Submitted URL: https://t.e2ma.net/click/9oz5qp/hryw3w7k/t8ntr3d
Effective URL: https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
Submission: On September 22 via api from US — Scanned from DE

Summary

This website contacted 25 IPs in 4 countries across 19 domains to perform 67 HTTP transactions. The main IP is 2606:4700::6811:ee19, located in United States and belongs to CLOUDFLARENET, US. The main domain is natural-chough.cloudvent.net.
TLS certificate: Issued by E1 on August 7th 2023. Valid for: 3 months.
This is the only time natural-chough.cloudvent.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.219.138.169 14618 (AMAZON-AES)
14 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2.17.190.170 16625 (AKAMAI-AS)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 18.66.192.117 16509 (AMAZON-02)
10 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 18.173.154.13 16509 (AMAZON-02)
5 2606:4700:e2:... 13335 (CLOUDFLAR...)
1 3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
67 25
Apex Domain
Subdomains
Transfer
14 cloudvent.net
natural-chough.cloudvent.net
17 MB
12 gstatic.com
fonts.gstatic.com
www.gstatic.com
197 KB
9 youtube.com
img.youtube.com — Cisco Umbrella Rank: 3559
www.youtube.com — Cisco Umbrella Rank: 80
1 MB
6 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 3436
ka-f.fontawesome.com — Cisco Umbrella Rank: 7091
181 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
jnn-pa.googleapis.com — Cisco Umbrella Rank: 305
33 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
static.doubleclick.net — Cisco Umbrella Rank: 400
3 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 11
15 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
239 B
2 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 102
93 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1261
script.hotjar.com — Cisco Umbrella Rank: 1629
60 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 229
88 KB
2 hellobar.com
my.hellobar.com — Cisco Umbrella Rank: 32767
76 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 194
3 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 3974
455 B
1 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 4286
361 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 410
4 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
73 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1683
20 KB
1 e2ma.net
t.e2ma.net — Cisco Umbrella Rank: 67422
489 B
67 19
Domain Requested by
14 natural-chough.cloudvent.net natural-chough.cloudvent.net
10 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
8 www.youtube.com natural-chough.cloudvent.net
www.youtube.com
5 ka-f.fontawesome.com kit.fontawesome.com
natural-chough.cloudvent.net
4 jnn-pa.googleapis.com www.youtube.com
3 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
www.youtube.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 www.google.com natural-chough.cloudvent.net
www.youtube.com
2 www.facebook.com natural-chough.cloudvent.net
2 i.ytimg.com natural-chough.cloudvent.net
www.youtube.com
2 connect.facebook.net natural-chough.cloudvent.net
connect.facebook.net
2 my.hellobar.com natural-chough.cloudvent.net
my.hellobar.com
1 yt3.ggpht.com www.youtube.com
1 www.google.de natural-chough.cloudvent.net
1 static.doubleclick.net www.youtube.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com natural-chough.cloudvent.net
1 s7.addthis.com natural-chough.cloudvent.net
1 kit.fontawesome.com natural-chough.cloudvent.net
1 cdnjs.cloudflare.com natural-chough.cloudvent.net
1 img.youtube.com natural-chough.cloudvent.net
1 fonts.googleapis.com natural-chough.cloudvent.net
1 www.googletagmanager.com natural-chough.cloudvent.net
1 maxcdn.bootstrapcdn.com natural-chough.cloudvent.net
1 t.e2ma.net 1 redirects
67 25
Subject Issuer Validity Valid
cloudvent.net
E1
2023-08-07 -
2023-11-05
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-12-30 -
2023-12-30
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
*.google.com
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1
2022-11-22 -
2023-12-23
a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1
2023-02-07 -
2024-02-07
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-07-07 -
2023-09-30
3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01
2023-03-09 -
2024-04-06
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
ka-f.fontawesome.com
GTS CA 1P5
2023-09-10 -
2023-12-09
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
edgestatic.com
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
www.google.com
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
www.google.de
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh

This page contains 2 frames:

Primary Page: https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
Frame ID: 3D042DBC748E19D70028EEDAE9371B82
Requests: 46 HTTP requests in this frame

Frame: https://www.youtube.com/embed/vRMogko0pow?rel=0
Frame ID: E3FC6E6183204377695E166F019E6233
Requests: 20 HTTP requests in this frame

Screenshot

Page Title

Racing for a Cause: Our Experience at the David's Refuge Foundation Event

Page URL History Show full URLs

  1. https://t.e2ma.net/click/9oz5qp/hryw3w7k/t8ntr3d HTTP 302
    https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Overall confidence: 100%
Detected patterns
  • addthis\.com/js/

Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/


Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

67
Requests

99 %
HTTPS

84 %
IPv6

19
Domains

25
Subdomains

25
IPs

4
Countries

19158 kB
Transfer

22912 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.e2ma.net/click/9oz5qp/hryw3w7k/t8ntr3d HTTP 302
    https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

67 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request highlights-from-our-time-at-the-david-s-refuge-charity-event.html
natural-chough.cloudvent.net/
Redirect Chain
  • https://t.e2ma.net/click/9oz5qp/hryw3w7k/t8ntr3d
  • https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
25 KB
8 KB
Document
General
Full URL
https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ee19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611e6b27fb6e4e7af5e3d978b5a063706d9ba144126aacea2fac24187e273369

