urlscan.io logo urlscan.io
SecurityTrails logo

ncaforkids.wufoo.com Open in urlscan Pro
18.239.94.22  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ncaforkids.wufoo.com/
Effective URL: https://ncaforkids.wufoo.com/login/
Submission: On October 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 3 countries across 20 domains to perform 59 HTTP transactions. The main IP is 18.239.94.22, located in United States and belongs to AMAZON-02, US. The main domain is ncaforkids.wufoo.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on July 13th 2023. Valid for: a year.
This is the only time ncaforkids.wufoo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13 18.239.94.81 16509 (AMAZON-02)
1 3 18.239.94.22 16509 (AMAZON-02)
11 2606:4700:440... 13335 (CLOUDFLAR...)
1 65.9.95.42 16509 (AMAZON-02)
1 2600:9000:212... 16509 (AMAZON-02)
1 2600:9000:212... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 65.9.95.62 16509 (AMAZON-02)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 108.138.15.119 16509 (AMAZON-02)
7 151.101.2.133 54113 (FASTLY)
4 5 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 35.71.131.137 16509 (AMAZON-02)
1 52.209.230.23 16509 (AMAZON-02)
1 3 142.250.74.198 15169 (GOOGLE)
1 3.248.57.202 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 35.80.211.65 16509 (AMAZON-02)
59 25
13    18.239.94.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-94-81.ams1.r.cloudfront.net
ncaforkids.wufoo.com
static.wufoo.com
3    18.239.94.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-94-22.ams1.r.cloudfront.net
ncaforkids.wufoo.com
11    2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ukwest.onetrust.com
geolocation.onetrust.com
1    65.9.95.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-42.prg50.r.cloudfront.net
cdn.signalfx.com
1    2600:9000:2127:4c00:14:6bfc:5740:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.ywxi.net
1    2600:9000:2127:7800:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.dwin1.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    65.9.95.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-62.prg50.r.cloudfront.net
tracker.marinsm.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2a02:26f0:480:3::210:ee91 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net
js.adsrvr.org
7    151.101.2.133 (United States)

ASN54113 (FASTLY, US)
cdn.krxd.net
consumer.krxd.net
5    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2606:4700:10::ac43:5d8 (United States)

ASN13335 (CLOUDFLARENET, US)
rum-static.pingdom.net
2    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
insight.adsrvr.org
1    52.209.230.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-230-23.eu-west-1.compute.amazonaws.com
beacon.krxd.net
3    142.250.74.198 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net
3782466.fls.doubleclick.net
1    3.248.57.202 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-57-202.eu-west-1.compute.amazonaws.com
rum-collector-2.pingdom.net
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    35.80.211.65 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-80-211-65.us-west-2.compute.amazonaws.com
rum-ingest.us1.signalfx.com
Apex Domain
Subdomains		 Transfer
16 wufoo.com
ncaforkids.wufoo.com
static.wufoo.com — Cisco Umbrella Rank: 43695
862 KB
11 onetrust.com
cdn-ukwest.onetrust.com — Cisco Umbrella Rank: 6542
geolocation.onetrust.com — Cisco Umbrella Rank: 655
160 KB
8 krxd.net
cdn.krxd.net — Cisco Umbrella Rank: 3963
consumer.krxd.net — Cisco Umbrella Rank: 9857
beacon.krxd.net — Cisco Umbrella Rank: 903
182 KB
6 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 416
www.linkedin.com — Cisco Umbrella Rank: 708
px4.ads.linkedin.com — Cisco Umbrella Rank: 6066
5 KB
3 doubleclick.net
3782466.fls.doubleclick.net — Cisco Umbrella Rank: 578382
1 KB
3 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1808
insight.adsrvr.org — Cisco Umbrella Rank: 665
3 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 427
14 KB
2 pingdom.net
rum-static.pingdom.net — Cisco Umbrella Rank: 6368
rum-collector-2.pingdom.net — Cisco Umbrella Rank: 5716
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187
90 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 981
19 KB
2 signalfx.com
cdn.signalfx.com — Cisco Umbrella Rank: 15767
rum-ingest.us1.signalfx.com — Cisco Umbrella Rank: 10031
39 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 13042
623 B
1 google.com
adservice.google.com — Cisco Umbrella Rank: 118
664 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
185 B
1 marinsm.com
tracker.marinsm.com — Cisco Umbrella Rank: 28533
322 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
98 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 373
11 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 405
31 KB
1 dwin1.com
www.dwin1.com — Cisco Umbrella Rank: 4597
11 KB
1 ywxi.net
cdn.ywxi.net — Cisco Umbrella Rank: 12263
8 KB
59 20
Domain Requested by
12 static.wufoo.com ncaforkids.wufoo.com
static.wufoo.com
10 cdn-ukwest.onetrust.com ncaforkids.wufoo.com
cdn-ukwest.onetrust.com
cdn.signalfx.com
5 cdn.krxd.net ncaforkids.wufoo.com
cdn.krxd.net
4 px.ads.linkedin.com 3 redirects cdn.signalfx.com
4 ncaforkids.wufoo.com 2 redirects cdn.signalfx.com
3 3782466.fls.doubleclick.net 1 redirects www.googletagmanager.com
adservice.google.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
ncaforkids.wufoo.com
2 insight.adsrvr.org js.adsrvr.org
3782466.fls.doubleclick.net
2 consumer.krxd.net cdn.krxd.net
2 connect.facebook.net ncaforkids.wufoo.com
connect.facebook.net
2 snap.licdn.com www.googletagmanager.com
snap.licdn.com
1 rum-ingest.us1.signalfx.com cdn.signalfx.com
1 adservice.google.de 1 redirects
1 adservice.google.com 3782466.fls.doubleclick.net
1 rum-collector-2.pingdom.net cdn.signalfx.com
1 beacon.krxd.net cdn.krxd.net
1 rum-static.pingdom.net ncaforkids.wufoo.com
1 www.facebook.com ncaforkids.wufoo.com
1 px4.ads.linkedin.com ncaforkids.wufoo.com
1 www.linkedin.com 1 redirects
1 js.adsrvr.org www.googletagmanager.com
1 tracker.marinsm.com www.googletagmanager.com
1 www.googletagmanager.com ncaforkids.wufoo.com
1 geolocation.onetrust.com cdn-ukwest.onetrust.com
1 cdn.jsdelivr.net ncaforkids.wufoo.com
1 ajax.googleapis.com ncaforkids.wufoo.com
1 www.dwin1.com ncaforkids.wufoo.com
1 cdn.ywxi.net ncaforkids.wufoo.com
1 cdn.signalfx.com ncaforkids.wufoo.com
59 29
Subject Issuer Validity Valid
wufoo.co.uk
Amazon RSA 2048 M01		 2023-07-13 -
2024-08-11		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2023-10-08 -
2024-10-07		 a year crt.sh
*.signalfx.com
Go Daddy Secure Certificate Authority - G2		 2022-11-09 -
2023-12-11		 a year crt.sh
*.ywxi.net
Amazon RSA 2048 M02		 2023-06-05 -
2024-07-03		 a year crt.sh
*.dwin1.com
Amazon RSA 2048 M03		 2023-10-18 -
2024-11-15		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.marinsm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-04-09		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 05		 2023-07-26 -
2024-01-22		 6 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-29 -
2023-10-27		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
cdn.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-09		 a year crt.sh
consumer.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-09		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-06-02 -
2023-12-02		 6 months crt.sh
pingdom.net
Cloudflare Inc ECC CA-3		 2023-10-14 -
2024-10-13		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.pingdom.net
Amazon RSA 2048 M01		 2023-02-10 -
2023-12-20		 10 months crt.sh
*.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.us1.signalfx.com
Go Daddy Secure Certificate Authority - G2		 2023-08-31 -
2024-10-01		 a year crt.sh

This page contains 6 frames:

Primary Page: https://ncaforkids.wufoo.com/login/
Frame ID: CB0D785ABA97F67B65ACA32F3D9C2C74
Requests: 50 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 64BC82ED900D12521A7E04C183633A7D
Requests: 4 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=7qm6jp1&ref=https%3A%2F%2Fncaforkids.wufoo.com%2Flogin%2F&upid=moixee0&upv=1.1.0
Frame ID: 091E3DF3E95A0369EEFCBC9833E385A3
Requests: 1 HTTP requests in this frame

