscf=1&_ispd=0&_ise=0&_=17109383597513
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/main.89e8f6cc.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.22.145.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-145-71.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarialeufffoundation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin
https://www.themarialeufffoundation.com
date
Wed, 20 Mar 2024 12:39:19 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST
bt
frog.wix.com/
0
264 B
Ping
General
Full URL
https://frog.wix.com/bt?src=29&evid=3&viewer_name=thunderbolt&caching=hit,hit_miss&dc=84&microPop=fastly_84_g&et=33&event_name=page%20interactive&is_cached=true&is_platform_loaded=0&is_rollout=0&ism=1&isp=0&isjp=true&iss=1&ita=1&msid=e46a0cb6-e7fa-4131-81b4-94bdc8636288&pid=ebzd6&pn=1&sar=1600x1200&sessionId=bb7de689-e7c6-42ac-b949-5089c70a05ad&siterev=612-__siteCacheRevision__&sr=1600x1200&st=2&ts=430&tts=794&url=https%3A%2F%2Fwww.themarialeufffoundation.com%2F&v=1.13753.0&vid=a1cc4857-7ac0-4d3d-a320-44e282027a01&bsi=8135e94c-4b13-4f3e-853b-35f40a6de6d1|1&vsi=bb5501fd-a9ef-4173-8c16-ef8ba716f600&wor=1600x1200&wr=1600x1200&_brandId=wix
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.22.145.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-145-71.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarialeufffoundation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin
https://www.themarialeufffoundation.com
date
Wed, 20 Mar 2024 12:39:19 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST
TPAWorker.d4312ae4.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/
596 B
1 KB
Script
General
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/TPAWorker.d4312ae4.chunk.min.js
Requested by
Host: www.themarialeufffoundation.com
URL: https://www.themarialeufffoundation.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
d0361cc7bf24914f4a9757bc1cd9f3d0433e561684904d2d740a4e7f5023460e

Request headers

Referer
https://www.themarialeufffoundation.com/
Origin
https://www.themarialeufffoundation.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 06:37:19 GMT
x-amz-version-id
auQV4xn1aLl2lfVMTO5G9Wrj5dTEdAK6
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
age
2326594
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
365
x-wix-request-id
1708670239.7354260736896210171
last-modified
Thu, 22 Feb 2024 14:18:05 GMT
server
Pepyaka/1.19.10
etag
W/"b81b7ac40f7ab368f3ce747141414cb5"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
995666497 884373775
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
afbAeiySuslCzY1Wx7o4JYOTSwcWeOb42QHSiWKdAA7ffxOv0s51zA==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVczEbmANe8Bb4VBvfNWC6jxEeGdLDLXwpLd0CTVHPbfOd
worker
loadbalancer.visitor-analytics.io/ Frame D239
5 KB
2 KB
Document
General
Full URL
https://loadbalancer.visitor-analytics.io/worker?pageId=masterPage&compId=tpaWorker_36&viewerCompId=tpaWorker_36&siteRevision=612&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&endpointType=worker&instance=TmSzHVhDLY_ViofBCbcYqLlS-EDoaDNcc1F3MHdU2Dg.eyJpbnN0YW5jZUlkIjoiMjY5NTNlMDAtN2ZmYi00NGYzLTg3MDktOWJkNjZjMTU3YTgyIiwiYXBwRGVmSWQiOiIxM2VlNTNiNC0yMzQzLWI2NDEtYzg0ZC0wNTZkMmU2ZWQyZTYiLCJzaWduRGF0ZSI6IjIwMjQtMDMtMjBUMTI6Mzk6MTkuMzcwWiIsImRlbW9Nb2RlIjpmYWxzZSwiYWlkIjoiYTFjYzQ4NTctN2FjMC00ZDNkLWEzMjAtNDRlMjgyMDI3YTAxIiwic2l0ZU93bmVySWQiOiJiMzAxMGM2Yi03YzUxLTQyZjMtOTI3NS01NjM3MTgzMzBiNGUifQ&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22host%22%3A%22VIEWER%22%2C%22bsi%22%3A%228135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1%22%2C%22BSI%22%3A%228135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1%22%7D&currentRoute=.%2F&vsi=bb5501fd-a9ef-4173-8c16-ef8ba716f600
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/unpkg/react-dom@18.2.0/umd/react-dom.production.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:c2c:7a31::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
openresty /
Resource Hash
fc78921639eb6c63c17a157f6b5cefc6af91cd0054bc9260ad78e8c3b47ec55d