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
s-maxage=2419200, max-age=0, must-revalidate, public
cc-build-id
14620944
cc-cache-group
default
cc-cache-status
HIT
cc-perf
fetch-headers=52;t=58
cc-resolver
v3
cc-stable-domain
natural-chough.cloudvent.net
cf-cache-status
MISS
cf-ray
80ac658abd24085b-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 22 Sep 2023 17:51:33 GMT
etag
W/bfb31947b62641f0dd5d87e19fc4b9c5
last-modified
Thu, 21 Sep 2023 20:29:07 GMT
server
cloudflare
vary
Accept-Encoding
x-robots-tag
noindex, nofollow

Redirect headers

content-type
text/plain
date
Fri, 22 Sep 2023 17:51:33 GMT
location
https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
server
Apache
x-robots-tag
noindex, nofollow
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/
118 KB
20 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: natural-chough.cloudvent.net
URL: https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://natural-chough.cloudvent.net/
Origin
https://natural-chough.cloudvent.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 17:51:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
1078
age
8289
cdn-cachedat
07/06/2023 22:31:57
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"ec3bb52a00e176a7181d454dffaea219"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
a1ae4c07de8e2b8fe6c6b8967834612b
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
80ac658c29eebbf2-FRA
cdn-requestpullsuccess
True
main.css
natural-chough.cloudvent.net/css/
55 KB
12 KB
Stylesheet
General
Full URL
https://natural-chough.cloudvent.net/css/main.css?_cchid=d2511d5ab16580ce610a9ba0cdd32672&_cchid=93d0dc118e6007b440190ca01a03a148
Requested by
Host: natural-chough.cloudvent.net
URL: https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ee19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30bf85002564244a495aa374dd3b3e49744f3b85f948a41a0b6b98807df9a9c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 17:51:33 GMT
content-encoding
br
cf-cache-status
MISS
cc-build-id
14620944
cc-perf
fetch-headers=40;t=44
cc-resolver
v3
cc-cache-group
default
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 04 Sep 2023 09:35:27 GMT
server
cloudflare
etag
W/93d0dc118e6007b440190ca01a03a148
cc-stable-domain
natural-chough.cloudvent.net
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=2419200, max-age=0, must-revalidate, public
cc-cache-status
HIT
x-robots-tag
noindex, nofollow
cf-ray
80ac658bfec5085b-FRA
js
www.googletagmanager.com/gtag/
199 KB
73 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-679563641
Requested by
Host: natural-chough.cloudvent.net
URL: https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d5cbdd5869cc731398439e9ade789ce8775028d5ba389eb2d2b6525be3783933
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://natural-chough.cloudvent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 17:51:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73855
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 22 Sep 2023 17:51:34 GMT
css2
fonts.googleapis.com/
25 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Gelasio:wght@400;700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,100;1,300;1,400;1,500;1,700&display=swap
Requested by
Host: natural-chough.cloudvent.net
URL: https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a4596cf23feec69a9707a8d20a7a1df7090c2ab283b4452b5b9f90bce6b481b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://natural-chough.cloudvent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 22 Sep 2023 17:51:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 17:51:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 22 Sep 2023 17:51:33 GMT
main.css
natural-chough.cloudvent.net/css/
55 KB
12 KB
Stylesheet
General
Full URL
https://natural-chough.cloudvent.net/css/main.css?_cchid=93d0dc118e6007b440190ca01a03a148
Requested by
Host: natural-chough.cloudvent.net
URL: https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ee19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30bf85002564244a495aa374dd3b3e49744f3b85f948a41a0b6b98807df9a9c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 17:51:33 GMT
content-encoding
br
cf-cache-status
MISS
cc-build-id
14620944
cc-perf
fetch-headers=46;t=50
cc-resolver
v3
cc-cache-group
forever
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 04 Sep 2023 09:35:27 GMT
server
cloudflare
etag
W/93d0dc118e6007b440190ca01a03a148
cc-stable-domain
natural-chough.cloudvent.net
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=2419200, max-age=2419200, must-revalidate, public
cc-cache-status
HIT
x-robots-tag
noindex, nofollow
cf-ray
80ac658bfec8085b-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
hodgkinshomes-logo-place-white-color-web-2.png
natural-chough.cloudvent.net/uploads/
23 KB
24 KB
Image
General
Full URL
https://natural-chough.cloudvent.net/uploads/hodgkinshomes-logo-place-white-color-web-2.png?_cchid=fab885aa273b560801682d040e96c51b
Requested by
Host: natural-chough.cloudvent.net
URL: https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:ee19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe1d55fd7fd1a52ef969c0fb5a6bff62034f4a1dce413797bd6b9cd86a9c2735