Frame: https://3782466.fls.doubleclick.net/activityi;dc_pre=CKvXjezWgoIDFccIogMdCaMKeA;src=3782466;type=stand589;cat=wflog203;ord=5658431899957;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fncaforkids.wufoo.com%2Flogin%2F
Frame ID: 9A92A41AF3A4EA86ECD3E88205113606
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CKvXjezWgoIDFccIogMdCaMKeA;src=3782466;type=stand589;cat=wflog203;ord=5658431899957;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fncaforkids.wufoo.com%2Flogin%2F
Frame ID: 0C18A9F4F7973C8D9A0BE2E39AB07D62
Requests: 1 HTTP requests in this frame

Frame: https://3782466.fls.doubleclick.net/ddm/fls/r/dc_pre=CKvXjezWgoIDFccIogMdCaMKeA;src=3782466;type=stand589;cat=wflog203;ord=5658431899957;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fncaforkids.wufoo.com%2Flogin%2F
Frame ID: B43F0AB275B6631CC4D9EA9D090E627A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Wufoo · LoginBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. http://ncaforkids.wufoo.com/ HTTP 301
    https://ncaforkids.wufoo.com/ HTTP 301
    https://ncaforkids.wufoo.com/login/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • dwin1\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

59
Requests

98 %
HTTPS

54 %
IPv6

20
Domains

29
Subdomains

25
IPs

3
Countries

1532 kB
Transfer

3220 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ncaforkids.wufoo.com/ HTTP 301
    https://ncaforkids.wufoo.com/ HTTP 301
    https://ncaforkids.wufoo.com/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2811&time=1697737984003&url=https%3A%2F%2Fncaforkids.wufoo.com%2Flogin%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2811&time=1697737984003&url=https%3A%2F%2Fncaforkids.wufoo.com%2Flogin%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2811%26time%3D1697737984003%26url%3Dhttps%253A%252F%252Fncaforkids.wufoo.com%252Flogin%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2811&time=1697737984003&url=https%3A%2F%2Fncaforkids.wufoo.com%2Flogin%2F&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2811&time=1697737984003&url=https%3A%2F%2Fncaforkids.wufoo.com%2Flogin%2F&cookiesTest=true&liSync=true&e_ipv6=AQK4trFh0PjKEQAAAYtJEcpQG1zzkZBySIRkCRIUJlml5mOlZsSILYV0kWbaf5NPv7RAb6O9fBnK-CO1vqRhr5yC0xzW
Request Chain 52
  • https://3782466.fls.doubleclick.net/activityi;src=3782466;type=stand589;cat=wflog203;ord=5658431899957;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fncaforkids.wufoo.com%2Flogin%2F HTTP 302
  • https://3782466.fls.doubleclick.net/activityi;dc_pre=CKvXjezWgoIDFccIogMdCaMKeA;src=3782466;type=stand589;cat=wflog203;ord=5658431899957;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fncaforkids.wufoo.com%2Flogin%2F
Request Chain 55
  • https://adservice.google.de/ddm/fls/i/dc_pre=CKvXjezWgoIDFccIogMdCaMKeA;src=3782466;type=stand589;cat=wflog203;ord=5658431899957;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fncaforkids.wufoo.com%2Flogin%2F HTTP 302
  • https://3782466.fls.doubleclick.net/ddm/fls/r/dc_pre=CKvXjezWgoIDFccIogMdCaMKeA;src=3782466;type=stand589;cat=wflog203;ord=5658431899957;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fncaforkids.wufoo.com%2Flogin%2F

59 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ncaforkids.wufoo.com/login/
Redirect Chain
  • http://ncaforkids.wufoo.com/
  • https://ncaforkids.wufoo.com/
  • https://ncaforkids.wufoo.com/login/
27 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ncaforkids.wufoo.com/login/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-22.ams1.r.cloudfront.net
Software
nginx/1.22.0 /
Resource Hash
dd3bd6248a094b72c4e75295cedd2070e235056cd3138a3854a5961d45645b6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers
origin, x-requested-with, content-type, authorization
Access-Control-Allow-Methods
PUT, GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 19 Oct 2023 17:53:02 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx/1.22.0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
Via
1.1 73bf4f8a14baf53971357e0a4893be3e.cloudfront.net (CloudFront)
X-Amz-Cf-Id
amktdo3vM75qiGml0uHJIr35q7L4Lgo4pqbpeQgBGze8296AWdCajA==
X-Amz-Cf-Pop
AMS1-P3
X-Cache
Miss from cloudfront
X-Frame-Options
SAMEORIGIN

Redirect headers

Access-Control-Allow-Headers
origin, x-requested-with, content-type, authorization
Access-Control-Allow-Methods
PUT, GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
169
Content-Type
text/html
Date
Thu, 19 Oct 2023 17:53:01 GMT
Location
https://ncaforkids.wufoo.com/login/
Server
nginx/1.22.0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 73bf4f8a14baf53971357e0a4893be3e.cloudfront.net (CloudFront)
X-Amz-Cf-Id
56dLFn4Jv3sTKkEveeZdEf8-deOAJvUCAYMaSTqSUUBU6ddKuYkUuQ==
X-Amz-Cf-Pop
AMS1-P3
X-Cache
Miss from cloudfront
otSDKStub.js
cdn-ukwest.onetrust.com/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Requested by
Host: ncaforkids.wufoo.com
URL: https://ncaforkids.wufoo.com/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fc7f40fe3b6fca4d842274e5c319024864535325c7484e201b7c53257209809
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 19 Oct 2023 17:53:02 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
HAfQnQ1aKA6QX2rlLtw0Ew==
age
43297
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6821
x-ms-lease-status
unlocked
last-modified
Wed, 18 Oct 2023 11:34:19 GMT
server
cloudflare
etag
0x8DBCFCE2B3489BD
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
4cadf4aa-401e-004c-7e50-02e384000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
818ae0d7ba7f2bb8-FRA
expires
Fri, 20 Oct 2023 17:53:02 GMT
wufoo-mixpanel-onetrust.js
static.wufoo.com/assets/js/vendor/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wufoo.com/assets/js/vendor/wufoo-mixpanel-onetrust.js
Requested by
Host: ncaforkids.wufoo.com
URL: https://ncaforkids.wufoo.com/login/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-81.ams1.r.cloudfront.net
Software
nginx/1.22.0 /
Resource Hash
71d04ba9d5bbd226ef48e7d1e8a5c4ea374b74556178a4fe772aee3fbaefa602
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 17:53:02 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 0ce4e0ab92519d33ff3c6cca42806b7e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-P3
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
Server
nginx/1.22.0
ETag
e9eabb7d7cb52efcb26fefcf3f9fa40c
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
PUT, GET, POST, DELETE, OPTIONS
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=600; must-revalidate
Access-Control-Allow-Headers
origin, x-requested-with, content-type, authorization
X-Amz-Cf-Id
VV94HtntSDWsinwXbVJFSZhkxHlcd7aWjMi5R7UrOvAN1JwpZ544Bg==
splunk-otel-web.js
cdn.signalfx.com/o11y-gdi-rum/latest/ 		166 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.signalfx.com/o11y-gdi-rum/latest/splunk-otel-web.js
Requested by
Host: ncaforkids.wufoo.com
URL: https://ncaforkids.wufoo.com/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-42.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
17b2a47720dd8abed7db78358e56d8b6fd5063cc18d9badafb8fd1cd49c14311