Request headers

Referer
https://www.themarialeufffoundation.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Wed, 20 Mar 2024 12:39:19 GMT
etag
W/"65f98497-14fb"
last-modified
Tue, 19 Mar 2024 12:27:03 GMT
server
openresty
vary
Accept-Encoding
x-cache-status
HIT
x-envoy-upstream-service-time
0
x-served-by
loadbalancer.visitor-analytics.io
WixStatsWorker
app.ardalio.com/ Frame 4087
4 KB
2 KB
Document
General
Full URL
https://app.ardalio.com/WixStatsWorker?pageId=masterPage&compId=tpaWorker_37&viewerCompId=tpaWorker_37&siteRevision=612&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&endpointType=worker&instance=RJrxpMBRBm6zJu35YEtmJhSnemspwHUUXldRp2MQrmU.eyJpbnN0YW5jZUlkIjoiYzNhMTBiZjEtYTRjOC00M2E0LThmNWQtMWRmMzdlMmU1MzM1IiwiYXBwRGVmSWQiOiIxMmNhMmZkNi1hNGM5LWI5MWYtYWU2Yy05NDg2OGIyYThmMWMiLCJzaWduRGF0ZSI6IjIwMjQtMDMtMjBUMTI6Mzk6MTkuMzcwWiIsImRlbW9Nb2RlIjpmYWxzZSwiYWlkIjoiYTFjYzQ4NTctN2FjMC00ZDNkLWEzMjAtNDRlMjgyMDI3YTAxIiwic2l0ZU93bmVySWQiOiJiMzAxMGM2Yi03YzUxLTQyZjMtOTI3NS01NjM3MTgzMzBiNGUifQ&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22host%22%3A%22VIEWER%22%2C%22bsi%22%3A%228135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1%22%2C%22BSI%22%3A%228135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1%22%7D&currentRoute=.%2F&vsi=bb5501fd-a9ef-4173-8c16-ef8ba716f600
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/unpkg/react-dom@18.2.0/umd/react-dom.production.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4890 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a920ddf8f05349dbf78d8f92652d73a240d7e7bda80f4c9fe7bd863a749dcb66
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://www.themarialeufffoundation.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
Content-Type
alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8675c3acec2065c9-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 20 Mar 2024 12:39:19 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G%2FgeeuKXJiD%2BUu2p%2FrtM4iyMuCMkBjTsPoIdIGCmCU49IzDcEnWw4EV3pYRfd5F2VqwsO49%2F0rzEu8ZUixRJ%2F51ZJ%2BTN7FM69YvqAU2RG2VKGWjuDxJDXUkbBdhFD9OmoUJ%2F7iTmf6zY6qoZMw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding
bulklog
panorama.wixapps.net/api/v1/
0
663 B
Ping
General
Full URL
https://panorama.wixapps.net/api/v1/bulklog
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/main.89e8f6cc.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.206.255 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
255.206.149.34.bc.googleusercontent.com
Software
Pepyaka /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.themarialeufffoundation.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 20 Mar 2024 12:39:20 GMT
via
1.1 google
x-content-type-options
nosniff
x-wix-request-id
1710938360.1855533842403226721
glb-x-seen-by
wMMTADooq5AJ3cFomJ/MuXOQWGce7NCZXKms1ErOpBs=
server
Pepyaka
referrer-policy
no-referrer-when-downgrade
vary
Accept-Encoding
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-seen-by
REmTqJKTo7BM/eF7JdTbUrxkNjrXdwdgtu6E0yACibU=,m0j2EEknGIVUW/liY8BLLrnTEZLXqF/U043eYuLNtpeeE7pS3hs9mccf1NWR3eZG,jdDt270t0fniy2BugWKBrecSMOvoWpdwFgIcx9fKvvtEQfi00LSS7LJu7sdkoLsDoGBGQ9Osk/CWvwhqFE/Frw==,r6yY0ta7bIKrqK70x072lYnjqhIykGqKcuOg52/Tzg4=,ha2BjfnpoaWsa89DnyiXUKv3zLRrApVAq2Rjj0RshANYgeUJqUXtid+86vZww+nL,F++G2dpOcoOQehyAQIaV0WEndzbojrlxOsKniJG/GQiQ+/XH32UjsmVQk4DV7p8RkW6BtH/sdh1LxPrE4jXNoA==
pa
frog.wix.com/
0
264 B
Ping
General
Full URL
https://frog.wix.com/pa?_msid=e46a0cb6-e7fa-4131-81b4-94bdc8636288&vsi=bb5501fd-a9ef-4173-8c16-ef8ba716f600&_av=thunderbolt-1.13753.0&isb=true&isbr=plugins-extra&_brandId=wix&_siteBranchId=undefined&_ms=873&_isHeadless=undefined&_hostingPlatform=VIEWER&_lv=2.0.985%7CC&_visitorId=a1cc4857-7ac0-4d3d-a320-44e282027a01&_siteMemberId=undefined&bsi=8135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1&src=76&evid=1109&pid=ebzd6&pn=1&viewer=TB&pt=static&pa=editor&pti=ebzd6&uuid=b3010c6b-7c51-42f3-9275-563718330b4e&url=https%3A%2F%2Fwww.themarialeufffoundation.com%2F%23ce&ref=&bot=true&bl=en-US&pl=en-US%2Cen&_isca=1&_iscf=1&_ispd=0&_ise=0&_=17109383598364
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/main.89e8f6cc.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.22.145.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-145-71.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarialeufffoundation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin
https://www.themarialeufffoundation.com
date
Wed, 20 Mar 2024 12:39:19 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST
wix.min.js
static.parastorage.com/services/js-sdk/1.425.0/js/ Frame 7D95
99 KB
24 KB
Script
General
Full URL
https://static.parastorage.com/services/js-sdk/1.425.0/js/wix.min.js
Requested by
Host: statcounter.va-endpoint.com
URL: https://statcounter.va-endpoint.com/widget.html?pageId=ebzd6&compId=comp-kiqu0mu9&viewerCompId=comp-kiqu0mu9&siteRevision=612&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&width=285&height=275&instance=TmSzHVhDLY_ViofBCbcYqLlS-EDoaDNcc1F3MHdU2Dg.eyJpbnN0YW5jZUlkIjoiMjY5NTNlMDAtN2ZmYi00NGYzLTg3MDktOWJkNjZjMTU3YTgyIiwiYXBwRGVmSWQiOiIxM2VlNTNiNC0yMzQzLWI2NDEtYzg0ZC0wNTZkMmU2ZWQyZTYiLCJzaWduRGF0ZSI6IjIwMjQtMDMtMjBUMTI6Mzk6MTkuMzcwWiIsImRlbW9Nb2RlIjpmYWxzZSwiYWlkIjoiYTFjYzQ4NTctN2FjMC00ZDNkLWEzMjAtNDRlMjgyMDI3YTAxIiwic2l0ZU93bmVySWQiOiJiMzAxMGM2Yi03YzUxLTQyZjMtOTI3NS01NjM3MTgzMzBiNGUifQ&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22host%22%3A%22VIEWER%22%2C%22bsi%22%3A%228135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1%22%2C%22BSI%22%3A%228135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1%22%7D&currentRoute=.%2F&vsi=bb5501fd-a9ef-4173-8c16-ef8ba716f600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
33c15a0d2d164ccadd0050ab3b0e65747474a8505090ff8952240a10efc9b5b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://statcounter.va-endpoint.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 19:15:23 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
age
1536080
x-amz-cf-pop
FRA50-C1
x-cache-status
HIT
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
24389
x-goog-meta-origin
archive-extractor
x-wix-request-id
1701634082.6973553225767316242
last-modified
Sun, 05 Apr 2020 13:06:41 GMT
server
Pepyaka/1.19.10
etag
W/"f6c88cc3372987e8617dd524cb6e7f92"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
917673026 915598074
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
RSYbZV6Ur1daHVoRjCw2dx-je6nDHd8eSWBDVMMprDYymAhMD2pylw==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciuywJq1k3i9boDUht6MLw5,aVxMblM8KFG3we5NLvyVczEbmANe8Bb4VBvfNWC6jxEeGdLDLXwpLd0CTVHPbfOd
wix.min.js
static.parastorage.com/services/js-sdk/1.537.0/js/ Frame D239
100 KB
23 KB
Script
General
Full URL
https://static.parastorage.com/services/js-sdk/1.537.0/js/wix.min.js
Requested by
Host: loadbalancer.visitor-analytics.io
URL: https://loadbalancer.visitor-analytics.io/worker?pageId=masterPage&compId=tpaWorker_36&viewerCompId=tpaWorker_36&siteRevision=612&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&endpointType=worker&instance=TmSzHVhDLY_ViofBCbcYqLlS-EDoaDNcc1F3MHdU2Dg.eyJpbnN0YW5jZUlkIjoiMjY5NTNlMDAtN2ZmYi00NGYzLTg3MDktOWJkNjZjMTU3YTgyIiwiYXBwRGVmSWQiOiIxM2VlNTNiNC0yMzQzLWI2NDEtYzg0ZC0wNTZkMmU2ZWQyZTYiLCJzaWduRGF0ZSI6IjIwMjQtMDMtMjBUMTI6Mzk6MTkuMzcwWiIsImRlbW9Nb2RlIjpmYWxzZSwiYWlkIjoiYTFjYzQ4NTctN2FjMC00ZDNkLWEzMjAtNDRlMjgyMDI3YTAxIiwic2l0ZU93bmVySWQiOiJiMzAxMGM2Yi03YzUxLTQyZjMtOTI3NS01NjM3MTgzMzBiNGUifQ&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22host%22%3A%22VIEWER%22%2C%22bsi%22%3A%228135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1%22%2C%22BSI%22%3A%228135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1%22%7D&currentRoute=.%2F&vsi=bb5501fd-a9ef-4173-8c16-ef8ba716f600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
365c579b5f25a1b0157ae3ec0a4849dc364d141a641c5e3aa3a8267286b8aae5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 10:48:57 GMT
x-amz-version-id
ys3LzRDsOQzzQWt5vTQtKJmH6kA1.Q2c
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
age
6044918
x-amz-cf-pop
FRA50-C1
x-cache-status
HIT
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
22871
x-wix-request-id
1704970137.62315227005315653
last-modified
Wed, 29 Jul 2020 09:34:49 GMT
server
Pepyaka/1.19.10
etag
W/"7712dcae0e50b7d91fac1fd1dffe0568"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
48308766 1032728745
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
mVU5UQY7aaGQb6U6BXNjytTMzkQfG-E7eeA7vXujDbn4uUBxjD2VkA==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciuywJq1k3i9boDUht6MLw5,aVxMblM8KFG3we5NLvyVczcu59EpmtW9m1QeKn/Zhei8ZDY613cHYLbuhNMgAom1
md5.min.js
cdn.jsdelivr.net/npm/js-md5@0.7.2/src/ Frame D239
10 KB
4 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/js-md5@0.7.2/src/md5.min.js
Requested by
Host: loadbalancer.visitor-analytics.io
URL: https://loadbalancer.visitor-analytics.io/worker?pageId=masterPage&compId=tpaWorker_36&viewerCompId=tpaWorker_36&siteRevision=612&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&endpointType=worker&instance=TmSzHVhDLY_ViofBCbcYqLlS-EDoaDNcc1F3MHdU2Dg.eyJpbnN0YW5jZUlkIjoiMjY5NTNlMDAtN2ZmYi00NGYzLTg3MDktOWJkNjZjMTU3YTgyIiwiYXBwRGVmSWQiOiIxM2VlNTNiNC0yMzQzLWI2NDEtYzg0ZC0wNTZkMmU2ZWQyZTYiLCJzaWduRGF0ZSI6IjIwMjQtMDMtMjBUMTI6Mzk6MTkuMzcwWiIsImRlbW9Nb2RlIjpmYWxzZSwiYWlkIjoiYTFjYzQ4NTctN2FjMC00ZDNkLWEzMjAtNDRlMjgyMDI3YTAxIiwic2l0ZU93bmVySWQiOiJiMzAxMGM2Yi03YzUxLTQyZjMtOTI3NS01NjM3MTgzMzBiNGUifQ&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22host%22%3A%22VIEWER%22%2C%22bsi%22%3A%228135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1%22%2C%22BSI%22%3A%228135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1%22%7D&currentRoute=.%2F&vsi=bb5501fd-a9ef-4173-8c16-ef8ba716f600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
819ea625864bf229a828cc19bc6076ba2882ab620bb22b05c14e1a6eb8118bdc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 12:39:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
30943
x-jsd-version
0.7.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220039-FRA, cache-lga21923-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"27c1-yr8Ul5yO7eG/3f+rk3svEN4s3AY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kOCKjOSiRxgiR2Ob5twExtJbkDejMZOlvnNxY%2B67ms0i5O6Od2VtFKb1smBSURlJ5IqvbNIdxAV0od%2Ff3DqkMX4ZbnDOvTRtBTmfMkC5o4e4%2B%2BDjtF7f6ZA%2BZspRAGZ5vVYB1QtUvvHzFEfhprI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
8675c3adafb41994-FRA
fingerprint2.min.js
cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/2.1.0/ Frame D239
29 KB
10 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/2.1.0/fingerprint2.min.js
Requested by
Host: loadbalancer.visitor-analytics.io
URL: https://loadbalancer.visitor-analytics.io/worker?pageId=masterPage&compId=tpaWorker_36&viewerCompId=tpaWorker_36&siteRevision=612&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&endpointType=worker&instance=TmSzHVhDLY_ViofBCbcYqLlS-EDoaDNcc1F3MHdU2Dg.eyJpbnN0YW5jZUlkIjoiMjY5NTNlMDAtN2ZmYi00NGYzLTg3MDktOWJkNjZjMTU3YTgyIiwiYXBwRGVmSWQiOiIxM2VlNTNiNC0yMzQzLWI2NDEtYzg0ZC0wNTZkMmU2ZWQyZTYiLCJzaWduRGF0ZSI6IjIwMjQtMDMtMjBUMTI6Mzk6MTkuMzcwWiIsImRlbW9Nb2RlIjpmYWxzZSwiYWlkIjoiYTFjYzQ4NTctN2FjMC00ZDNkLWEzMjAtNDRlMjgyMDI3YTAxIiwic2l0ZU93bmVySWQiOiJiMzAxMGM2Yi03YzUxLTQyZjMtOTI3NS01NjM3MTgzMzBiNGUifQ&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22host%22%3A%22VIEWER%22%2C%22bsi%22%3A%228135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1%22%2C%22BSI%22%3A%228135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1%22%7D&currentRoute=.%2F&vsi=bb5501fd-a9ef-4173-8c16-ef8ba716f600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bf52e1f92ce9ea93f33025943d00dbfe5e73ff1c8ddc1507aee8ac82d34dc0f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 12:39:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
590198
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
9392
last-modified
Mon, 04 May 2020 16:10:04 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5c-72e4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BDQtqWXZ%2BFAclZ3ETnXPqYGbOrB1%2BCB8fTO7b5cABEtB5GDPcFYNgKb9oFFdNzqE8%2FWEOtA1%2Fl%2BMVWVnWX4e1L9asDTomZ3OuZe7oyUv0g%2Fxt7MV7a%2Fsac7hxC0bVeE4S5Nc1mP2isRv4kljBGUx8cXT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8675c3adaf7bbb86-FRA
expires
Mon, 10 Mar 2025 12:39:19 GMT
languages-woff2.css
static.parastorage.com/services/santa-resources/dist/viewer/user-site-fonts/v22/ Frame 7D95
89 KB
9 KB
Stylesheet
General
Full URL
https://static.parastorage.com/services/santa-resources/dist/viewer/user-site-fonts/v22/languages-woff2.css
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/js-sdk/1.425.0/js/wix.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
122a0fc9d1220f03d64fc4f890db9ad34a32bb9f674adcbf5909bbc82987583a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://statcounter.va-endpoint.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 13:03:50 GMT
x-amz-version-id
yJr_HmJk62OxNMmsuWTjqMO.qOFterjc
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
age
5006157
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
8664
x-wix-request-id
1706101430.6351427963186624923
last-modified
Mon, 22 Jan 2024 09:00:07 GMT
server
Pepyaka/1.19.10
etag
W/"175937b2597bd916e03c7aa580de9fd7"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-varnish
173044908 23795631
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
4YhO3ocT2dZj61t1l2DsdmNvlOO3aWj58YFalTtwsMSzXEbI2htLSg==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVczcu59EpmtW9m1QeKn/Zhei8ZDY613cHYLbuhNMgAom1
wixMadefor.css
static.parastorage.com/services/santa-resources/dist/viewer/user-site-fonts/v27/ Frame 7D95
13 KB
1 KB
Stylesheet
General
Full URL
https://static.parastorage.com/services/santa-resources/dist/viewer/user-site-fonts/v27/wixMadefor.css
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/js-sdk/1.425.0/js/wix.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
e902341813abfb0ecaa77cf2e3e4261cd0bb38c44b6f32c38f509736c1ba1973