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 17:51:33 GMT
cf-cache-status
HIT
cc-build-id
14593019
age
78
cf-polished
origSize=45148, status=webp_bigger
cc-perf
fetch-headers=68;t=74
cc-resolver
v3
cc-cache-group
forever
content-length
24041
alt-svc
h3=":443"; ma=86400
cf-bgj
imgq:100,h2pri
last-modified
Sun, 09 Apr 2023 23:43:47 GMT
server
cloudflare
etag
fab885aa273b560801682d040e96c51b
cc-stable-domain
natural-chough.cloudvent.net
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
s-maxage=2419200, max-age=2419200, must-revalidate, public
cc-cache-status
HIT
accept-ranges
bytes
x-robots-tag
noindex, nofollow
cf-ray
80ac658d5e42694f-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
2022chip-hodgkin.png
natural-chough.cloudvent.net/uploads/
15 MB
15 MB
Image
General
Full URL
https://natural-chough.cloudvent.net/uploads/2022chip-hodgkin.png?_cchid=c872ac8d74e4645612a59f90d1a49df4
Requested by
Host: natural-chough.cloudvent.net
URL: https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:ee19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf13e6368e1fa3b6f717d24367c61a68cef4a1888f6455ef92503f2d332cdf07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 17:51:33 GMT
cf-cache-status
HIT
cc-build-id
14620944
age
78
cf-polished
origFmt=png, origSize=16457321
cc-perf
fetch-headers=114;t=119
content-disposition
inline; filename="2022chip-hodgkin.webp"
cc-resolver
v3
cc-cache-group
forever
content-length
15726927
alt-svc
h3=":443"; ma=86400
cf-bgj
imgq:100,h2pri
last-modified
Tue, 15 Aug 2023 14:39:56 GMT
server
cloudflare
etag
c872ac8d74e4645612a59f90d1a49df4
cc-stable-domain
natural-chough.cloudvent.net
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=2419200, max-age=2419200, must-revalidate, public
cc-cache-status
MISS
accept-ranges
bytes
x-robots-tag
noindex, nofollow
cf-ray
80ac658d5e45694f-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
capture2.png
natural-chough.cloudvent.net/uploads/
836 B
1 KB
Image
General
Full URL
https://natural-chough.cloudvent.net/uploads/capture2.png?_cchid=e7363030a460da3d58156ec687c59c87
Requested by
Host: natural-chough.cloudvent.net
URL: https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:ee19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1ca6cbe074a7b249ccc393451b733b20bb191059f1f30fc3ba7b97f2715a85b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 17:51:33 GMT
cf-cache-status
HIT
cc-build-id
14619455
age
78
cf-polished
origFmt=png, origSize=1535
cc-perf
fetch-headers=46;t=51
content-disposition
inline; filename="capture2.webp"
cc-resolver
v3
cc-cache-group
forever
content-length
836
alt-svc
h3=":443"; ma=86400
cf-bgj
imgq:100,h2pri
last-modified
Thu, 21 Sep 2023 16:28:19 GMT
server
cloudflare
etag
e7363030a460da3d58156ec687c59c87
cc-stable-domain
natural-chough.cloudvent.net
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=2419200, max-age=2419200, must-revalidate, public
cc-cache-status
HIT
accept-ranges
bytes
x-robots-tag
noindex, nofollow
cf-ray
80ac658d5e46694f-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
maxresdefault.jpg
img.youtube.com/vi/vGCHHdBaQuk/
128 KB
128 KB
Image
General
Full URL
https://img.youtube.com/vi/vGCHHdBaQuk/maxresdefault.jpg
Requested by
Host: natural-chough.cloudvent.net
URL: https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
841ba35b8e3fc88fe1e5a6317b8af80664f8759a4130a82276ecebe8b37cb901
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://natural-chough.cloudvent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 17:50:15 GMT
x-content-type-options
nosniff
age
79
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
130566
x-xss-protection
0
server
sffe
etag
"1655224139"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 22 Sep 2023 19:50:15 GMT
checkmark.png
natural-chough.cloudvent.net/img/
1 KB
1 KB
Image
General
Full URL
https://natural-chough.cloudvent.net/img/checkmark.png?_cchid=27b40515cc391475f142f2d5bfc1a7b3
Requested by
Host: natural-chough.cloudvent.net
URL: https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:ee19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9762b4ff0f88634dedcad02456901ccdf840df92baa0323804d385a47bc8d064

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 17:51:33 GMT
cf-cache-status
HIT
cc-build-id
14620944
age
78
cf-polished
origFmt=png, origSize=3055
cc-perf
fetch-headers=64;t=69
content-disposition
inline; filename="checkmark.webp"
cc-resolver
v3
cc-cache-group
forever
content-length
1046
alt-svc
h3=":443"; ma=86400
cf-bgj
imgq:100,h2pri
last-modified
Wed, 05 Apr 2023 17:37:09 GMT
server
cloudflare
etag
27b40515cc391475f142f2d5bfc1a7b3
cc-stable-domain
natural-chough.cloudvent.net
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=2419200, max-age=2419200, must-revalidate, public
cc-cache-status
MISS
accept-ranges
bytes
x-robots-tag
noindex, nofollow
cf-ray
80ac658d5e4e694f-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
natural-chough.cloudvent.net/js/
82 KB
30 KB
Script
General
Full URL
https://natural-chough.cloudvent.net/js/jquery.min.js?_cchid=4a356126b9573eb7bd1e9a7494737410
Requested by
Host: natural-chough.cloudvent.net
URL: https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:ee19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 17:51:33 GMT
content-encoding
br
cf-cache-status
HIT
cc-build-id
14620944
age
78
cc-perf
fetch-headers=86;t=91
cc-resolver
v3
cc-cache-group
forever
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 05 Apr 2023 17:37:09 GMT
server
cloudflare
etag
W/4a356126b9573eb7bd1e9a7494737410
cc-stable-domain
natural-chough.cloudvent.net
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=2419200, max-age=2419200, must-revalidate, public
cc-cache-status
HIT
x-robots-tag
noindex, nofollow
cf-ray
80ac658d2e1c694f-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
clipboard.min.js
cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.6.0/
10 KB
4 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.6.0/clipboard.min.js
Requested by
Host: natural-chough.cloudvent.net
URL: https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74511bfa45ec3a55c3154e1af7e1307c713ccf58542611064d46f7ce48726d83
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://natural-chough.cloudvent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 17:51:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5010473
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2971
last-modified
Thu, 22 Jun 2023 10:57:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942929-b9b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=laM1VVmDciORGELsC4XTWtboBIZWZF2XHoYETAWGk2HEorJEIj93C1Oro1hEueqyVD8FA%2BGE%2BeljFZio3QzGf%2FUAt2sFWxO9LbNZZqv6rDTrQDO%2B%2FM%2BY%2FENfrwZk3qx%2FsqlvsrdPpRpCly8Lnjq6YWG2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80ac658d68b11c79-FRA
expires
Wed, 11 Sep 2024 17:51:34 GMT
f26bb5781d.js
kit.fontawesome.com/
11 KB
5 KB
Script
General
Full URL
https://kit.fontawesome.com/f26bb5781d.js
Requested by
Host: natural-chough.cloudvent.net
URL: https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0231f83cfbe00fdd17f97011165ad76ea260d71e9e4150580fc2b66ef18c4c1