Request headers

Referer
https://ncaforkids.wufoo.com/
Origin
https://ncaforkids.wufoo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 17:53:04 GMT
content-encoding
br
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Tue, 17 Oct 2023 13:52:35 GMT
server
AmazonS3
etag
W/"60d22480807c67256f4d1487eaf26779"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
C5KBV-0Y4pEdC6DOWz9MdOahi2xZYqWnbNoktNdDtzVHsWhZjt31wA==
main.0688.css
static.wufoo.com/assets/css/ 		228 KB
229 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.wufoo.com/assets/css/main.0688.css
Requested by
Host: ncaforkids.wufoo.com
URL: https://ncaforkids.wufoo.com/login/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-81.ams1.r.cloudfront.net
Software
nginx/1.22.0 /
Resource Hash
be10996fa36b248225e9fe38d204b3663f97c5edb7008e8cfbb9dce92534dbe3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 17:53:02 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 cec0e64209a322f193c5e90a44c7fc7e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-P3
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
Server
nginx/1.22.0
ETag
77ebe5f4213050df0b833114571e73c5
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
PUT, GET, POST, DELETE, OPTIONS
Content-Type
text/css;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=600; must-revalidate
Access-Control-Allow-Headers
origin, x-requested-with, content-type, authorization
X-Amz-Cf-Id
3zT8oUH51LSYIXOBJ88mbuzm9Mj7_nydMLq5X9Aac_YKmjppQ5RJnw==
fonts.css
static.wufoo.com/assets/css/ 		752 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.wufoo.com/assets/css/fonts.css
Requested by
Host: ncaforkids.wufoo.com
URL: https://ncaforkids.wufoo.com/login/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-81.ams1.r.cloudfront.net
Software
nginx/1.22.0 /
Resource Hash
5a20ecd495775b81544092cbae4f1d376c1cd3a201475c877ddd0683faa17c90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 17:53:02 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 ff78b299270b99e41cda1a1252610524.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-P3
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
Server
nginx/1.22.0
ETag
5e80edd5eaadeede31755ac8c97c4bbb
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
PUT, GET, POST, DELETE, OPTIONS
Content-Type
text/css;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=600; must-revalidate
Access-Control-Allow-Headers
origin, x-requested-with, content-type, authorization
X-Amz-Cf-Id
fjDfrLzjZ4lXBEZMMauSr8xYnvrS79fUdliFLmrOYao352-GVg_Afw==
logo.svg
static.wufoo.com/assets/images/logos/ 		11 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wufoo.com/assets/images/logos/logo.svg
Requested by
Host: ncaforkids.wufoo.com
URL: https://ncaforkids.wufoo.com/login/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-81.ams1.r.cloudfront.net
Software
nginx/1.22.0 /
Resource Hash
502823baad943ddb6f57a3528fe91d5c61bd91f6ee77b859af8a8201defb71c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 17:53:02 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Via
1.1 7cbec639ed3557aac04425ec5a5f177a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-P3
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
Last-Modified
Wed, 18 Oct 2023 17:59:21 GMT
Server
nginx/1.22.0
ETag
W/"65301cf9-2bae"
Vary
Accept-Encoding
Access-Control-Allow-Methods
PUT, GET, POST, DELETE, OPTIONS
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
origin, x-requested-with, content-type, authorization
X-Amz-Cf-Id
RH3AB0xRd9_ULflT552EfYEOgHcfw9M6TNSctXCuhqCjbKVPg8GUPw==
img-bbb3-cert.png
static.wufoo.com/images/partners/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wufoo.com/images/partners/img-bbb3-cert.png
Requested by
Host: ncaforkids.wufoo.com
URL: https://ncaforkids.wufoo.com/login/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-81.ams1.r.cloudfront.net
Software
nginx/1.22.0 /
Resource Hash
b71b51326b27eef47d4eaef3b6d186e74d994af7f6e1959b707d2c2375955682
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 17:53:02 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 ed52b6cbe30df623c9ae923641ddf518.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-P3
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
9888
Last-Modified
Wed, 18 Oct 2023 17:59:21 GMT
Server
nginx/1.22.0
ETag
"65301cf9-26a0"
Access-Control-Allow-Methods
PUT, GET, POST, DELETE, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin, x-requested-with, content-type, authorization
X-Amz-Cf-Id
qS8vzvWbVufCuv0piYlrzgsIO_Es85k_yMv_uZ7cVpEaMqoQoC715A==
202.svg
cdn.ywxi.net/meter/wufoo.com/ 		19 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ywxi.net/meter/wufoo.com/202.svg
Requested by
Host: ncaforkids.wufoo.com
URL: https://ncaforkids.wufoo.com/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:4c00:14:6bfc:5740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
74e617923cae53c9ea93b192ab7f817ddfdcf6418bb946dcd4c2b2b616549794
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 17:45:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
446
content-security-policy-report-only
report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
x-cache
Hit from cloudfront
content-length
7295
referrer-policy
strict-origin-when-cross-origin
server
Apache
x-trace
2B4433677F8FBC96EF7BC30C2CB90127795913798B000000000000000000
content-type
image/svg+xml
cache-control
public
x-amz-cf-id
fUQdPJvgwMcAigRNmjSf9V6VGnsWUAX6KKoshTzIqcJWgxep3t8PyQ==
expires
Thu, 19 Oct 2023 18:45:37 GMT
19038.js
www.dwin1.com/ 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dwin1.com/19038.js
Requested by
Host: ncaforkids.wufoo.com
URL: https://ncaforkids.wufoo.com/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:7800:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b04d72546f3d807901ac18982112fcf6c50c115095f76755040cd6be758599a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
zR32WRrkE_nbij0xnr90P7uyNi3RXSM2
content-encoding
gzip
via
1.1 9b9ab8e6e595847652a9158c684a8926.cloudfront.net (CloudFront)
date
Thu, 19 Oct 2023 17:44:28 GMT
x-amz-cf-pop
PRG50-C1
age
515
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 24 May 2023 10:09:50 GMT
server
AmazonS3
etag
W/"9575e6eeef2b4a42e72a0401cbc03c24"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600, s-maxage=600
x-amz-cf-id
3_owG4UZN8ii9fF8quSwZl2TsHxOXVClzn2-L8E4t8m9-ONyM5omAw==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: ncaforkids.wufoo.com
URL: https://ncaforkids.wufoo.com/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 16:19:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
178425
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Oct 2024 16:19:17 GMT
dynamic.0688.js
static.wufoo.com/scripts/static/ 		31 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wufoo.com/scripts/static/dynamic.0688.js
Requested by
Host: ncaforkids.wufoo.com
URL: https://ncaforkids.wufoo.com/login/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-81.ams1.r.cloudfront.net
Software
nginx/1.22.0 /
Resource Hash
a8cc975429fdfabd491d3ce1513e86866880dcd5d2208eb88565c78382c5e593
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 17:53:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 ed52b6cbe30df623c9ae923641ddf518.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-P3
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
Last-Modified
Wed, 18 Oct 2023 21:11:41GMT
Server
nginx/1.22.0
ETag
064cbd50504dbe52a0bf01da0c51aec8
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
PUT, GET, POST, DELETE, OPTIONS
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=600; must-revalidate
Access-Control-Allow-Headers
origin, x-requested-with, content-type, authorization
X-Amz-Cf-Id
W7U5HC6jQncRo0_HFB8qu0A7mVYrvfoUhh_lFV5rPqRajbxPA5fqjA==
vendor.0688.js
static.wufoo.com/assets/js/vendor/ 		69 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wufoo.com/assets/js/vendor/vendor.0688.js
Requested by
Host: ncaforkids.wufoo.com
URL: https://ncaforkids.wufoo.com/login/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-81.ams1.r.cloudfront.net
Software
nginx/1.22.0 /
Resource Hash
ec4776c76762e39b3eb9d72f0830f6b13de7b15394c7c1266c5b498b9424e999