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://statcounter.va-endpoint.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
1Of7B0QuJqYNaZmqbF2c.o1p7uQvWPCJ
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
date
Mon, 11 Mar 2024 03:58:43 GMT
age
910526
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
641
x-wix-request-id
1702421116.4464756531140531720
last-modified
Mon, 11 Dec 2023 14:17:46 GMT
server
Pepyaka/1.19.10
etag
W/"ca4ccd30279a4cebee78d0d192d7aa97"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-varnish
891860400 773691190
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
zGH44bAHcD_QzY6IbYtnvAZVdXLjniP9MIQ1D8POSHCYwAAb1-jF8A==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVczcu59EpmtW9m1QeKn/Zhei8ZDY613cHYLbuhNMgAom1
focus-visible.min.js
static.parastorage.com/unpkg/focus-visible@4.1.1/dist/ Frame 7D95
3 KB
1 KB
Script
General
Full URL
https://static.parastorage.com/unpkg/focus-visible@4.1.1/dist/focus-visible.min.js
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/js-sdk/1.425.0/js/wix.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
4e128ec13619825f39e42c248e64816a5d1141ad61ec74c700e46c528859f489

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://statcounter.va-endpoint.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:12:02 GMT
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
age
4861637
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
MISS
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
754
x-wix-request-id
1706076721.9721397900779218368
last-modified
Wed, 01 Nov 2023 20:24:31 GMT
server
Pepyaka/1.19.10
etag
W/"71959c3fba69003122e325b1d61ce944"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
147910588
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
BmbcGvHjDi8xAA7paIl_Peqvtsw7U-fr0ttWTRZs3JkbHr4bnNaziA==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjR6IMkIgDN3dKWLSNjYj0d,aVxMblM8KFG3we5NLvyVc2240yoD0MlMpM73djr11roeGdLDLXwpLd0CTVHPbfOd,2iuX5LYwvZa9CoGaG8ZUZomYmPgSwc4aU7J40H7VRoonyNuED/+UieZaPOkDEHk+
wix.min.js
static.parastorage.com/services/js-sdk/1.537.0/js/ Frame 4087
100 KB
23 KB
Script
General
Full URL
https://static.parastorage.com/services/js-sdk/1.537.0/js/wix.min.js
Requested by
Host: app.ardalio.com
URL: https://app.ardalio.com/WixStatsWorker?pageId=masterPage&compId=tpaWorker_37&viewerCompId=tpaWorker_37&siteRevision=612&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&endpointType=worker&instance=RJrxpMBRBm6zJu35YEtmJhSnemspwHUUXldRp2MQrmU.eyJpbnN0YW5jZUlkIjoiYzNhMTBiZjEtYTRjOC00M2E0LThmNWQtMWRmMzdlMmU1MzM1IiwiYXBwRGVmSWQiOiIxMmNhMmZkNi1hNGM5LWI5MWYtYWU2Yy05NDg2OGIyYThmMWMiLCJzaWduRGF0ZSI6IjIwMjQtMDMtMjBUMTI6Mzk6MTkuMzcwWiIsImRlbW9Nb2RlIjpmYWxzZSwiYWlkIjoiYTFjYzQ4NTctN2FjMC00ZDNkLWEzMjAtNDRlMjgyMDI3YTAxIiwic2l0ZU93bmVySWQiOiJiMzAxMGM2Yi03YzUxLTQyZjMtOTI3NS01NjM3MTgzMzBiNGUifQ&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22host%22%3A%22VIEWER%22%2C%22bsi%22%3A%228135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1%22%2C%22BSI%22%3A%228135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1%22%7D&currentRoute=.%2F&vsi=bb5501fd-a9ef-4173-8c16-ef8ba716f600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
365c579b5f25a1b0157ae3ec0a4849dc364d141a641c5e3aa3a8267286b8aae5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 10:48:57 GMT
x-amz-version-id
ys3LzRDsOQzzQWt5vTQtKJmH6kA1.Q2c
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
age
6044918
x-amz-cf-pop
FRA50-C1
x-cache-status
HIT
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
22871
x-wix-request-id
1704970137.62315227005315653
last-modified
Wed, 29 Jul 2020 09:34:49 GMT
server
Pepyaka/1.19.10
etag
W/"7712dcae0e50b7d91fac1fd1dffe0568"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
48308766 1032728745
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
e6_Azt7W7O-Mg1vDOvhuDFDqpBRbbLoWq37C-RCnmUdpzRbAjsWpGw==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciuywJq1k3i9boDUht6MLw5,aVxMblM8KFG3we5NLvyVczcu59EpmtW9m1QeKn/Zhei8ZDY613cHYLbuhNMgAom1
wix.min.js
static.parastorage.com/services/js-sdk/1.1120.0/js/ Frame 6035
103 KB
26 KB
Script
General
Full URL
https://static.parastorage.com/services/js-sdk/1.1120.0/js/wix.min.js
Requested by
Host: app.ardalio.com
URL: https://app.ardalio.com/WixStatsWidget?pageId=ebzd6&compId=comp-kirnxogj&viewerCompId=comp-kirnxogj&siteRevision=612&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&width=169&height=58&instance=RJrxpMBRBm6zJu35YEtmJhSnemspwHUUXldRp2MQrmU.eyJpbnN0YW5jZUlkIjoiYzNhMTBiZjEtYTRjOC00M2E0LThmNWQtMWRmMzdlMmU1MzM1IiwiYXBwRGVmSWQiOiIxMmNhMmZkNi1hNGM5LWI5MWYtYWU2Yy05NDg2OGIyYThmMWMiLCJzaWduRGF0ZSI6IjIwMjQtMDMtMjBUMTI6Mzk6MTkuMzcwWiIsImRlbW9Nb2RlIjpmYWxzZSwiYWlkIjoiYTFjYzQ4NTctN2FjMC00ZDNkLWEzMjAtNDRlMjgyMDI3YTAxIiwic2l0ZU93bmVySWQiOiJiMzAxMGM2Yi03YzUxLTQyZjMtOTI3NS01NjM3MTgzMzBiNGUifQ&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22host%22%3A%22VIEWER%22%2C%22bsi%22%3A%228135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1%22%2C%22BSI%22%3A%228135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1%22%7D&currentRoute=.%2F&vsi=bb5501fd-a9ef-4173-8c16-ef8ba716f600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
754c04a56f230ee5b7f6708b1aa6aa3bc1bb13315e6c01c44617a09ccf88f2b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
U1a_9IlZszJmw.t1OZKen4V0rV__6mXD
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
date
Sat, 02 Mar 2024 20:16:59 GMT
age
1527740
x-amz-cf-pop
FRA50-C1
x-cache-status
HIT
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
25620
x-wix-request-id
1701634991.93535538885417116244
last-modified
Wed, 27 Apr 2022 08:12:24 GMT
server
Pepyaka/1.19.10
etag
W/"f02c9d20c5d6b8e3fe93b0314df1dcee"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
998210574 166357614
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
Dwd4v1R5ijzSA6XB1Idul5SvGzPEiM2rc4ICBd1CvfNYJ8xn9Dlv1g==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciuywJq1k3i9boDUht6MLw5,aVxMblM8KFG3we5NLvyVc7BqDNFHAXxDhnSr3nbzCBC8ZDY613cHYLbuhNMgAom1
languages-woff2.css
static.parastorage.com/services/santa-resources/dist/viewer/user-site-fonts/v22/ Frame D239
89 KB
9 KB
Stylesheet
General
Full URL
https://static.parastorage.com/services/santa-resources/dist/viewer/user-site-fonts/v22/languages-woff2.css
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/js-sdk/1.537.0/js/wix.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
122a0fc9d1220f03d64fc4f890db9ad34a32bb9f674adcbf5909bbc82987583a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 13:03:50 GMT
x-amz-version-id
yJr_HmJk62OxNMmsuWTjqMO.qOFterjc
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
age
5006158
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
8664
x-wix-request-id
1706101430.6351427963186624923
last-modified
Mon, 22 Jan 2024 09:00:07 GMT
server
Pepyaka/1.19.10
etag
W/"175937b2597bd916e03c7aa580de9fd7"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-varnish
173044908 23795631
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
r79UuCEYq9GwIwwQtwQqeCiBslLjq6-9SkUt16BXAWrdqqLAVIdKgw==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVczcu59EpmtW9m1QeKn/Zhei8ZDY613cHYLbuhNMgAom1
wixMadefor.css
static.parastorage.com/services/santa-resources/dist/viewer/user-site-fonts/v27/ Frame D239
13 KB
1 KB
Stylesheet
General
Full URL
https://static.parastorage.com/services/santa-resources/dist/viewer/user-site-fonts/v27/wixMadefor.css
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/js-sdk/1.537.0/js/wix.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
e902341813abfb0ecaa77cf2e3e4261cd0bb38c44b6f32c38f509736c1ba1973