Request headers

Referer
https://natural-chough.cloudvent.net/
Origin
https://natural-chough.cloudvent.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 17:51:34 GMT
content-encoding
gzip
cf-cache-status
MISS
server
cloudflare
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/javascript
cache-control
max-age=60, public, stale-while-revalidate=30
cf-ray
80ac658d6a4c9c0d-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F4dJ8030K7ZSw58V-zRj
script.js
natural-chough.cloudvent.net/js/
4 KB
2 KB
Script
General
Full URL
https://natural-chough.cloudvent.net/js/script.js?_cchid=350ba166cf47d14f6b7197253d5fae0c
Requested by
Host: natural-chough.cloudvent.net
URL: https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:ee19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d754769862e7342f32678df9379ec608124e3061553c71e04d8ca9d47aaf3f1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 17:51:33 GMT
content-encoding
br
cf-cache-status
HIT
cc-build-id
14620944
age
78
cc-perf
fetch-headers=75;t=79
cc-resolver
v3
cc-cache-group
forever
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 05 Apr 2023 17:37:13 GMT
server
cloudflare
etag
W/350ba166cf47d14f6b7197253d5fae0c
cc-stable-domain
natural-chough.cloudvent.net
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=2419200, max-age=2419200, must-revalidate, public
cc-cache-status
HIT
x-robots-tag
noindex, nofollow
cf-ray
80ac658d5e3a694f-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
owl.carousel.min.js
natural-chough.cloudvent.net/js/
23 KB
7 KB
Script
General
Full URL
https://natural-chough.cloudvent.net/js/owl.carousel.min.js?_cchid=88d0fe722f04973e2888b58a63aa0570
Requested by
Host: natural-chough.cloudvent.net
URL: https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:ee19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0e2bc4e1d3ee5024c4e1aa58a6cad9aa42fc63a8c89ce18013a1c8f2b94875c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 17:51:33 GMT
content-encoding
br
cf-cache-status
HIT
cc-build-id
14620944
age
78
cc-perf
site-load=13;fetch-headers=45;t=60
cc-resolver
v3
cc-cache-group
forever
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 05 Apr 2023 17:37:09 GMT
server
cloudflare
etag
W/88d0fe722f04973e2888b58a63aa0570
cc-stable-domain
natural-chough.cloudvent.net
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=2419200, max-age=2419200, must-revalidate, public
cc-cache-status
HIT
x-robots-tag
noindex, nofollow
cf-ray
80ac658d5e3c694f-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.jplayer.min.js
natural-chough.cloudvent.net/js/
60 KB
15 KB
Script
General
Full URL
https://natural-chough.cloudvent.net/js/jquery.jplayer.min.js?_cchid=4a332e8b9248f2d7dd45f855570944e8
Requested by
Host: natural-chough.cloudvent.net
URL: https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:ee19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
600230e783fa38f88891426af12ddac8e12e9c4cff3222b60310d8d2814b341b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 17:51:33 GMT
content-encoding
br
cf-cache-status
HIT
cc-build-id
14620944
age
78
cc-perf
fetch-headers=50;t=55
cc-resolver
v3
cc-cache-group
forever
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 05 Apr 2023 17:37:09 GMT
server
cloudflare
etag
W/4a332e8b9248f2d7dd45f855570944e8
cc-stable-domain
natural-chough.cloudvent.net
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=2419200, max-age=2419200, must-revalidate, public
cc-cache-status
HIT
x-robots-tag
noindex, nofollow
cf-ray
80ac658d5e40694f-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
media-player.js
natural-chough.cloudvent.net/js/
1 KB
1 KB
Script
General
Full URL
https://natural-chough.cloudvent.net/js/media-player.js?_cchid=168cd3d0699f14fd4bacd780c2bb067d
Requested by
Host: natural-chough.cloudvent.net
URL: https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:ee19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae45024f0a150036f3bd74bec78521d9a97e8ff85dd024b33b6c3bb3145f6597