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 17:53:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 ff78b299270b99e41cda1a1252610524.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-P3
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
Server
nginx/1.22.0
ETag
2e652985ba1cb4088dbe04e8ca8e3196
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
PUT, GET, POST, DELETE, OPTIONS
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=600; must-revalidate
Access-Control-Allow-Headers
origin, x-requested-with, content-type, authorization
X-Amz-Cf-Id
9PuTCw30yuH45lem5HACkCfPcU9TnN1t_T8qL1w68fBTbol67ghsMg==
bundle.0688.js
static.wufoo.com/assets/js/ 		21 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wufoo.com/assets/js/bundle.0688.js
Requested by
Host: ncaforkids.wufoo.com
URL: https://ncaforkids.wufoo.com/login/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-81.ams1.r.cloudfront.net
Software
nginx/1.22.0 /
Resource Hash
1ce20c94aee3323d1bdb5c001f4b6381d9145aae176800d7a2d9ad8918a27deb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 17:53:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 ed52b6cbe30df623c9ae923641ddf518.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-P3
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
Server
nginx/1.22.0
ETag
6f444967465b2d2ce3aa963c0ef398d5
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
PUT, GET, POST, DELETE, OPTIONS
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=600; must-revalidate
Access-Control-Allow-Headers
origin, x-requested-with, content-type, authorization
X-Amz-Cf-Id
piQyyXXyvoNQFwuvYkZfwlzaycm9zqX4vjWps9twHnKBR0IpjCMZqA==
mainLogin.0688.js
static.wufoo.com/assets/js/pages/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wufoo.com/assets/js/pages/mainLogin.0688.js
Requested by
Host: ncaforkids.wufoo.com
URL: https://ncaforkids.wufoo.com/login/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-81.ams1.r.cloudfront.net
Software
nginx/1.22.0 /
Resource Hash
45975fb6551e9701196b8964576ce62ee10901a761cd224c799dff4b44af18dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 17:53:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 ff78b299270b99e41cda1a1252610524.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-P3
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
Server
nginx/1.22.0
ETag
dc32a32f8ae83ad7b5bc49fda730ef13
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
PUT, GET, POST, DELETE, OPTIONS
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=600; must-revalidate
Access-Control-Allow-Headers
origin, x-requested-with, content-type, authorization
X-Amz-Cf-Id
celu6s3KzfDcBn9yshN8zpyXxet3zyds7R8F3e8krqKZfQ4j2LTDFQ==
slick.min.js
cdn.jsdelivr.net/jquery.slick/1.6.0/ 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/jquery.slick/1.6.0/slick.min.js
Requested by
Host: ncaforkids.wufoo.com
URL: https://ncaforkids.wufoo.com/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 17:53:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
20683165
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230080-FRA, cache-jnb7024-JNB
server
cloudflare
etag
W/"a3e1-6fy8xPpwy6CTuB2YKht4UJQUzvc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Dk4v2TcHGmW%2BTHja4XFGR84L8twkc6fM1EJt6s7r0X8u%2BvPNjriNOa%2BOo09MAOivzCJSxkbRuGuBQCge6SkBilrKRJMXu79%2BN0GUC93bmfqZ41WlmONQkvcqYiGkb3K5tm3fIZDt603C8nZIMA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
818ae0dbfb632bcb-FRA
86f42b6d-7a31-469c-804c-319643173d42.json
cdn-ukwest.onetrust.com/consent/86f42b6d-7a31-469c-804c-319643173d42/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/consent/86f42b6d-7a31-469c-804c-319643173d42/86f42b6d-7a31-469c-804c-319643173d42.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9f658664452831298032854735d874069c7ccf3cc7f0aafe9d6dca0b9cd7de7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 19 Oct 2023 17:53:02 GMT
content-encoding
gzip
cf-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
Jx/vFKuAbSkcU0LZBVKGnQ==
content-length
1825
x-ms-lease-status
unlocked
last-modified
Tue, 17 Oct 2023 17:19:12 GMT
server
cloudflare
etag
0x8DBCF352E7D8A73
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
58e0ab31-701e-0022-28b5-024aad000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
818ae0d82bd89110-FRA
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		66 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://ncaforkids.wufoo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 17:53:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
818ae0d8ac759110-FRA
access-control-allow-headers
Content-Type
otBannerSdk.js
cdn-ukwest.onetrust.com/scripttemplates/202309.1.0/ 		424 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/202309.1.0/otBannerSdk.js
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
803f9665533b781ac3abb157ba32b9a1f48d3b7a30bada354656d4b89be22610
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 19 Oct 2023 17:53:03 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
wp4bduWb8cLN8oREjFODhQ==
age
43229
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
104423
x-ms-lease-status
unlocked
last-modified
Thu, 28 Sep 2023 05:10:29 GMT
server
cloudflare
etag
0x8DBBFE13BF2B5C7
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c54444d0-301e-0025-6586-f6bc28000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
818ae0dcd98b2bb8-FRA
expires
Fri, 20 Oct 2023 17:53:03 GMT
logo.svg
static.wufoo.com/assets/images/logos/ 		11 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wufoo.com/assets/images/logos/logo.svg
Requested by
Host: ncaforkids.wufoo.com
URL: https://ncaforkids.wufoo.com/login/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-81.ams1.r.cloudfront.net
Software
nginx/1.22.0 /
Resource Hash
502823baad943ddb6f57a3528fe91d5c61bd91f6ee77b859af8a8201defb71c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 17:53:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Via
1.1 ff78b299270b99e41cda1a1252610524.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-P3
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
Last-Modified
Wed, 18 Oct 2023 17:59:21 GMT
Server
nginx/1.22.0
ETag
W/"65301cf9-2bae"
Vary
Accept-Encoding
Access-Control-Allow-Methods
PUT, GET, POST, DELETE, OPTIONS
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
origin, x-requested-with, content-type, authorization
X-Amz-Cf-Id
whDiFPZVUzdVM8ru1Z2U2v_cNKZpWa-k_UmCo97keEBAEJGSeHOAuQ==
National2Web-Regular.woff2
static.wufoo.com/assets/fonts/ 		34 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.wufoo.com/assets/fonts/National2Web-Regular.woff2
Requested by
Host: static.wufoo.com
URL: https://static.wufoo.com/assets/css/fonts.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-81.ams1.r.cloudfront.net
Software
nginx/1.22.0 /
Resource Hash
c7e022d03458278aabb7ce6892ddeef5736041de037d0d64adedc2eb1d82850b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://static.wufoo.com/assets/css/fonts.css
Origin
https://ncaforkids.wufoo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 17:53:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 c00e79984dfec6a6601fb861a1d8d5e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-P3
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
34775
Last-Modified
Wed, 18 Oct 2023 17:59:21 GMT
Server
nginx/1.22.0
ETag
"65301cf9-87d7"
Access-Control-Allow-Methods
PUT, GET, POST, DELETE, OPTIONS
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin, x-requested-with, content-type, authorization
X-Amz-Cf-Id
-1afrQ8c08ARezj8hV1Z2jLf5t44Fg--vUr0W4EILUz324IWiEYG3w==
index.php
ncaforkids.wufoo.com/json/country-info/ 		380 KB
381 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ncaforkids.wufoo.com/json/country-info/index.php
Requested by
Host: cdn.signalfx.com
URL: https://cdn.signalfx.com/o11y-gdi-rum/latest/splunk-otel-web.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-22.ams1.r.cloudfront.net
Software
nginx/1.22.0 /
Resource Hash
54ad895c943daa7289078398b3690f937264c28cb0be673b79c367712c07395b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://ncaforkids.wufoo.com/login/
X-Requested-With
XMLHttpRequest
traceparent