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
1Of7B0QuJqYNaZmqbF2c.o1p7uQvWPCJ
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
date
Mon, 11 Mar 2024 03:58:43 GMT
age
910527
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
641
x-wix-request-id
1702421116.4464756531140531720
last-modified
Mon, 11 Dec 2023 14:17:46 GMT
server
Pepyaka/1.19.10
etag
W/"ca4ccd30279a4cebee78d0d192d7aa97"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-varnish
891860400 773691190
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
g2ymBo6ff6LLDbTz2fITdY4-K7xqFEM-VidzZ_u0MJen0WSIOSHP0Q==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVczcu59EpmtW9m1QeKn/Zhei8ZDY613cHYLbuhNMgAom1
focus-visible.min.js
static.parastorage.com/unpkg/focus-visible@4.1.1/dist/ Frame D239
3 KB
1 KB
Script
General
Full URL
https://static.parastorage.com/unpkg/focus-visible@4.1.1/dist/focus-visible.min.js
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/js-sdk/1.537.0/js/wix.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
4e128ec13619825f39e42c248e64816a5d1141ad61ec74c700e46c528859f489

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:12:02 GMT
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
age
4861638
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
MISS
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
754
x-wix-request-id
1706076721.9721397900779218368
last-modified
Wed, 01 Nov 2023 20:24:31 GMT
server
Pepyaka/1.19.10
etag
W/"71959c3fba69003122e325b1d61ce944"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
147910588
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
IALsS45_lA_Syut0zoxoMUgB8l9er5cWVdThSmaoYyGiSHmjycnfbw==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjR6IMkIgDN3dKWLSNjYj0d,aVxMblM8KFG3we5NLvyVc2240yoD0MlMpM73djr11roeGdLDLXwpLd0CTVHPbfOd,2iuX5LYwvZa9CoGaG8ZUZomYmPgSwc4aU7J40H7VRoonyNuED/+UieZaPOkDEHk+
settings
visits.visitor-analytics.io/api/wix/websites/26953e00-7ffb-44f3-8709-9bd66c157a82/ Frame D239
112 B
845 B
XHR
General
Full URL
https://visits.visitor-analytics.io/api/wix/websites/26953e00-7ffb-44f3-8709-9bd66c157a82/settings
Requested by
Host: loadbalancer.visitor-analytics.io
URL: https://loadbalancer.visitor-analytics.io/worker?pageId=masterPage&compId=tpaWorker_36&viewerCompId=tpaWorker_36&siteRevision=612&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&endpointType=worker&instance=TmSzHVhDLY_ViofBCbcYqLlS-EDoaDNcc1F3MHdU2Dg.eyJpbnN0YW5jZUlkIjoiMjY5NTNlMDAtN2ZmYi00NGYzLTg3MDktOWJkNjZjMTU3YTgyIiwiYXBwRGVmSWQiOiIxM2VlNTNiNC0yMzQzLWI2NDEtYzg0ZC0wNTZkMmU2ZWQyZTYiLCJzaWduRGF0ZSI6IjIwMjQtMDMtMjBUMTI6Mzk6MTkuMzcwWiIsImRlbW9Nb2RlIjpmYWxzZSwiYWlkIjoiYTFjYzQ4NTctN2FjMC00ZDNkLWEzMjAtNDRlMjgyMDI3YTAxIiwic2l0ZU93bmVySWQiOiJiMzAxMGM2Yi03YzUxLTQyZjMtOTI3NS01NjM3MTgzMzBiNGUifQ&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22host%22%3A%22VIEWER%22%2C%22bsi%22%3A%228135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1%22%2C%22BSI%22%3A%228135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1%22%7D&currentRoute=.%2F&vsi=bb5501fd-a9ef-4173-8c16-ef8ba716f600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:1c1f:660e::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
istio-envoy /
Resource Hash
b3f3858170462b72bab278dd507f46116342803ead6067131db2bfe9c57fd358
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
date
Wed, 20 Mar 2024 12:39:20 GMT
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-envoy-upstream-service-time
12
content-length
112
x-xss-protection
0
referrer-policy
no-referrer
server
istio-envoy
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Origin
x-download-options
noopen
access-control-allow-origin
https://loadbalancer.visitor-analytics.io
content-type
application/json; charset=utf-8
main.js
app.ardalio.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/ Frame 93CF
Redirect Chain
  • https://app.ardalio.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://app.ardalio.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js
8 KB
4 KB
Script
General
Full URL
https://app.ardalio.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js
Requested by
Host: app.ardalio.com
URL: https://app.ardalio.com/WixStatsWorker?pageId=masterPage&compId=tpaWorker_37&viewerCompId=tpaWorker_37&siteRevision=612&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&endpointType=worker&instance=RJrxpMBRBm6zJu35YEtmJhSnemspwHUUXldRp2MQrmU.eyJpbnN0YW5jZUlkIjoiYzNhMTBiZjEtYTRjOC00M2E0LThmNWQtMWRmMzdlMmU1MzM1IiwiYXBwRGVmSWQiOiIxMmNhMmZkNi1hNGM5LWI5MWYtYWU2Yy05NDg2OGIyYThmMWMiLCJzaWduRGF0ZSI6IjIwMjQtMDMtMjBUMTI6Mzk6MTkuMzcwWiIsImRlbW9Nb2RlIjpmYWxzZSwiYWlkIjoiYTFjYzQ4NTctN2FjMC00ZDNkLWEzMjAtNDRlMjgyMDI3YTAxIiwic2l0ZU93bmVySWQiOiJiMzAxMGM2Yi03YzUxLTQyZjMtOTI3NS01NjM3MTgzMzBiNGUifQ&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22host%22%3A%22VIEWER%22%2C%22bsi%22%3A%228135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1%22%2C%22BSI%22%3A%228135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1%22%7D&currentRoute=.%2F&vsi=bb5501fd-a9ef-4173-8c16-ef8ba716f600
Protocol
H3
Server
2606:4700:20::ac43:4890 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59266fccedc48598f7e5b755650983af35b9e6173096bf4aa793eb0f100e5f2e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 12:39:20 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gAHhrO%2FcDcJ%2FdeJNy1kQCnmiPJePo2wrAiA0BR%2FAkmUpLEEsfTdHMfF%2F9fLaSczxUiD4NpRkMj4GtkUnYTW%2FJlPbbMGjXeNPKFzekNSMK%2BlUt%2FjtlDfLHexjSydhpsneTmV401U9%2BNULYBezow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8675c3b0286735fe-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 20 Mar 2024 12:39:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=73vVUDYNay27o75NncBRxpOTUqakaIgwiKx%2BvBX1ojlh9tmL4i9W2FCYX%2FM0DWFuN3%2Fv7xWSUfT4k9bvMYghQWYPlQN7Ik91E1e8cEtnkhMHoJckEuoZmb3XEBEbyXLxzt8w2drfBS4Ts3ETjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js
cache-control
max-age=300, public
cf-ray
8675c3aff88565c9-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
languages-woff2.css
static.parastorage.com/services/santa-resources/dist/viewer/user-site-fonts/v22/ Frame 4087
89 KB
9 KB
Stylesheet
General
Full URL
https://static.parastorage.com/services/santa-resources/dist/viewer/user-site-fonts/v22/languages-woff2.css
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/js-sdk/1.537.0/js/wix.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
122a0fc9d1220f03d64fc4f890db9ad34a32bb9f674adcbf5909bbc82987583a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 13:03:50 GMT
x-amz-version-id
yJr_HmJk62OxNMmsuWTjqMO.qOFterjc
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
age
5006158
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
8664
x-wix-request-id
1706101430.6351427963186624923
last-modified
Mon, 22 Jan 2024 09:00:07 GMT
server
Pepyaka/1.19.10
etag
W/"175937b2597bd916e03c7aa580de9fd7"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-varnish
173044908 23795631
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
OAACfXgsXYrW31DCxeZRJsUassu2F22QQKa6nYZXuWJ_EwWUglithw==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVczcu59EpmtW9m1QeKn/Zhei8ZDY613cHYLbuhNMgAom1
wixMadefor.css
static.parastorage.com/services/santa-resources/dist/viewer/user-site-fonts/v27/ Frame 4087
13 KB
1 KB
Stylesheet
General
Full URL
https://static.parastorage.com/services/santa-resources/dist/viewer/user-site-fonts/v27/wixMadefor.css
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/js-sdk/1.537.0/js/wix.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
e902341813abfb0ecaa77cf2e3e4261cd0bb38c44b6f32c38f509736c1ba1973