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 17:51:33 GMT
content-encoding
br
cf-cache-status
HIT
cc-build-id
14620944
age
78
cc-perf
fetch-headers=55;t=60
cc-resolver
v3
cc-cache-group
forever
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 05 Apr 2023 17:37:13 GMT
server
cloudflare
etag
W/168cd3d0699f14fd4bacd780c2bb067d
cc-stable-domain
natural-chough.cloudvent.net
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=2419200, max-age=2419200, must-revalidate, public
cc-cache-status
MISS
x-robots-tag
noindex, nofollow
cf-ray
80ac658d5e41694f-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
addthis_widget.js
s7.addthis.com/js/300/
56 B
361 B
Script
General
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: natural-chough.cloudvent.net
URL: https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.190.170 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-190-170.deploy.static.akamaitechnologies.com
Software
Oracle API Gateway /
Resource Hash
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://natural-chough.cloudvent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 22 Sep 2023 17:51:34 GMT
server
Oracle API Gateway
opc-request-id
/1A4D43CEE5E4C6D0E251FD1BC6D39940/161AE85E91FACDB430D659F9E879592D
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
text/javascript
x-distribution
99
x-host
s7.addthis.com
content-length
76
x-xss-protection
1; mode=block
3637f5c1b3822971be9cc062632ab7c7c1b1e46b.js
my.hellobar.com/
5 KB
2 KB
Script
General
Full URL
https://my.hellobar.com/3637f5c1b3822971be9cc062632ab7c7c1b1e46b.js
Requested by
Host: natural-chough.cloudvent.net
URL: https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:f17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11bc5790c268852ef61ed72841b2a428782d03a4fa14ae5763277b72272da456