00-e98b048b6af0d1a10d2942006832665f-77ee5b4f55de6d45-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 17:53:04 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 73bf4f8a14baf53971357e0a4893be3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-P3
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
Pragma
public
Server
nginx/1.22.0
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
PUT, GET, POST, DELETE, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, post-check=0, pre-check=0, private
Access-Control-Allow-Headers
origin, x-requested-with, content-type, authorization
X-Amz-Cf-Id
G3-uKDsLOEMxlQn3hyBzb4iodQqC7Z3rHyopTa6G8q053qit9tNTNw==
Expires
0
en.json
cdn-ukwest.onetrust.com/consent/86f42b6d-7a31-469c-804c-319643173d42/09011ced-ecb6-4fa7-bd0b-30149d23ca54/ 		104 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/consent/86f42b6d-7a31-469c-804c-319643173d42/09011ced-ecb6-4fa7-bd0b-30149d23ca54/en.json
Requested by
Host: cdn.signalfx.com
URL: https://cdn.signalfx.com/o11y-gdi-rum/latest/splunk-otel-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27048a8d907280584aae07643a4ab4e7b107273039707faa01ad6ecbcd11b09f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 19 Oct 2023 17:53:03 GMT
content-encoding
gzip
cf-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
BvDhMCJbG8W2pBV8czTlIA==
content-length
22605
x-ms-lease-status
unlocked
last-modified
Tue, 17 Oct 2023 17:19:28 GMT
server
cloudflare
etag
0x8DBCF3538011E05
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
58e0ad69-701e-0022-33b5-024aad000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
818ae0dd69d29110-FRA
otCenterRounded.json
cdn-ukwest.onetrust.com/scripttemplates/202309.1.0/assets/ 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/202309.1.0/assets/otCenterRounded.json
Requested by
Host: cdn.signalfx.com
URL: https://cdn.signalfx.com/o11y-gdi-rum/latest/splunk-otel-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 19 Oct 2023 17:53:03 GMT
content-encoding
gzip
cf-cache-status
MISS
content-md5
c7b+hjqfDuefuY+DopxtYA==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2626
x-ms-lease-status
unlocked
last-modified
Thu, 28 Sep 2023 05:10:22 GMT
server
cloudflare
etag
0x8DBBFE1378050D0
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
b60b4153-201e-0057-2cb5-02cd16000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
818ae0ddea629110-FRA
expires
Fri, 20 Oct 2023 17:53:03 GMT
otPcCenter.json
cdn-ukwest.onetrust.com/scripttemplates/202309.1.0/assets/v2/ 		62 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/202309.1.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.signalfx.com
URL: https://cdn.signalfx.com/o11y-gdi-rum/latest/splunk-otel-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b0a210e89ac35b54a9b4ccb0336ea91c561e6dc5f8bda49574da98d40799c6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 19 Oct 2023 17:53:03 GMT
content-encoding
gzip
cf-cache-status
MISS
content-md5
Xznrm5/jaKmHSjGeIIkHOA==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12708
x-ms-lease-status
unlocked
last-modified
Thu, 28 Sep 2023 05:10:23 GMT
server
cloudflare
etag
0x8DBBFE1387F5C25
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
90e657af-f01e-0011-30b5-021380000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
818ae0ddea649110-FRA
expires
Fri, 20 Oct 2023 17:53:03 GMT
otCommonStyles.css
cdn-ukwest.onetrust.com/scripttemplates/202309.1.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/202309.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.signalfx.com
URL: https://cdn.signalfx.com/o11y-gdi-rum/latest/splunk-otel-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 19 Oct 2023 17:53:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
MISS
content-md5
c7xAZ9MSGAobGaTYg/Qtag==
x-ms-lease-status
unlocked
last-modified
Thu, 28 Sep 2023 05:10:36 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
a0f067ce-701e-0000-38b5-02249b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
818ae0ddea659110-FRA
expires
Fri, 20 Oct 2023 17:53:03 GMT
National2Web-Medium.woff2
static.wufoo.com/assets/fonts/ 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.wufoo.com/assets/fonts/National2Web-Medium.woff2
Requested by
Host: static.wufoo.com
URL: https://static.wufoo.com/assets/css/fonts.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-81.ams1.r.cloudfront.net
Software
nginx/1.22.0 /
Resource Hash
9d1ac6865e4ba78d64acb5316f123a17a0840cbd8439415a8a66440697524e99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://static.wufoo.com/assets/css/fonts.css
Origin
https://ncaforkids.wufoo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 17:53:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 e07bd6386c24c4e98bde2dc8881304ee.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-P3
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
37339
Last-Modified
Wed, 18 Oct 2023 17:59:21 GMT
Server
nginx/1.22.0
ETag
"65301cf9-91db"
Access-Control-Allow-Methods
PUT, GET, POST, DELETE, OPTIONS
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin, x-requested-with, content-type, authorization
X-Amz-Cf-Id
o5VNV-DmGqYHj_rOHaIDUELE-GowrCZpDJRRXCAPErHirgao6cuJ0g==
ot_guard_logo.svg
cdn-ukwest.onetrust.com/logos/static/ 		497 B
488 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.signalfx.com
URL: https://cdn.signalfx.com/o11y-gdi-rum/latest/splunk-otel-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 19 Oct 2023 17:53:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
MISS
content-md5
tXyZydHjxQshFMbbBT1/8A==
x-ms-lease-status
unlocked
last-modified
Wed, 18 Oct 2023 11:34:22 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
2066dee9-801e-0037-5eb5-028834000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
818ae0de7ad59110-FRA
expires
Fri, 20 Oct 2023 17:53:03 GMT
gtm.js
www.googletagmanager.com/ 		303 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NHFHR69
Requested by
Host: ncaforkids.wufoo.com
URL: https://ncaforkids.wufoo.com/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a177a146143cddbfff33bd05a0d016fa0baf8b4f990dbe71a8695fb1e2e82b46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 17:53:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
99776
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 16:29:58 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 19 Oct 2023 17:53:03 GMT
ot_company_logo.png
cdn-ukwest.onetrust.com/logos/static/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-ukwest.onetrust.com/logos/static/ot_company_logo.png
Requested by
Host: ncaforkids.wufoo.com
URL: https://ncaforkids.wufoo.com/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 19 Oct 2023 17:53:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
content-md5
E8+sk/ECzKgTUVtDLikiIA==
age
43204
content-length
4036
x-ms-lease-status
unlocked
last-modified
Wed, 18 Oct 2023 11:34:23 GMT
server
cloudflare
etag
0x8DBCFCE2D94B50E
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
4d42cf0a-301e-0061-2650-026044000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
818ae0de8c6e2bb8-FRA
expires
Fri, 20 Oct 2023 17:53:03 GMT
powered_by_logo.svg
cdn-ukwest.onetrust.com/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-ukwest.onetrust.com/logos/static/powered_by_logo.svg
Requested by
Host: ncaforkids.wufoo.com
URL: https://ncaforkids.wufoo.com/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 19 Oct 2023 17:53:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
43277
x-ms-lease-status
unlocked
last-modified
Wed, 18 Oct 2023 11:34:24 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
d59083a8-101e-001b-3450-020a09000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
818ae0de8c702bb8-FRA
expires
Fri, 20 Oct 2023 17:53:03 GMT
rqe7246bq0.js
tracker.marinsm.com/tracker/async/ 		0
322 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tracker.marinsm.com/tracker/async/rqe7246bq0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHFHR69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-62.prg50.r.cloudfront.net
Software
Apache/2.4.6 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 06:27:27 GMT
via
1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
server
Apache/2.4.6 (CentOS)
x-amz-cf-pop
PRG50-C1
age
41137