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
1Of7B0QuJqYNaZmqbF2c.o1p7uQvWPCJ
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
date
Mon, 11 Mar 2024 03:58:43 GMT
age
910527
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
641
x-wix-request-id
1702421116.4464756531140531720
last-modified
Mon, 11 Dec 2023 14:17:46 GMT
server
Pepyaka/1.19.10
etag
W/"ca4ccd30279a4cebee78d0d192d7aa97"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-varnish
891860400 773691190
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
LrQCsCZvqDg2GFVgSCb-0P4b0NzQdsnJYtqD--8XHya2FfiOqERP8g==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVczcu59EpmtW9m1QeKn/Zhei8ZDY613cHYLbuhNMgAom1
focus-visible.min.js
static.parastorage.com/unpkg/focus-visible@4.1.1/dist/ Frame 4087
3 KB
1 KB
Script
General
Full URL
https://static.parastorage.com/unpkg/focus-visible@4.1.1/dist/focus-visible.min.js
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/js-sdk/1.537.0/js/wix.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
4e128ec13619825f39e42c248e64816a5d1141ad61ec74c700e46c528859f489

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:12:02 GMT
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
age
4861638
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
MISS
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
754
x-wix-request-id
1706076721.9721397900779218368
last-modified
Wed, 01 Nov 2023 20:24:31 GMT
server
Pepyaka/1.19.10
etag
W/"71959c3fba69003122e325b1d61ce944"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
147910588
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
4pmTiH8Cq4P5dog9eQpbeGrhe5elp26oUCgZdNhzrbWmW2rLAfka5w==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjR6IMkIgDN3dKWLSNjYj0d,aVxMblM8KFG3we5NLvyVc2240yoD0MlMpM73djr11roeGdLDLXwpLd0CTVHPbfOd,2iuX5LYwvZa9CoGaG8ZUZomYmPgSwc4aU7J40H7VRoonyNuED/+UieZaPOkDEHk+
main.js
app.ardalio.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/ Frame 5873
Redirect Chain
  • https://app.ardalio.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://app.ardalio.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js
8 KB
4 KB
Script
General
Full URL
https://app.ardalio.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js
Requested by
Host: app.ardalio.com
URL: https://app.ardalio.com/WixStatsWidget?pageId=ebzd6&compId=comp-kirnxogj&viewerCompId=comp-kirnxogj&siteRevision=612&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&width=169&height=58&instance=RJrxpMBRBm6zJu35YEtmJhSnemspwHUUXldRp2MQrmU.eyJpbnN0YW5jZUlkIjoiYzNhMTBiZjEtYTRjOC00M2E0LThmNWQtMWRmMzdlMmU1MzM1IiwiYXBwRGVmSWQiOiIxMmNhMmZkNi1hNGM5LWI5MWYtYWU2Yy05NDg2OGIyYThmMWMiLCJzaWduRGF0ZSI6IjIwMjQtMDMtMjBUMTI6Mzk6MTkuMzcwWiIsImRlbW9Nb2RlIjpmYWxzZSwiYWlkIjoiYTFjYzQ4NTctN2FjMC00ZDNkLWEzMjAtNDRlMjgyMDI3YTAxIiwic2l0ZU93bmVySWQiOiJiMzAxMGM2Yi03YzUxLTQyZjMtOTI3NS01NjM3MTgzMzBiNGUifQ&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22host%22%3A%22VIEWER%22%2C%22bsi%22%3A%228135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1%22%2C%22BSI%22%3A%228135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1%22%7D&currentRoute=.%2F&vsi=bb5501fd-a9ef-4173-8c16-ef8ba716f600
Protocol
H3
Server
2606:4700:20::ac43:4890 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9101c5b0efb5a0aa50caf24d17361a3120742ecbf6990aaf81fa70db28f51f97
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 12:39:20 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W7HF40vqkC7jYl%2Bwlz%2BDNMQVBUCt%2BK3mLpz2rR9s9fm4LZpRl4wb62isNKJHCccG2yqfNOt8Jfkly6hWy4CPpIoReydN7%2BkceM6J8%2Fp1PxOrv7%2Fspx3Sy6qJnLN6RezkMCREoLe5HlcY89yHdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8675c3b0286b35fe-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 20 Mar 2024 12:39:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BALx5EgHiugDe9B%2FqeEBQ2Ccjb2NBzz%2FIVqrbrfENRpM9xmKC1Ds0EWoBtrFt2Me%2BUXxjexbEtNxg8M7A3mZtTRWPEjiIGuoSv%2B%2B1vv%2F6jEURsr6R99X7RrF67IzZbqQQjTCrDtyVBE2B27WWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
8675c3aff88765c9-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
languages-woff2.css
static.parastorage.com/services/santa-resources/dist/viewer/user-site-fonts/v22/ Frame 6035
89 KB
9 KB
Stylesheet
General
Full URL
https://static.parastorage.com/services/santa-resources/dist/viewer/user-site-fonts/v22/languages-woff2.css
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/js-sdk/1.1120.0/js/wix.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
122a0fc9d1220f03d64fc4f890db9ad34a32bb9f674adcbf5909bbc82987583a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 13:03:50 GMT
x-amz-version-id
yJr_HmJk62OxNMmsuWTjqMO.qOFterjc
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
age
5006158
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
8664
x-wix-request-id
1706101430.6351427963186624923
last-modified
Mon, 22 Jan 2024 09:00:07 GMT
server
Pepyaka/1.19.10
etag
W/"175937b2597bd916e03c7aa580de9fd7"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-varnish
173044908 23795631
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
e4hqNAls8SPhaW-R1RK1Sw9OYncipzk__8xcrtgvcHwr0Ub2TboG7Q==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVczcu59EpmtW9m1QeKn/Zhei8ZDY613cHYLbuhNMgAom1
wixMadefor.css
static.parastorage.com/services/santa-resources/dist/viewer/user-site-fonts/v27/ Frame 6035
13 KB
1 KB
Stylesheet
General
Full URL
https://static.parastorage.com/services/santa-resources/dist/viewer/user-site-fonts/v27/wixMadefor.css
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/js-sdk/1.1120.0/js/wix.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
e902341813abfb0ecaa77cf2e3e4261cd0bb38c44b6f32c38f509736c1ba1973

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
1Of7B0QuJqYNaZmqbF2c.o1p7uQvWPCJ
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
date
Mon, 11 Mar 2024 03:58:43 GMT
age
910527
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
content-length
641
x-wix-request-id
1702421116.4464756531140531720
last-modified
Mon, 11 Dec 2023 14:17:46 GMT
server
Pepyaka/1.19.10
etag
W/"ca4ccd30279a4cebee78d0d192d7aa97"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-varnish
891860400 773691190
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
OwblINcD2L1uNkVR89i6W-J7M5S1Wuu2J6eI8FfzzmF3po97bCh7hg==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVczcu59EpmtW9m1QeKn/Zhei8ZDY613cHYLbuhNMgAom1
focus-visible.min.js
static.parastorage.com/unpkg/focus-visible@4.1.1/dist/ Frame 6035
3 KB
1 KB
Script
General
Full URL
https://static.parastorage.com/unpkg/focus-visible@4.1.1/dist/focus-visible.min.js
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/js-sdk/1.1120.0/js/wix.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2156:2600:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
4e128ec13619825f39e42c248e64816a5d1141ad61ec74c700e46c528859f489