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://natural-chough.cloudvent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 17:51:34 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Fri, 22 Sep 2023 12:50:03 GMT
server
cloudflare
x-amz-request-id
5DA2298ZW8YYS29S
etag
W/"4133430b34e624e8f41864a590d0d97a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=86400, must-revalidate, proxy-revalidate, s-maxage=10
cf-ray
80ac658da83d692b-FRA
x-amz-id-2
FeCinvpE/eO2Ge3RNEFAAKf7AD/sZ3UBTs50UXfY/QqhNYE0qTkXZCU3K8Oc4HxO/uCPhCUYBPcVRP94A8XAdg==
fbevents.js
connect.facebook.net/en_US/
197 KB
53 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: natural-chough.cloudvent.net
URL: https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b02d00f123297597d6e4b02dfbee910cfe211687b2d454309d5dd9b1b39fd0e4
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://natural-chough.cloudvent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 22 Sep 2023 17:51:33 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53243
x-xss-protection
0
pragma
public
x-fb-debug
0yWKrb+e9i2+UUbmWE0aLDW6tsrIBr01f/YSWZ2atODZRXeupeTXHDoagi4cOlEWM4UtdgUzJhXBsxFlqzx+og==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
hotjar-3413358.js
static.hotjar.com/c/
10 KB
4 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-3413358.js?sv=6
Requested by
Host: natural-chough.cloudvent.net
URL: https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-117.muc50.r.cloudfront.net
Software
/
Resource Hash
300255c715b9b7baa6adaee0697687046b105164253083ee1ae349340e06f083
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://natural-chough.cloudvent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Fri, 22 Sep 2023 17:51:34 GMT
via
1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
etag
W/dfcc6f0af57d6f65f1d02974f10a3c88
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
mz9RMFIejOpHDPuyPM0V5mREcsEbZYJIujV86_7x5omkubYHsyz7KA==
untitled-design-23.png
natural-chough.cloudvent.net/uploads/
2 MB
2 MB
Image
General
Full URL
https://natural-chough.cloudvent.net/uploads/untitled-design-23.png?_cchid=827a30c8a9e1991d20a310910fdc7143
Requested by
Host: natural-chough.cloudvent.net
URL: https://natural-chough.cloudvent.net/css/main.css?_cchid=93d0dc118e6007b440190ca01a03a148
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:ee19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcee44fb5bf22ae67167c33528d342422074b0fbbc2f382bfe654ea4b96a2b9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://natural-chough.cloudvent.net/css/main.css?_cchid=93d0dc118e6007b440190ca01a03a148
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 17:51:33 GMT
cf-cache-status
HIT
cc-build-id
14620944
age
78
cf-polished
origFmt=png, origSize=2963784
cc-perf
fetch-headers=125;t=129
content-disposition
inline; filename="untitled-design-23.webp"
cc-resolver
v3
cc-cache-group
forever
content-length
1729990
alt-svc
h3=":443"; ma=86400
cf-bgj
imgq:100,h2pri
last-modified
Tue, 15 Aug 2023 14:38:48 GMT
server
cloudflare
etag
827a30c8a9e1991d20a310910fdc7143
cc-stable-domain
natural-chough.cloudvent.net
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=2419200, max-age=2419200, must-revalidate, public
cc-cache-status
MISS
accept-ranges
bytes
x-robots-tag
noindex, nofollow
cf-ray
80ac658d6e54694f-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Gelasio:wght@400;700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,100;1,300;1,400;1,500;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://natural-chough.cloudvent.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 13:37:19 GMT
x-content-type-options
nosniff
age
533655
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Sep 2024 13:37:19 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Gelasio:wght@400;700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,100;1,300;1,400;1,500;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://natural-chough.cloudvent.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 15:22:55 GMT
x-content-type-options
nosniff
age
8919
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Sep 2024 15:22:55 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Gelasio:wght@400;700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,100;1,300;1,400;1,500;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://natural-chough.cloudvent.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 02:35:09 GMT
x-content-type-options
nosniff
age
573385
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Sep 2024 02:35:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Gelasio:wght@400;700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,100;1,300;1,400;1,500;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://natural-chough.cloudvent.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 04:06:52 GMT
x-content-type-options
nosniff
age
49482
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Sep 2024 04:06:52 GMT
cIf4MaFfvUQxTTqS_JWEdGYmnQ.woff2
fonts.gstatic.com/s/gelasio/v10/
26 KB
26 KB
Font
General
Full URL
https://fonts.gstatic.com/s/gelasio/v10/cIf4MaFfvUQxTTqS_JWEdGYmnQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Gelasio:wght@400;700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,100;1,300;1,400;1,500;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
adc07999a53fc29fac6aea101ccc3d83e3a70d0fb8777541b0183e152d6b548b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://natural-chough.cloudvent.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 04:02:13 GMT
x-content-type-options
nosniff
age
49761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26656
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 02:26:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Sep 2024 04:02:13 GMT
cIf9MaFfvUQxTTqS9C6hYQ.woff2
fonts.gstatic.com/s/gelasio/v10/
26 KB
26 KB
Font
General
Full URL
https://fonts.gstatic.com/s/gelasio/v10/cIf9MaFfvUQxTTqS9C6hYQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Gelasio:wght@400;700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,100;1,300;1,400;1,500;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37f43a2446a888561c181a97d0a7d95952ca67e4852ce7c1299ab103430f1dc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://natural-chough.cloudvent.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 05:19:01 GMT
x-content-type-options
nosniff
age
563553
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26580
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 02:15:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Sep 2024 05:19:01 GMT
KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/
17 KB
17 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Gelasio:wght@400;700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,100;1,300;1,400;1,500;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://natural-chough.cloudvent.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 09:21:37 GMT
x-content-type-options
nosniff
age
548997
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17032
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Sep 2024 09:21:37 GMT
KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/
17 KB
17 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Gelasio:wght@400;700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,100;1,300;1,400;1,500;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
661d4b208656c006e7aab58acf7784857963123675de2302279fbe6c05313547
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://natural-chough.cloudvent.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 13:19:20 GMT
x-content-type-options
nosniff
age
534734
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17336
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Sep 2024 13:19:20 GMT
vRMogko0pow
www.youtube.com/embed/ Frame E3FC
89 KB
38 KB
Document
General
Full URL
https://www.youtube.com/embed/vRMogko0pow?rel=0
Requested by
Host: natural-chough.cloudvent.net
URL: https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7631c94f66c4f650c162d68383a1efb74ec21b3b4e048fb6dce5befd42b0d060
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://natural-chough.cloudvent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Sep 2023 17:51:34 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
www-player.css
www.youtube.com/s/player/f130aa11/ Frame E3FC
378 KB
48 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/f130aa11/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/vRMogko0pow?rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
184f263c8a0cf32ae43d5a71874448ee748057dae78d16b189355f20856d1571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/vRMogko0pow?rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 13:37:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
15247
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48765
x-xss-protection
0
last-modified
Wed, 20 Sep 2023 01:59:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 21 Sep 2024 13:37:27 GMT
embed.js
www.youtube.com/s/player/f130aa11/player_ias.vflset/de_DE/ Frame E3FC
55 KB
17 KB
Script
General
Full URL
https://www.youtube.com/s/player/f130aa11/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/vRMogko0pow?rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7891eaa380c192fb4cfaac26b1a93e908100c6242d9cc85be17319e34597bcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/vRMogko0pow?rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:36:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
209690
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17380
x-xss-protection
0
last-modified
Wed, 20 Sep 2023 01:59:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 19 Sep 2024 07:36:44 GMT
www-embed-player.js
www.youtube.com/s/player/f130aa11/www-embed-player.vflset/ Frame E3FC
314 KB
94 KB
Script
General
Full URL
https://www.youtube.com/s/player/f130aa11/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/vRMogko0pow?rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
814a083900a57d4247f0698dc4c4ebc204e44e3e24d481506fda5e82e0d05bab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/vRMogko0pow?rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 14:09:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
13338
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
96189
x-xss-protection
0
last-modified
Wed, 20 Sep 2023 01:59:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 21 Sep 2024 14:09:16 GMT
base.js
www.youtube.com/s/player/f130aa11/player_ias.vflset/de_DE/ Frame E3FC
2 MB
784 KB
Script
General
Full URL
https://www.youtube.com/s/player/f130aa11/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/vRMogko0pow?rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5721f53c689982d42752413c694af6d5099bd212826edff13410dbefae7aac8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/vRMogko0pow?rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:36:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
209690
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
802381
x-xss-protection
0
last-modified
Wed, 20 Sep 2023 01:59:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 19 Sep 2024 07:36:44 GMT
modules.87c64ece4c32532efcb6.js
script.hotjar.com/
225 KB
55 KB
Script
General
Full URL
https://script.hotjar.com/modules.87c64ece4c32532efcb6.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3413358.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-13.muc50.r.cloudfront.net
Software
/
Resource Hash
535b2abfe5021a4ebd5577db4ff0bcc358dd30d4943df49d02a26feb8c1a4ea4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://natural-chough.cloudvent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 13:37:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 ca623c10f2a669c8a9af30362937ebac.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
age
101667
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56133
last-modified
Thu, 21 Sep 2023 13:36:45 GMT
etag
"df814a1255030223e6ab003f27b95f6f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
TFVNUp2FwRvuAMJs2Rc-ipeIbK_JQ5BTbwC6Ao1-XTdQxagmldWjLg==
909073350302686
connect.facebook.net/signals/config/
136 KB
35 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/909073350302686?v=2.9.128&r=stable&domain=natural-chough.cloudvent.net
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ac71a04fd3b24d1405b0cbdef8e8d0347ed3c8fa0faf13dea94ed3900ccd652c
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://natural-chough.cloudvent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 22 Sep 2023 17:51:34 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
36024
x-xss-protection
0
pragma
public
x-fb-debug
r7Z2cIGCNWLhH1CWpqZ5t7TCe3KRH5uT5tZ2twze4kV4SCT8ZE4gGrberWeck+PN3LgxFfMyfkllg9kKJedQ2A==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
free.min.css
ka-f.fontawesome.com/releases/v6.4.2/css/
100 KB
23 KB
Fetch
General
Full URL
https://ka-f.fontawesome.com/releases/v6.4.2/css/free.min.css?token=f26bb5781d
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/f26bb5781d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e0821588462d15b0ff8e911760fc041332c162e2e30ab4b1071bcc8eb6c8223