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
max-age=172800
x-marintrackerversion
3
content-length
0
x-amz-cf-id
mqzW9kXpgEV9G4pHJqWxfQ1_p9E9u4hOgcQS_zbYfnfMEJkY9dnvTQ==
expires
Thu, 19 Oct 2023 06:30:20 GMT
bat.js
bat.bing.com/ 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHFHR69
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a7006c9765b3997f8d2ff41cc0560fe325677b74d57c26084c958431d2325574
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 19 Oct 2023 17:53:03 GMT
last-modified
Thu, 12 Oct 2023 17:36:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1B30E1D20AC54509B8DAB5FF1E4CA559 Ref B: FRAEDGE1414 Ref C: 2023-10-19T17:53:03Z
etag
"808ec9ad32fdd91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
12978
insight.min.js
snap.licdn.com/li.lms-analytics/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHFHR69
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:3::210:ee91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b4a73e79ac953f25e7800b5ca583552229ce52f3a8c9dad31ee9da427ffa614e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 17:53:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 19 Oct 2023 05:46:58 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=42851
accept-ranges
bytes
content-length
3855
fbevents.js
connect.facebook.net/en_US/ 		199 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ncaforkids.wufoo.com
URL: https://ncaforkids.wufoo.com/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 19 Oct 2023 17:53:03 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53588
x-xss-protection
0
pragma
public
x-fb-debug
WkEHA2dYMqRUWhtS6Cqn1jMzp9PkOTLDYu1x6HU0ma9Zvu7QOgnhNyP88LnrMhughD42lwwtNFXoWcOLwayQAA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
up_loader.1.1.0.js
js.adsrvr.org/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHFHR69
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-15-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 03:51:17 GMT
Content-Encoding
gzip
Via
1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
Last-Modified
Tue, 01 Aug 2023 20:10:44 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P7
Age
50507
x-amz-server-side-encryption
AES256
ETag
W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
dNZvhy06aJDafaLfe9VvkH_eWhhgWWANBHXAu6XgAPOy_5WoWPPf6w==
sqzpc6lxm.js
cdn.krxd.net/controltag/ 		39 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/sqzpc6lxm.js
Requested by
Host: ncaforkids.wufoo.com
URL: https://ncaforkids.wufoo.com/login/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8baa47a0c17ca20dfec65b1c36512fd63c20758835868ec453428a7f34ddcb20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Thu, 19 Oct 2023 17:53:03 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
732
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-length
7010
x-served-by
config-service-a005-ash-prod.krxd.net, cache-iad-kiad7000164-IAD, cache-fra-eddf8230087-FRA
x-response-time
1
x-do-esi
esi
x-timer
S1697737984.921763,VS0,VE1
etag
"80bb3996c66190ea3066f55d6b13b3f3c6bde85e"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 13985, 1
820586381327446
connect.facebook.net/signals/config/ 		140 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/820586381327446?v=2.9.135&r=stable&domain=ncaforkids.wufoo.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b4ab1ec6f3aa29989de6c93bfaf9ef1b4ac08446dd4ca80fd4b647527c80b289
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 19 Oct 2023 17:53:04 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
qNg1SXRZCx4Tf0AcVyzQDEWWv1w5uQL73qVB/iJe1Kvlu9zGHhd13Blaq6nbQKnMy7cyKCcBCpvY6jP64K7Ytw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
controltag.js.d58f47095e6041e576ee04944cca45da
cdn.krxd.net/ctjs/ 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.d58f47095e6041e576ee04944cca45da
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/sqzpc6lxm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2b1e3b3fb908a46f761d6e16bbb691442b94d9b7f22146d42b720b427b0b82ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Thu, 19 Oct 2023 17:53:03 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
11164
age
4375734
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
84766
x-served-by
cache-fra-eddf8230087-FRA
last-modified
Tue, 04 Oct 2022 09:41:11 GMT
x-timer
S1697737984.946908,VS0,VE0
etag
"d58f47095e6041e576ee04944cca45da"
content-type
application/javascript
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Fri, 01 Oct 2032 09:41:10 GMT
insight.beta.min.js
snap.licdn.com/li.lms-analytics/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:3::210:ee91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
cf45a6e6cbad391adcca623beb4f135d34ad20b3e3e4ead65d3e2e50fab9c78e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 17:53:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 19 Oct 2023 05:46:59 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=42912
accept-ranges
bytes
content-length
14938
5549426.js
bat.bing.com/p/action/ 		0
116 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5549426.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Thu, 19 Oct 2023 17:53:03 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 647979487A3744D9A4FD0A1B4C0E013B Ref B: FRAEDGE1414 Ref C: 2023-10-19T17:53:03Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5549426&tm=gtm002&Ver=2&mid=b97d5c61-384c-41ba-91f2-6ee2593eda5d&sid=5a0e99e06ea811ee8a74ed631afa77e7&vid=5a0ed7c06ea811eea580f37c2540e60c&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Wufoo%20%C2%B7%20Login&kw=wufoo,%20html%20form,%20web%20form,%20form%20builder,%20contact%20form,%20online%20survey,%20payment%20form,%20event%20registration,%20online%20invitation,%20mailing%20list,%20online%20poll&p=https%3A%2F%2Fncaforkids.wufoo.com%2Flogin%2F&r=&lt=2544&evt=pageLoad&sv=1&rn=109780
Requested by
Host: ncaforkids.wufoo.com
URL: https://ncaforkids.wufoo.com/login/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 19 Oct 2023 17:53:03 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4A7F6284EA654EF8A8D1AF0444FCA859 Ref B: FRAEDGE1414 Ref C: 2023-10-19T17:53:03Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame 64BC 		805 B
848 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.d58f47095e6041e576ee04944cca45da
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Referer
https://ncaforkids.wufoo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
31404591
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
525
content-type
text/html
date
Thu, 19 Oct 2023 17:53:04 GMT
etag
"3d2100fd7107262ecb55ce6847f01fa5"
expires
Fri, 19 Feb 2027 17:50:50 GMT
last-modified
Tue, 21 Feb 2017 17:50:54 GMT
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
8897
x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
x-served-by
cache-fra-eddf8230087-FRA
x-timer
S1697737984.000253,VS0,VE0
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2811&time=1697737984003&url=https%3A%2F%2Fncaforkids.wufoo.com%2Flogin%2F
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2811&time=1697737984003&url=https%3A%2F%2Fncaforkids.wufoo.com%2Flogin%2F&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2811%26time%3D1697737984003%26url%3Dhttps%253A%252F%252Fncaforkids.wufoo.com%252F...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2811&time=1697737984003&url=https%3A%2F%2Fncaforkids.wufoo.com%2Flogin%2F&cookiesTest=true&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2811&time=1697737984003&url=https%3A%2F%2Fncaforkids.wufoo.com%2Flogin%2F&cookiesTest=true&liSync=true&e_ipv6=AQK4trFh0PjKEQAAAYtJEcpQG1zzkZBySIR...
0
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2811&time=1697737984003&url=https%3A%2F%2Fncaforkids.wufoo.com%2Flogin%2F&cookiesTest=true&liSync=true&e_ipv6=AQK4trFh0PjKEQAAAYtJEcpQG1zzkZBySIRkCRIUJlml5mOlZsSILYV0kWbaf5NPv7RAb6O9fBnK-CO1vqRhr5yC0xzW
Requested by
Host: ncaforkids.wufoo.com
URL: https://ncaforkids.wufoo.com/login/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 17:53:03 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 34476FE81E194AC8B343876CB6AB1B38 Ref B: FRAEDGE1422 Ref C: 2023-10-19T17:53:04Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYIFW2A1vFhAqdFJ4K5Cg==