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:12:02 GMT
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
age
4861638
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache-status
MISS
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
754
x-wix-request-id
1706076721.9721397900779218368
last-modified
Wed, 01 Nov 2023 20:24:31 GMT
server
Pepyaka/1.19.10
etag
W/"71959c3fba69003122e325b1d61ce944"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
x-varnish
147910588
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id
GNH_JCe-Uv4xL1MOGm7RR3TaqGFK7GUsOJGK2xh6s6iUZCVVZgy5yg==
x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjR6IMkIgDN3dKWLSNjYj0d,aVxMblM8KFG3we5NLvyVc2240yoD0MlMpM73djr11roeGdLDLXwpLd0CTVHPbfOd,2iuX5LYwvZa9CoGaG8ZUZomYmPgSwc4aU7J40H7VRoonyNuED/+UieZaPOkDEHk+
log7.js
app.ardalio.com/ Frame 4087
18 KB
5 KB
Script
General
Full URL
https://app.ardalio.com/log7.js
Requested by
Host: app.ardalio.com
URL: https://app.ardalio.com/WixStatsWorker?pageId=masterPage&compId=tpaWorker_37&viewerCompId=tpaWorker_37&siteRevision=612&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&endpointType=worker&instance=RJrxpMBRBm6zJu35YEtmJhSnemspwHUUXldRp2MQrmU.eyJpbnN0YW5jZUlkIjoiYzNhMTBiZjEtYTRjOC00M2E0LThmNWQtMWRmMzdlMmU1MzM1IiwiYXBwRGVmSWQiOiIxMmNhMmZkNi1hNGM5LWI5MWYtYWU2Yy05NDg2OGIyYThmMWMiLCJzaWduRGF0ZSI6IjIwMjQtMDMtMjBUMTI6Mzk6MTkuMzcwWiIsImRlbW9Nb2RlIjpmYWxzZSwiYWlkIjoiYTFjYzQ4NTctN2FjMC00ZDNkLWEzMjAtNDRlMjgyMDI3YTAxIiwic2l0ZU93bmVySWQiOiJiMzAxMGM2Yi03YzUxLTQyZjMtOTI3NS01NjM3MTgzMzBiNGUifQ&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22host%22%3A%22VIEWER%22%2C%22bsi%22%3A%228135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1%22%2C%22BSI%22%3A%228135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1%22%7D&currentRoute=.%2F&vsi=bb5501fd-a9ef-4173-8c16-ef8ba716f600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4890 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e40f8628ff91d0ce48797958656cc78f1f17917746921ca9d6359bfbf2ea066
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 12:39:20 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
293
cf-polished
origSize=18060
alt-svc
h3=":443"; ma=86400
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Thu, 14 Mar 2024 15:20:42 GMT
server
cloudflare
etag
W/"468c-613a06f482d32-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tZQMRvYKMJSxcKgk08asF0AmSNDWZITbdfWuBHP43o47d8PfhyVv%2FUQ%2FHFS7crmuPAZX7VuNphEepsdPPeOePh%2FXW%2FG7yYSSVSKuhldRtGHtg%2Fg%2BvDiCwRjyVqjjgx2knkY6SmvTdaJnPXvQhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=691200, must-revalidate
cf-ray
8675c3aff88965c9-FRA
log7.js
app.ardalio.com/ Frame 6035
18 KB
5 KB
Script
General
Full URL
https://app.ardalio.com/log7.js
Requested by
Host: app.ardalio.com
URL: https://app.ardalio.com/WixStatsWidget?pageId=ebzd6&compId=comp-kirnxogj&viewerCompId=comp-kirnxogj&siteRevision=612&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&width=169&height=58&instance=RJrxpMBRBm6zJu35YEtmJhSnemspwHUUXldRp2MQrmU.eyJpbnN0YW5jZUlkIjoiYzNhMTBiZjEtYTRjOC00M2E0LThmNWQtMWRmMzdlMmU1MzM1IiwiYXBwRGVmSWQiOiIxMmNhMmZkNi1hNGM5LWI5MWYtYWU2Yy05NDg2OGIyYThmMWMiLCJzaWduRGF0ZSI6IjIwMjQtMDMtMjBUMTI6Mzk6MTkuMzcwWiIsImRlbW9Nb2RlIjpmYWxzZSwiYWlkIjoiYTFjYzQ4NTctN2FjMC00ZDNkLWEzMjAtNDRlMjgyMDI3YTAxIiwic2l0ZU93bmVySWQiOiJiMzAxMGM2Yi03YzUxLTQyZjMtOTI3NS01NjM3MTgzMzBiNGUifQ&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22host%22%3A%22VIEWER%22%2C%22bsi%22%3A%228135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1%22%2C%22BSI%22%3A%228135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1%22%7D&currentRoute=.%2F&vsi=bb5501fd-a9ef-4173-8c16-ef8ba716f600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4890 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e40f8628ff91d0ce48797958656cc78f1f17917746921ca9d6359bfbf2ea066
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 12:39:20 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
293
cf-polished
origSize=18060
alt-svc
h3=":443"; ma=86400
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Thu, 14 Mar 2024 15:20:42 GMT
server
cloudflare
etag
W/"468c-613a06f482d32-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3xMa%2FeHQ4U%2B2E2omwdHJiAlSNx2vKiHQYBSw3u2xDtydrzs%2F0GmE1eaegKyPzfKxFJx3I2Gzk%2FGV2FfWNOMLITjB1e7ET8TxECqhzml2HuyCwJyh8VHArjocGJnEsLW%2F6j8wgW3qf2FlZXlXIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=691200, must-revalidate
cf-ray
8675c3aff88a65c9-FRA
pulse
frog.wix.com/
0
264 B
Ping
General
Full URL
https://frog.wix.com/pulse
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/main.89e8f6cc.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.22.145.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-145-71.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarialeufffoundation.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.themarialeufffoundation.com
date
Wed, 20 Mar 2024 12:39:20 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST
bpm
frog.wix.com/
0
264 B
Ping
General
Full URL
https://frog.wix.com/bpm
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/main.89e8f6cc.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.22.145.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-145-71.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarialeufffoundation.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.themarialeufffoundation.com
date
Wed, 20 Mar 2024 12:39:20 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST
LogServer
app.ardalio.com/ Frame 4087
1 KB
1 KB
Fetch
General
Full URL
https://app.ardalio.com/LogServer
Requested by
Host: app.ardalio.com
URL: https://app.ardalio.com/log7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4890 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f1bb1b88a071f246c950238e7224757ed8ea5f8dfa0a3f350fdea0dfbf4f966
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 20 Mar 2024 12:39:20 GMT
strict-transport-security
max-age=63072000; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
Accept-Encoding
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c5thBRkkC0YkCfCj2wJkPqb2Taoln6MjPB57eleUzWGsx9%2BjtDDmvz2nyasVpd4TvzBna1LQu6iNUFAZpAcRWXdfO0G9L9%2BjQSkMu2a247UAwRqZV1uC%2F1AbM1Cz21dNACBaD4I%2BUHSCxSrrCg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8675c3b0287735fe-FRA
access-control-allow-headers
Content-Type
alt-svc
h3=":443"; ma=86400
LogServer
app.ardalio.com/ Frame 6035
2 KB
2 KB
Fetch
General
Full URL
https://app.ardalio.com/LogServer
Requested by
Host: app.ardalio.com
URL: https://app.ardalio.com/log7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4890 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15d3ee9e4f3f4c9050ce8b4dc4f39e2d9fde108a2325eb86d2e203b562393ceb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 20 Mar 2024 12:39:20 GMT
strict-transport-security
max-age=63072000; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
Accept-Encoding
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JhUevY4PXhJT5ble1MsblfFYXx%2By6e%2FobNo1QQHf4L%2FkkrpsE2baodRS8AeA2DIqyY61pfHdSXBrJyFJ8VF%2FeZFtvWXRSjD2R76X%2BBmlRtJbV5qvsKd5jhkTz2dcs5BRGfixlYWZCF3XNnCstg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8675c3b0287835fe-FRA
access-control-allow-headers
Content-Type
alt-svc
h3=":443"; ma=86400
8675c3acec2065c9
app.ardalio.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 93CF
0
603 B
XHR
General
Full URL
https://app.ardalio.com/cdn-cgi/challenge-platform/h/g/jsd/r/8675c3acec2065c9
Requested by
Host: app.ardalio.com
URL: https://app.ardalio.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4890 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Mar 2024 12:39:20 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vVd5nhSj77ox4Ap3tnTMlD4hgLgCurGr%2FCvp1Hz8PL925iVZMxefDurVbeI5HzUco5zqqNRg2E%2FBgFl1fGmDIwms46ZFbB%2B2VHXIZCX%2BDZ%2ByZwE%2BtxIlIjQrCAvtmFvFrBtVBplXu0vDpCtSQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8675c3b0b92935fe-FRA
alt-svc
h3=":443"; ma=86400
8675c3acec1d65c9
app.ardalio.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 5873
0
599 B
XHR
General
Full URL
https://app.ardalio.com/cdn-cgi/challenge-platform/h/g/jsd/r/8675c3acec1d65c9
Requested by
Host: app.ardalio.com
URL: https://app.ardalio.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4890 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Mar 2024 12:39:20 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gwXqGrHH0oqAiinmpctjWqZoapqN9V42zwxwJHYWUJTdZWH1vXEeopyK7Qc1y0yn%2FyhGqC6Np%2B5Pewy67zj%2FLlvSamWwaQnOxlz4HL1RhRDIZNNAXuqfSEKF%2FtGbmNSesx16uea7rYnc6KNpZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8675c3b1099735fe-FRA
alt-svc
h3=":443"; ma=86400
worker-log
visits.visitor-analytics.io/ Frame D239
182 B
919 B
XHR
General
Full URL
https://visits.visitor-analytics.io/worker-log
Requested by
Host: loadbalancer.visitor-analytics.io
URL: https://loadbalancer.visitor-analytics.io/worker?pageId=masterPage&compId=tpaWorker_36&viewerCompId=tpaWorker_36&siteRevision=612&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&endpointType=worker&instance=TmSzHVhDLY_ViofBCbcYqLlS-EDoaDNcc1F3MHdU2Dg.eyJpbnN0YW5jZUlkIjoiMjY5NTNlMDAtN2ZmYi00NGYzLTg3MDktOWJkNjZjMTU3YTgyIiwiYXBwRGVmSWQiOiIxM2VlNTNiNC0yMzQzLWI2NDEtYzg0ZC0wNTZkMmU2ZWQyZTYiLCJzaWduRGF0ZSI6IjIwMjQtMDMtMjBUMTI6Mzk6MTkuMzcwWiIsImRlbW9Nb2RlIjpmYWxzZSwiYWlkIjoiYTFjYzQ4NTctN2FjMC00ZDNkLWEzMjAtNDRlMjgyMDI3YTAxIiwic2l0ZU93bmVySWQiOiJiMzAxMGM2Yi03YzUxLTQyZjMtOTI3NS01NjM3MTgzMzBiNGUifQ&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22host%22%3A%22VIEWER%22%2C%22bsi%22%3A%228135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1%22%2C%22BSI%22%3A%228135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1%22%7D&currentRoute=.%2F&vsi=bb5501fd-a9ef-4173-8c16-ef8ba716f600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:1c1f:660e::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
istio-envoy /
Resource Hash
7e352cbdcf5b85075d02666de9efd8d36ad30669dac286f5e87a2bcd49bdf1f7
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
date
Wed, 20 Mar 2024 12:39:20 GMT
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-envoy-upstream-service-time
130
content-length
182
x-xss-protection
0
referrer-policy
no-referrer
server
istio-envoy
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Origin
x-download-options
noopen
access-control-allow-origin
https://loadbalancer.visitor-analytics.io
content-type
application/json; charset=utf-8
bpm
frog.wix.com/
0
264 B
Ping
General
Full URL
https://frog.wix.com/bpm?_msid=e46a0cb6-e7fa-4131-81b4-94bdc8636288&vsi=bb5501fd-a9ef-4173-8c16-ef8ba716f600&_av=thunderbolt-1.13753.0&isb=true&isbr=plugins-extra&ts=2511&tsn=2874&dc=84&microPop=fastly_84_g&caching=hit%2Chit_miss&session_id=bb7de689-e7c6-42ac-b949-5089c70a05ad&st=2&url=https%3A%2F%2Fwww.themarialeufffoundation.com%2F%23ce&ish=true&pn=1&isFirstNavigation=true&pv=true&pageId=ebzd6&isServerSide=false&isSuccessfulSSR=true&is_lightbox=false&is_cached=true&is_sav_rollout=0&is_dac_rollout=0&v=1.13753.0&_brandId=wix&_siteBranchId=undefined&_ms=2874&_isHeadless=undefined&_hostingPlatform=VIEWER&_lv=2.0.985%7CC&_mt_instance=S4DYH_Ricxzv9hX0Etg2IiChCnmmk0Is5zSLQDWAxOk.eyJpbnN0YW5jZUlkIjoiZTQ2YTBjYjYtZTdmYS00MTMxLTgxYjQtOTRiZGM4NjM2Mjg4IiwiYXBwRGVmSWQiOiIyMmJlZjM0NS0zYzViLTRjMTgtYjc4Mi03NGQ0MDg1MTEyZmYiLCJtZXRhU2l0ZUlkIjoiZTQ2YTBjYjYtZTdmYS00MTMxLTgxYjQtOTRiZGM4NjM2Mjg4Iiwic2lnbkRhdGUiOiIyMDI0LTAzLTIwVDEyOjM5OjE5LjM3MFoiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6ImExY2M0ODU3LTdhYzAtNGQzZC1hMzIwLTQ0ZTI4MjAyN2EwMSIsInNpdGVPd25lcklkIjoiYjMwMTBjNmItN2M1MS00MmYzLTkyNzUtNTYzNzE4MzMwYjRlIn0&_visitorId=undefined&_siteMemberId=undefined&src=72&evid=502&_=17109383618375&tti=383&tbt=0&iframes=4&screens=1&entryType=loaded&lcp=383&lcpSize=8118&closestId=comp-kimiss52&lcpTag=P&lcpFontClass=font_7&lcpInLightbox=false&countScripts=42&startTimeScripts=479&durationScripts=340&mttfbScripts=27&attfbScripts=30&cssResourcesScripts=&tbdScripts=422562&countImages=1&startTimeImages=636&durationImages=2&mttfbImages=186&attfbImages=186&cssResourcesImages=&tbdImages=4664&countFonts=0&duration=672&ttlb=382&dcl=519&transferSize=71004&decodedBodySize=292710&pageCaching=maybe%20CDN&isSsr=true&isWelcome=false&btype=plugins-extra&bsi=8135e94c-4b13-4f3e-853b-35f40a6de6d1%7C1&ssrDuration=444&ssrTimestamp=1710932186664&isRollout=false&isPlatformLoaded=false&maybeBot=true&cls=0&countCls=0&clsOld=0&clientType=ugc&analytics=true&_isca=1&_iscf=1&_ispd=0&_ise=1
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/main.89e8f6cc.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.22.145.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-145-71.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.themarialeufffoundation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin
https://www.themarialeufffoundation.com
date
Wed, 20 Mar 2024 12:39:21 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST
bpm
frog.wix.com/
0
264 B
Ping
General
Full URL
https://frog.wix.com/bpm
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/main.89e8f6cc.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.22.145.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-145-71.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.themarialeufffoundation.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.themarialeufffoundation.com
date
Wed, 20 Mar 2024 12:39:22 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| initialTimestamps string| thunderboltTag string| thunderboltVersion object| fedops function| e function| r object| viewerModel function| fetchDynamicModel object| dynamicModelPromise object| commonConfig boolean| bodyCacheable object| exclusionReason object| ssrInfo object| webpackJsonp__wix_thunderbolt_app object| fastdom object| customElementNamespace object| wixCustomElements object| __imageClientApi__ object| Sentry function| resolveExternalsRegistryPromise function| resolveExternalsRegistryModule object| externalsRegistry object| ReactDOM object| reactDOMReference object| React object| reactReference object| reactAndReactDOMLoaded function| _addWindowMessageHandler boolean| clientSideRender object| bi string| firstPageId function| _ object| longTasksPerformanceApi object| wixPerformanceMeasurements object| wix-perf-measure object| consentPolicyManager object| wixEmbedsAPI object| wixTagManager object| wixDevelopersAnalytics object| gsapVersions object| rb_wixui.thunderbolt_bootstrap-classic object| rb_wixui.thunderbolt[SkipToContentButton] object| rb_wixui.thunderbolt[ClassicSection] object| rb_wixui.thunderbolt_bootstrap

7 Cookies

Domain/Path Name / Value
www.themarialeufffoundation.com/ Name: ssr-caching
Value: cache#desc=hit#varnish=hit_miss#dc#desc=fastly_84_g
.www.themarialeufffoundation.com/ Name: hs
Value: -1499291946
.www.themarialeufffoundation.com/ Name: svSession
Value: 411da9b9664aa457cb739bdec2e0dd2f13db600cdd41bda9d4f96b6564212bef113a4956e10d7809409ef9a01fef28d41e60994d53964e647acf431e4f798bcd5b449b846d15f93de4b68a4698ada36f763e38b4ac76fe5a4554ab669abf957a49baabe5cd506a2e7d46de8951b08a2c4917d5a424c065733e06c61c20d7b7d68c9953cb781c18108c533b81162b1a8d
.www.themarialeufffoundation.com/ Name: XSRF-TOKEN
Value: 1710938359|2t7uvnsDUiRr
.www.themarialeufffoundation.com/ Name: bSession
Value: 8135e94c-4b13-4f3e-853b-35f40a6de6d1|1
.panorama.wixapps.net/ Name: XSRF-TOKEN
Value: 1710938360|TP3-1qNAoR8v
.ardalio.com/ Name: cf_clearance
Value: Dbbhslr8OaP2bFlGcg7NonW..Z5QE4fMPL9ruiCJgbo-1710938360-1.0.1.1-ueDPSm_KbG8ldR0uEIVfAwdHhwftuC2WSSW3468fvkh9.ymOWbLhVVel0N21ccp0UXuMVQFlxp6Li6PQ0uB2Mg