Redirect headers

date
Thu, 19 Oct 2023 17:53:03 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: B37F6A15801540F4A6FDC4C7BFFE949F Ref B: FRAEDGE1809 Ref C: 2023-10-19T17:53:04Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2811&time=1697737984003&url=https%3A%2F%2Fncaforkids.wufoo.com%2Flogin%2F&cookiesTest=true&liSync=true&e_ipv6=AQK4trFh0PjKEQAAAYtJEcpQG1zzkZBySIRkCRIUJlml5mOlZsSILYV0kWbaf5NPv7RAb6O9fBnK-CO1vqRhr5yC0xzW
x-li-proto
http/2
content-length
0
x-li-uuid
AAYIFW1+OAKGWdHKqf+VsA==
sqzpc6lxm.js
cdn.krxd.net/controltag/ Frame 64BC 		39 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/sqzpc6lxm.js
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8baa47a0c17ca20dfec65b1c36512fd63c20758835868ec453428a7f34ddcb20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Thu, 19 Oct 2023 17:53:04 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
732
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-length
7010
x-served-by
config-service-a005-ash-prod.krxd.net, cache-iad-kiad7000164-IAD, cache-fra-eddf8230087-FRA
x-response-time
1
x-do-esi
esi
x-timer
S1697737984.028319,VS0,VE0
etag
"80bb3996c66190ea3066f55d6b13b3f3c6bde85e"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 13985, 2
db1b0b13-47c8-4a85-9c32-452991ddaba9
consumer.krxd.net/consent/get/ 		240 B
296 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/db1b0b13-47c8-4a85-9c32-452991ddaba9?idt=device&dt=kxcookie&callback=Krux.ns.surveymonkey.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.d58f47095e6041e576ee04944cca45da
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
08faf48b8666f48f3a8129fb0cb7244446891e8d4b86bcf7e450c9dcc98cca45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-served-by
consumer-a009-dub-prod.krxd.net, cache-fra-eddf8230112-FRA
date
Thu, 19 Oct 2023 17:53:04 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-timer
S1697737984.068390,VS0,VE68
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
content-length
191
x-cache-hits
0, 0
controltag.js.d58f47095e6041e576ee04944cca45da
cdn.krxd.net/ctjs/ Frame 64BC 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.d58f47095e6041e576ee04944cca45da
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/sqzpc6lxm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2b1e3b3fb908a46f761d6e16bbb691442b94d9b7f22146d42b720b427b0b82ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Thu, 19 Oct 2023 17:53:04 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
11165
age
4375734
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
84766
x-served-by
cache-fra-eddf8230087-FRA
last-modified
Tue, 04 Oct 2022 09:41:11 GMT
x-timer
S1697737984.037285,VS0,VE0
etag
"d58f47095e6041e576ee04944cca45da"
content-type
application/javascript
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Fri, 01 Oct 2032 09:41:10 GMT
db1b0b13-47c8-4a85-9c32-452991ddaba9
consumer.krxd.net/consent/get/ Frame 64BC 		225 B
427 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/db1b0b13-47c8-4a85-9c32-452991ddaba9?idt=device&dt=kxcookie&callback=Krux.ns.surveymonkey.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.d58f47095e6041e576ee04944cca45da
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b0fba96bef94d91d2629b08f130bee4d9bb0cd2edb25409440b71acc518741dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-served-by
consumer-a005-dub-prod.krxd.net, cache-fra-eddf8230112-FRA
date
Thu, 19 Oct 2023 17:53:04 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-timer
S1697737984.070421,VS0,VE30
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
content-length
183
x-cache-hits
0, 0
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=820586381327446&ev=PageView&dl=https%3A%2F%2Fncaforkids.wufoo.com%2Flogin%2F&rl=&if=false&ts=1697737984306&sw=1600&sh=1200&v=2.9.135&r=stable&ec=0&o=30&cs_est=true&ler=empty&it=1697737983938&coo=false&rqm=GET
Requested by
Host: ncaforkids.wufoo.com
URL: https://ncaforkids.wufoo.com/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 19 Oct 2023 17:53:04 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
px.ads.linkedin.com/wa/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: cdn.signalfx.com
URL: https://cdn.signalfx.com/o11y-gdi-rum/latest/splunk-otel-web.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
https://ncaforkids.wufoo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 19 Oct 2023 17:53:04 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: BEE23580A9214582A9C67E62F18FDD30 Ref B: FRAEDGE1809 Ref C: 2023-10-19T17:53:04Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
access-control-allow-origin
https://ncaforkids.wufoo.com
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYIFW2DNyjvBXBFvRDCLA==
prum.min.js
rum-static.pingdom.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rum-static.pingdom.net/prum.min.js
Requested by
Host: ncaforkids.wufoo.com
URL: https://ncaforkids.wufoo.com/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:5d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d5cfe14d65accc4bd1df0d7c3bb65be70d0f4e94a5f9d40465343a2807548ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 17:53:04 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 14 Oct 2022 06:22:29 GMT
server
cloudflare
age
4558
etag
W/"63490025-1849"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=43200
cf-ray
818ae0e5986836df-FRA
up
insight.adsrvr.org/track/ Frame 091E 		0
60 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=7qm6jp1&ref=https%3A%2F%2Fncaforkids.wufoo.com%2Flogin%2F&upid=moixee0&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ncaforkids.wufoo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
content-type
text/html
date
Thu, 19 Oct 2023 17:53:04 GMT
server
Kestrel
optout_check
beacon.krxd.net/ 		85 B
245 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.surveymonkey.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.d58f47095e6041e576ee04944cca45da
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.230.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-230-23.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6d0239a272e8004e544c24420457206d0a9b713676eec6ccfb0c7415806f1f93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-served-by
beacon-n023-dub-prod.krxd.net
date
Thu, 19 Oct 2023 17:53:04 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=35 t=1697737984
content-type
text/javascript
activityi;dc_pre=CKvXjezWgoIDFccIogMdCaMKeA;src=3782466;type=stand589;cat=wflog203;ord=5658431899957;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fncaforkid...
3782466.fls.doubleclick.net/ Frame 9A92
Redirect Chain
  • https://3782466.fls.doubleclick.net/activityi;src=3782466;type=stand589;cat=wflog203;ord=5658431899957;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fncafork...
  • https://3782466.fls.doubleclick.net/activityi;dc_pre=CKvXjezWgoIDFccIogMdCaMKeA;src=3782466;type=stand589;cat=wflog203;ord=5658431899957;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;e...
524 B
465 B 		Document
General
Check archive.org
Download Go to
Full URL
https://3782466.fls.doubleclick.net/activityi;dc_pre=CKvXjezWgoIDFccIogMdCaMKeA;src=3782466;type=stand589;cat=wflog203;ord=5658431899957;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fncaforkids.wufoo.com%2Flogin%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHFHR69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.198 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f6.1e100.net
Software
cafe /
Resource Hash
2ddf1d9fa176885913b00dd2e4dd90c132b9b44b2e7238b5c923fb8177cf389d
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ncaforkids.wufoo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
289
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 17:53:04 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 17:53:04 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://3782466.fls.doubleclick.net/activityi;dc_pre=CKvXjezWgoIDFccIogMdCaMKeA;src=3782466;type=stand589;cat=wflog203;ord=5658431899957;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fncaforkids.wufoo.com%2Flogin%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
beacon.gif
rum-collector-2.pingdom.net/img/ 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rum-collector-2.pingdom.net/img/beacon.gif?id=5251d805abe53dd14b000000&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=735&cE=735&dLE=735&dLS=735&fS=735&hS=-1&rE=-1&rS=-1&reS=735&resS=1576&resE=1577&uEE=-1&uES=-1&dL=1579&dI=2536&dCLES=2544&dCLEE=2544&dC=3801&lES=3801&lEE=3805&s=nt&title=Wufoo%20%C2%B7%20Login&path=https%3A%2F%2Fncaforkids.wufoo.com%2Flogin%2F&ref=&sId=1hbvtgow&sST=1697737984&sIS=1&rV=0&v=1.4.1
Requested by
Host: cdn.signalfx.com
URL: https://cdn.signalfx.com/o11y-gdi-rum/latest/splunk-otel-web.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.57.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-57-202.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncaforkids.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Thu, 19 Oct 2023 17:53:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
dc_pre=CKvXjezWgoIDFccIogMdCaMKeA;src=3782466;type=stand589;cat=wflog203;ord=5658431899957;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fncaforkids.wufoo.co...
adservice.google.com/ddm/fls/i/ Frame 0C18 		523 B
664 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CKvXjezWgoIDFccIogMdCaMKeA;src=3782466;type=stand589;cat=wflog203;ord=5658431899957;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fncaforkids.wufoo.com%2Flogin%2F
Requested by
Host: 3782466.fls.doubleclick.net
URL: https://3782466.fls.doubleclick.net/activityi;dc_pre=CKvXjezWgoIDFccIogMdCaMKeA;src=3782466;type=stand589;cat=wflog203;ord=5658431899957;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fncaforkids.wufoo.com%2Flogin%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
72a8899f24c40d83b3f84246408bdb1eda21773f3017893865ef161424829355
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3782466.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
290
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 17:53:05 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=CKvXjezWgoIDFccIogMdCaMKeA;src=3782466;type=stand589;cat=wflog203;ord=5658431899957;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fncaforkids.wufoo.co...
3782466.fls.doubleclick.net/ddm/fls/r/ Frame B43F
Redirect Chain
  • https://adservice.google.de/ddm/fls/i/dc_pre=CKvXjezWgoIDFccIogMdCaMKeA;src=3782466;type=stand589;cat=wflog203;ord=5658431899957;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~...
  • https://3782466.fls.doubleclick.net/ddm/fls/r/dc_pre=CKvXjezWgoIDFccIogMdCaMKeA;src=3782466;type=stand589;cat=wflog203;ord=5658431899957;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;e...
325 B
186 B 		Document
General
Check archive.org
Download Go to
Full URL
https://3782466.fls.doubleclick.net/ddm/fls/r/dc_pre=CKvXjezWgoIDFccIogMdCaMKeA;src=3782466;type=stand589;cat=wflog203;ord=5658431899957;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fncaforkids.wufoo.com%2Flogin%2F
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CKvXjezWgoIDFccIogMdCaMKeA;src=3782466;type=stand589;cat=wflog203;ord=5658431899957;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fncaforkids.wufoo.com%2Flogin%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.198 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f6.1e100.net
Software
cafe /
Resource Hash
2fc04e064b8bfaedfa14b2f8d481a6e2ebc2c84dd3ac8d8cc3c8dfa13bdf1335
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
161
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 17:53:05 GMT
expires
Thu, 19 Oct 2023 17:53:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 17:53:05 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://3782466.fls.doubleclick.net/ddm/fls/r/dc_pre=CKvXjezWgoIDFccIogMdCaMKeA;src=3782466;type=stand589;cat=wflog203;ord=5658431899957;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fncaforkids.wufoo.com%2Flogin%2F
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
insight.adsrvr.org/track/evnt/ Frame B43F 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/evnt/?adv=7qm6jp1&ct=0:hqqi1va&fmt=3
Requested by
Host: 3782466.fls.doubleclick.net
URL: https://3782466.fls.doubleclick.net/ddm/fls/r/dc_pre=CKvXjezWgoIDFccIogMdCaMKeA;src=3782466;type=stand589;cat=wflog203;ord=5658431899957;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fncaforkids.wufoo.com%2Flogin%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3782466.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 17:53:05 GMT
server
Kestrel
content-length
70
content-type
image/gif
rum
rum-ingest.us1.signalfx.com/v1/ 		4 B
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rum-ingest.us1.signalfx.com/v1/rum?auth=zQDdp67Bj5femMun0rlk_w
Requested by
Host: cdn.signalfx.com
URL: https://cdn.signalfx.com/o11y-gdi-rum/latest/splunk-otel-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.80.211.65 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-80-211-65.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

Request headers

Accept
*/*
Referer
https://ncaforkids.wufoo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-id
gdi-rum-655788c777-846d9
date
Thu, 19 Oct 2023 17:53:06 GMT
server
istio-envoy
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://ncaforkids.wufoo.com
x-debug-id
8316131070611175980
x-envoy-upstream-service-time
1
content-length
4

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| OneTrustStub object| notConsentedButTriedToLoad function| OptanonWrapper function| InitOneTrustConsentDependents string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData function| initGTMDataLayer function| getCookie object| SplunkRum string| OTEL_TRACES_EXPORTER undefined| $ function| jQuery function| getURLParameter function| removeEUBanner function| sendVerificationEmail function| Swipe object| LanguageSelector function| redirectOnLanguageSelection object| wf function| FastClick boolean| deviceIsAndroid boolean| deviceIsIOS boolean| deviceIsIOS4 boolean| deviceIsIOSWithBadTarget boolean| deviceIsBlackBerry10 object| _self object| Prism function| _ function| PromiseQueue object| wuf boolean| signUpSubmitting function| submitSignUp object| AWIN function| getErrorMessage function| isIE function| sendDebugEvent object| shrslImgs function| AwinCustomEvent object| Optanon object| OneTrust object| google_tag_manager object| google_tag_data object| _mTrack string| _linkedin_data_partner_id function| fbq function| _fbq object| _prum function| Krux function| ttd_dom_ready function| TTDUniversalPixelApi object| process function| UET function| UET_init function| UET_push object| ueto_44ca293a65 object| uetq function| lintrk boolean| _already_called_lintrk object| ORIBILI

15 Cookies

Domain/Path Name / Value
.wufoo.com/ Name: ep201
Value: 4a5RSlOT12HAtaVo7EZ92vmSduI=
.wufoo.com/ Name: PHPSESSID
Value: 2cn02cur51mpcpdjmv9l2qabslnfnes3
.wufoo.com/ Name: wuSignup
Value: 1
ncaforkids.wufoo.com/ Name: _splunk_rum_sid
Value: %7B%22id%22%3A%22cba5f00a614bbef44379ef68d024961c%22%2C%22startTime%22%3A1697737983471%7D
.wufoo.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Thu+Oct+19+2023+19%3A53%3A03+GMT%2B0200+(Central+European+Summer+Time)&version=202309.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=49bddae6-dd23-4ba3-8697-efafd3c8f321&interactionCount=0&landingPath=https%3A%2F%2Fncaforkids.wufoo.com%2Flogin%2F&groups=C0001%3A1%2CC0003%3A0%2CC0004%3A0
.bing.com/ Name: MUID
Value: 050455787F756D0F221346D77E1E6CBC
.krxd.net/ Name: _kuid_
Value: P3V6d_jg
.linkedin.com/ Name: li_sugr
Value: e1c82989-2555-46aa-a952-e722f7503b07
.linkedin.com/ Name: bcookie
Value: "v=2&aa33fef7-207f-4849-8a69-d63a75dec956"
.linkedin.com/ Name: lidc
Value: "b=TGST06:s=T:r=T:a=T:p=T:g=2732:u=1:x=1:i=1697737984:t=1697824384:v=2:sig=AQHlakgvT3tucd25kyv70uf0IFNal-im"
.linkedin.com/ Name: UserMatchHistory
Value: AQLW2Yz8VdnmVQAAAYtJEcj3l9vTjYik5XsE-6p5Aiww0G-QbAgtsBshK9x7f0yLpFsDZvHVVu5OXg
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQI40nfasOnD_wAAAYtJEcj3pAd4VHJG83KwN1m4XHEsrM0E2Vo5r0rx0Ja5RniaFtrzcE8uVHJzVrfs3vhgXQ
.www.linkedin.com/ Name: bscookie
Value: "v=1&2023101917530447029010-a16b-40c9-81f5-449bf1c0c90aAQEM37RtJzsq129f_NkXaAYp3ey2JgX1"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTc3Mzc5ODQ7MjswMjEh2gF+qTJW7liclswqYA57vK6XF8sI9iIOQC5oOP5q2A==
.doubleclick.net/ Name: IDE
Value: AHWqTUksqcI5EK6FJ7fLDJSa2m8fio7wvA5QF7ZfDt_Y1Zx-PN7UnUolsEgQtQCAlZ8

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3782466.fls.doubleclick.net
adservice.google.com
adservice.google.de
ajax.googleapis.com
bat.bing.com
beacon.krxd.net
cdn-ukwest.onetrust.com
cdn.jsdelivr.net
cdn.krxd.net
cdn.signalfx.com
cdn.ywxi.net
connect.facebook.net
consumer.krxd.net
geolocation.onetrust.com
insight.adsrvr.org
js.adsrvr.org
ncaforkids.wufoo.com
px.ads.linkedin.com
px4.ads.linkedin.com
rum-collector-2.pingdom.net
rum-ingest.us1.signalfx.com
rum-static.pingdom.net
snap.licdn.com
static.wufoo.com
tracker.marinsm.com
www.dwin1.com
www.facebook.com
www.googletagmanager.com
www.linkedin.com
108.138.15.119
13.107.42.14
142.250.74.198
151.101.2.133
18.239.94.22
18.239.94.81
2600:9000:2127:4c00:14:6bfc:5740:93a1
2600:9000:2127:7800:f:8ce2:fb80:93a1
2606:4700:10::ac43:5d8
2606:4700:4400::6812:2089
2606:4700::6810:5614
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:806::200a
2a00:1450:4001:812::2002
2a00:1450:4001:828::2008
2a00:1450:4001:82f::2002
2a02:26f0:480:3::210:ee91
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.248.57.202
35.71.131.137
35.80.211.65
52.209.230.23
65.9.95.42
65.9.95.62
08faf48b8666f48f3a8129fb0cb7244446891e8d4b86bcf7e450c9dcc98cca45
09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b
0b0a210e89ac35b54a9b4ccb0336ea91c561e6dc5f8bda49574da98d40799c6e
0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d
17b2a47720dd8abed7db78358e56d8b6fd5063cc18d9badafb8fd1cd49c14311
1ce20c94aee3323d1bdb5c001f4b6381d9145aae176800d7a2d9ad8918a27deb
1d5cfe14d65accc4bd1df0d7c3bb65be70d0f4e94a5f9d40465343a2807548ae
27048a8d907280584aae07643a4ab4e7b107273039707faa01ad6ecbcd11b09f
2b1e3b3fb908a46f761d6e16bbb691442b94d9b7f22146d42b720b427b0b82ae
2ddf1d9fa176885913b00dd2e4dd90c132b9b44b2e7238b5c923fb8177cf389d
2fc04e064b8bfaedfa14b2f8d481a6e2ebc2c84dd3ac8d8cc3c8dfa13bdf1335
2fc7f40fe3b6fca4d842274e5c319024864535325c7484e201b7c53257209809
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
45975fb6551e9701196b8964576ce62ee10901a761cd224c799dff4b44af18dd
502823baad943ddb6f57a3528fe91d5c61bd91f6ee77b859af8a8201defb71c4
54ad895c943daa7289078398b3690f937264c28cb0be673b79c367712c07395b
5a20ecd495775b81544092cbae4f1d376c1cd3a201475c877ddd0683faa17c90
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6d0239a272e8004e544c24420457206d0a9b713676eec6ccfb0c7415806f1f93
71d04ba9d5bbd226ef48e7d1e8a5c4ea374b74556178a4fe772aee3fbaefa602
72a8899f24c40d83b3f84246408bdb1eda21773f3017893865ef161424829355
74e617923cae53c9ea93b192ab7f817ddfdcf6418bb946dcd4c2b2b616549794
803f9665533b781ac3abb157ba32b9a1f48d3b7a30bada354656d4b89be22610
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
8baa47a0c17ca20dfec65b1c36512fd63c20758835868ec453428a7f34ddcb20
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3
9d1ac6865e4ba78d64acb5316f123a17a0840cbd8439415a8a66440697524e99
a177a146143cddbfff33bd05a0d016fa0baf8b4f990dbe71a8695fb1e2e82b46
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a7006c9765b3997f8d2ff41cc0560fe325677b74d57c26084c958431d2325574
a8cc975429fdfabd491d3ce1513e86866880dcd5d2208eb88565c78382c5e593
b04d72546f3d807901ac18982112fcf6c50c115095f76755040cd6be758599a7
b0fba96bef94d91d2629b08f130bee4d9bb0cd2edb25409440b71acc518741dc
b4a73e79ac953f25e7800b5ca583552229ce52f3a8c9dad31ee9da427ffa614e
b4ab1ec6f3aa29989de6c93bfaf9ef1b4ac08446dd4ca80fd4b647527c80b289
b71b51326b27eef47d4eaef3b6d186e74d994af7f6e1959b707d2c2375955682
be10996fa36b248225e9fe38d204b3663f97c5edb7008e8cfbb9dce92534dbe3
c7e022d03458278aabb7ce6892ddeef5736041de037d0d64adedc2eb1d82850b
cf45a6e6cbad391adcca623beb4f135d34ad20b3e3e4ead65d3e2e50fab9c78e
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d9f658664452831298032854735d874069c7ccf3cc7f0aafe9d6dca0b9cd7de7
dd3bd6248a094b72c4e75295cedd2070e235056cd3138a3854a5961d45645b6c
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec4776c76762e39b3eb9d72f0830f6b13de7b15394c7c1266c5b498b9424e999
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b