4 Console Messages

Source Level URL
Text
other warning URL: https://www.themarialeufffoundation.com/#ce(Line 290)
Message:
Unrecognized feature: 'vr'.
other warning URL: https://www.themarialeufffoundation.com/#ce
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.themarialeufffoundation.com/#ce
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.themarialeufffoundation.com/#ce
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.ardalio.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
frog.wix.com
loadbalancer.visitor-analytics.io
panorama.wixapps.net
siteassets.parastorage.com
statcounter.va-endpoint.com
static.parastorage.com
static.wixstatic.com
themarialeufffoundation.com
visits.visitor-analytics.io
www.themarialeufffoundation.com
107.22.145.71
167.233.8.77
185.230.63.186
2600:9000:2057:2a00:1e:5c56:d400:93a1
2600:9000:2156:2600:c:68f7:80:93a1
2600:9000:2156:4000:c:68f7:80:93a1
2606:4700:20::ac43:4890
2606:4700::6810:5614
2606:4700::6811:180e
2a01:4f8:1c1f:660e::1
2a01:4f8:c2c:7a31::1
34.149.206.255
34.149.87.45
0961654169b6d25f597e4c20355764cb7ca372f6e023054c3fd529ca48c2c8d2
122a0fc9d1220f03d64fc4f890db9ad34a32bb9f674adcbf5909bbc82987583a
15d3ee9e4f3f4c9050ce8b4dc4f39e2d9fde108a2325eb86d2e203b562393ceb
1903f5c41b30a5798edd7e483772413c551b12e81e2a943cf6f8a2ac6e543da5
19bba7006f333b101a55c4e4cd21ec968c10e93faf26fbc3ab39531f636a5e38
1becc05c52aec6b745c8970a2d4d4a4eed904746727f24652ddafb720dbcb430
1cc5b87ee0d039b1c3477cf013e42be34575f08586c5dc413a9708c48b2d710a
1e908b3b6eb76314a01faf12a0868f40c9608a0dd8754b12a45448853d34acd9
21758ed084cd0e37e735722ee4f3957ea960628a29dfa6c3ce1a1d47a2d6e4f7
226680fb3c87df3d0b412f199089f4022314de5b6809ad148b460340b8bb70b9
2877a471a18187f26a9fe2e39b892a5f46fe9e43d545ee256e3a06adb282066a
2c7e13472bc9fbc04647d4abfaccbac54065ff2a9409dc6a043dbb89396f72ec
2cb1ae053af8e01c12f0cc646803f590b7f615ea2fc4e034229ae511ab93965b
2ed709f59204f0fd94c705b0248e48113397d4a0e602a8ebed4d00308f660644
30534d3328a724a02358f40d5d388932d0041cc54d6e1caa3b52e8f76901397e
33c15a0d2d164ccadd0050ab3b0e65747474a8505090ff8952240a10efc9b5b7
348ea4a55e560fe9912b907f59e7046474c125003da22f0bf5a52f3d8e49a34c
365c579b5f25a1b0157ae3ec0a4849dc364d141a641c5e3aa3a8267286b8aae5
395308d279f3b5eed27347bbaa7679581e60e8acf30f152799cb0c5139e042e4
3a202a160846a0690438970722cd94ae3f65fbda690231b1c3f08ff115654468
3c1e45dee94118b77b8ba3ce1ef5502e26b040731c812c4ef5182c3d294b3031
3f1bb1b88a071f246c950238e7224757ed8ea5f8dfa0a3f350fdea0dfbf4f966
40dcd2c4ddada8144a373cd0625362ff867cca04505316608fb865a92b9398e2
4b4969fa4ef3594324da2c6d78ce8766fbbc2fd121fff395aedf997db0a99a06
4bf52e1f92ce9ea93f33025943d00dbfe5e73ff1c8ddc1507aee8ac82d34dc0f
4e128ec13619825f39e42c248e64816a5d1141ad61ec74c700e46c528859f489
511fff3b7473322e34b5dcd60d6248ed20172a86ee10d2cd642c88c191f2cea3
561a777615de8dc4265ee0f9d24d045e83008f4776acb5c6eb045b7edaf96400
59266fccedc48598f7e5b755650983af35b9e6173096bf4aa793eb0f100e5f2e
63f71023f3b6b9f39f7133f47c40bac372024142a124856036eb4fdc44e7364f
667c0a09c28ae0106b4d2e55c84dcaf606746016ca15416e1a004fad51127601
70fbc90b582e908639dc2c2979b96dd427a944381d5a8591da1c3ac50ee18988
7324735870b174ca94fad989d7ec7c3d077dfafd31c6e31f233470c6e4e95530
73ba326e2ff42569133834f9069a6e0afde06e28c2f7e90e96a75d4881eb1d8f
73ef2946715b97df12bf2413670716f679a73707c3c398494e20d4b707a26066
754c04a56f230ee5b7f6708b1aa6aa3bc1bb13315e6c01c44617a09ccf88f2b5
79921886b495861255a4baa3b744751396c0da5f696ae451c8b2c2316494127e
7a7b57eba15f7ee959e02bf637eab525dc3682216cb4a6af0579e25061df9f18
7e352cbdcf5b85075d02666de9efd8d36ad30669dac286f5e87a2bcd49bdf1f7
7f359379dfcb52e8cb72cdcac1d17a10447f94215740e5bc050c0fad80805d18
7fa756930dd54e07205fec5b9ccee88e3c98fc5954a01e3746f4d5d2d678ccf9
819ea625864bf229a828cc19bc6076ba2882ab620bb22b05c14e1a6eb8118bdc
86e9b3587c8419756abe19dac3aa42a054d28b11f56d27912acfb2053781df82
87f0df6a5c9655d101ce649fa60ffb0653381455c47000712faf85763ebc90fc
87fb9b051b8b946938dee113c1eb701339ddf997be59ca5f731eb9106ddb0e46
9101c5b0efb5a0aa50caf24d17361a3120742ecbf6990aaf81fa70db28f51f97
987a9d894990385b9fdfa4efb70fdff4ec178d6a5de685bdebc7ab6488e93bdc
9d045df345296df2881cb17f54fcdafd432bfc5431422395f2f4d27c1531adc8
9e40f8628ff91d0ce48797958656cc78f1f17917746921ca9d6359bfbf2ea066
a060d27f2e5d3846e3b4ffb2f8e13655213a18b317ab31162465ff90d06d41d6
a2fc5e3b742533fddd94d3e1b1f7a813561299440a628bbd3cce0326f48dba50
a748fc128e728ddf6980100bec1a3dcfb8ac299417baa3ddc2703a977d9afaec
a920ddf8f05349dbf78d8f92652d73a240d7e7bda80f4c9fe7bd863a749dcb66
a9705dfc47c0763380d851ab1801be6f76019f6b67e40e9b873f8b4a0603f7a9
ab85308ccf97bb7a843f82685e52130239c1793f135ef98847d91845d6599e27
acc46501ac7d558c00d924dc9bab9731acb0dfa24e64f24094356815d08722e7
adc13eab2d6fb540a9f9fa1f68d4c87e4c5b7a1316caf5ca3728b473ffc9ad8a
b3f3858170462b72bab278dd507f46116342803ead6067131db2bfe9c57fd358
bd55a3af5a80061d86849db6094454bb295e9be770d104e0654f6aef5365840d
c8f9a7c164fb79e848b12f9a6b19873825242eb1bd2f2b648d463346a410588a
cc0e6dc9e6a432667b502cce543213dda525efd42d773dbfff6e5711b9888f57
cd26ff045f5eb6f03115c5aeead286f8c805b3dbdf076d8c03432cf7239726a6
cffd585fcd0c75b1008fe6c9f7c005f1c3ef40ebd630ddc6fc00794b4aa2d911
d0361cc7bf24914f4a9757bc1cd9f3d0433e561684904d2d740a4e7f5023460e
d0e6054d7b47b8de059e88c419a16a3e745e038b05b75af9d57c2e8593bd1d78
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e902341813abfb0ecaa77cf2e3e4261cd0bb38c44b6f32c38f509736c1ba1973
f3e2e5fc89074f136430ab99d72836e2b07d4da7284e71cb88dbe9f3f60bcd92
f72f35ae9bb8d45449f519794d2dcc65a497cad21f14bc9bd9888df5aab4e540
fa3e37fabb2a79f31c1e1105780ee2121ffd4077830a70567930921c684574d4
fc78921639eb6c63c17a157f6b5cefc6af91cd0054bc9260ad78e8c3b47ec55d
fe3abc951beadea7e741eff394b22b2d7d544603e070cd5dec2437cf65c7a303