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://natural-chough.cloudvent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 17:51:34 GMT
via
1.1 127aaaaca740f298a4c887357ec047b4.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CDG52-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 19:07:56 GMT
server
cloudflare
etag
W/"ae737a19e46fd502ba9cbe9e33213861"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dYJf1XXR8oJ1znX6YQycrHrYkp13if54XoiX2CvkMjQNevmr0N34CgCNY3knqJXJUzLRtshbp2E1t2DPDdFqnCG13wT%2FrC24sR2XJKsTfsiovmbY9LVbY4po8fIiQoPcW5albQHU1KD%2B%2FOIv8JbTL%2B1y6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
80ac65905f849223-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
aPjUFC8CnjOBtgMNHTmnPfkO90_IBLJRfUaPQ67x0u1Pg-hrIdvUQw==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v6.4.2/css/
27 KB
5 KB
Fetch
General
Full URL
https://ka-f.fontawesome.com/releases/v6.4.2/css/free-v4-shims.min.css?token=f26bb5781d
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/f26bb5781d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
236e285339a2a692e9491d356489cdf83513cfb1add049a0620123d644e47554

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://natural-chough.cloudvent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 17:51:34 GMT
via
1.1 e5b75c92aeb08b72d17d5fe9dd0647e0.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CDG52-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 19:07:56 GMT
server
cloudflare
etag
W/"da06df503ced6ee507b5fb4fa0999f74"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BBDkALHbNm0jncLQ5K57tP2nateMjPEeKbChVR6yoxqNmt2V2SKFebPyk2t4WzxXrtcVpR2YzaXIWtKqQ7eAxTxc8c%2F1c3bMgwlOT%2Fhui9yTgB%2FQ4cizVCne0IrXMmffnJEMWxGAlRh66Cu7D0D5l9kfFw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
80ac65905f889223-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
_tCSONQO4jnaZB0_TRjcEvCnB5m4uuGLLrPcNKl2kXPVrbD0OdSPkg==
free-v5-font-face.min.css
ka-f.fontawesome.com/releases/v6.4.2/css/
823 B
719 B
Fetch
General
Full URL
https://ka-f.fontawesome.com/releases/v6.4.2/css/free-v5-font-face.min.css?token=f26bb5781d
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/f26bb5781d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e81443469aa4b967191ce19b7474eb223746a2b8d5dc42d3786da84d99dfad9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://natural-chough.cloudvent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 17:51:34 GMT
via
1.1 4bb1350a7e907cdd02f8977c1aa46622.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CDG52-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 19:07:56 GMT
server
cloudflare
etag
W/"dbf296002d53e56d340b105d9d764940"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tSS3wdwF6ngJIIwvB68WzKhqc88puThNgmWkCaZ%2FBw9s3IklaCpIqNqzVTNRoRW890cMGAwiIQA5OJmKVKTL6LwuftcQsvjZQCUW%2FTllLu7I6Bh0Jz3YR1o3X9QLFVBlIQK8Qxap5wM2o4WoSPAmcrvXeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
80ac65905f8b9223-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
qDKuHqQxff_uSI92zovybTBF_eY19Hbzf2R1j8zo4cUoFwjkvhzy1A==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v6.4.2/css/
2 KB
1 KB
Fetch
General
Full URL
https://ka-f.fontawesome.com/releases/v6.4.2/css/free-v4-font-face.min.css?token=f26bb5781d
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/f26bb5781d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c58c4804370b9c347d517491c450416ca371fb1403aceaa1d6f751403b07c48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://natural-chough.cloudvent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 17:51:34 GMT
via
1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 19:07:56 GMT
server
cloudflare
etag
W/"9b853b50f37dd0ca770ce0f294d427df"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pZwMT%2B0Sh2n3U8m7k%2BvMUtWGHqsWYf7%2Bn4FdESybqrDg77JBxf3wnvDG9eTNesHl1leTz4yF61f6%2Fg1j%2BvKckIcqeL%2Fae1ATIbHJ8rLFAeT2s5eTojU9CpHiOWfLRFVydb2GV8udBKA1Ah3q%2FWtUK%2BqnBg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
80ac65905f899223-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
WLo7xmxICrCDMDh4boEmxS3bjyXJTxj-P4NTxuZkPSiZpO5uCceB8Q==
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E3FC
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/vRMogko0pow?rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 06:47:09 GMT
x-content-type-options
nosniff
age
558265
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Sep 2024 06:47:09 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E3FC
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/vRMogko0pow?rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 17:41:40 GMT
x-content-type-options
nosniff
age
259794
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Sep 2024 17:41:40 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/679563641/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/679563641/?random=1695405094452&cv=11&fst=1695405094452&bg=ffffff&guid=ON&async=1&gtm=45be39k0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnatural-chough.cloudvent.net%2Fhighlights-from-our-time-at-the-david-s-refuge-charity-event.html&hn=www.googleadservices.com&frm=0&tiba=Racing%20for%20a%20Cause%3A%20Our%20Experience%20at%20the%20David%27s%20Refuge%20Foundation%20Event&auid=1225345939.1695405094&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-679563641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21c1af2e85f96e9cad7d02458c1fe8179c7dd948fdc4b68e8f0dc14699a7c393
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://natural-chough.cloudvent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 17:51:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1414
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules-v2.js
my.hellobar.com/
295 KB
73 KB
Script
General
Full URL
https://my.hellobar.com/modules-v2.js
Requested by
Host: my.hellobar.com
URL: https://my.hellobar.com/3637f5c1b3822971be9cc062632ab7c7c1b1e46b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:f17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2eebc7a4dbe8a186c5a4a5bc35661f9955b38148da96d008cedf216c5d40aa6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://natural-chough.cloudvent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 17:51:34 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
F1DH3VARKRT0SEB1
age
3061
cf-polished
origSize=302344
x-amz-server-side-encryption
AES256
x-amz-id-2
rJY3xS4w37Gm7i9EI4DZ3XYyuH7jWlOmsjrPMXSnk3gRjmKvgkQ6qxfSk5O5LVWZvWKsGvHhI7w=
cf-bgj
minify
last-modified
Wed, 20 Sep 2023 16:58:18 GMT
server
cloudflare
etag
W/"670ffdddfe70331e875aa3c553f8ad57"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=14400
cf-ray
80ac6590aba9692b-FRA
hqdefault.jpg
i.ytimg.com/vi/tgA0bUrrsbs/
32 KB
32 KB
Image
General
Full URL
https://i.ytimg.com/vi/tgA0bUrrsbs/hqdefault.jpg
Requested by
Host: natural-chough.cloudvent.net
URL: https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f62d12dd49a52d84cb188d9f95797bec90806fb273e1f91e0b9fb855e64bf717
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://natural-chough.cloudvent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 17:51:08 GMT
x-content-type-options
nosniff
age
26
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32800
x-xss-protection
0
server
sffe
etag
"1650983094"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 22 Sep 2023 19:51:08 GMT
play-button.png
natural-chough.cloudvent.net/img/
2 KB
2 KB
Image
General
Full URL
https://natural-chough.cloudvent.net/img/play-button.png?_cchid=cf8cd4aac402ddd800040bb058e5523a
Requested by
Host: natural-chough.cloudvent.net
URL: https://natural-chough.cloudvent.net/css/main.css?_cchid=93d0dc118e6007b440190ca01a03a148
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:ee19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e969a72cbb95b7b32ca714034fe49a8235f70ad64bac26c93c1b80cea91f36d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://natural-chough.cloudvent.net/css/main.css?_cchid=93d0dc118e6007b440190ca01a03a148
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 17:51:34 GMT
cf-cache-status
HIT
cc-build-id
14593019
age
79
cf-polished
origFmt=png, origSize=3167
cc-perf
site-load=37;build-load=10;fetch-headers=57;t=105
content-disposition
inline; filename="play-button.webp"
cc-resolver
v3
cc-cache-group
forever
content-length
1582
alt-svc
h3=":443"; ma=86400
cf-bgj
imgq:100,h2pri
last-modified
Wed, 05 Apr 2023 17:37:09 GMT
server
cloudflare
etag
cf8cd4aac402ddd800040bb058e5523a
cc-stable-domain
natural-chough.cloudvent.net
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=2419200, max-age=2419200, must-revalidate, public
cc-cache-status
HIT
accept-ranges
bytes
x-robots-tag
noindex, nofollow
cf-ray
80ac6590a9e0694f-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=909073350302686&ev=PageView&dl=https%3A%2F%2Fnatural-chough.cloudvent.net%2Fhighlights-from-our-time-at-the-david-s-refuge-charity-event.html&rl=&if=false&ts=1695405094586&sw=1600&sh=1200&v=2.9.128&r=stable&ec=0&o=30&fbp=fb.1.1695405094583.543757588&it=1695405094411&coo=false&rqm=GET
Requested by
Host: natural-chough.cloudvent.net
URL: https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://natural-chough.cloudvent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 22 Sep 2023 17:51:34 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v6.4.2/webfonts/
147 KB
147 KB
Font
General
Full URL
https://ka-f.fontawesome.com/releases/v6.4.2/webfonts/free-fa-solid-900.woff2
Requested by
Host: natural-chough.cloudvent.net
URL: https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3e9a900f61c6811de529e4227226b898ce88b65a66347d0088a2da3af5e60b5

Request headers

Referer
https://natural-chough.cloudvent.net/
Origin
https://natural-chough.cloudvent.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 17:51:34 GMT
via
1.1 76a5975e559091e5f81e2804be07dd0c.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CDG52-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
150020
last-modified
Tue, 01 Aug 2023 19:25:32 GMT
server
cloudflare
etag
"a8dcee416ebfe6e615e5902a49500e48"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rpnFeGY9Vr00e0SCMNk208lwCXyTTUVnxLAnt5We%2BwnPU5CmJBPlUBM13znFiSCL3qFedU5H8AO2caC8P9dt063Od1sZoCRmdQXSlgv5GvSXsV3u9anRE%2FsrB3H4NBbqGNhYIozbjokKOqk8tahUFZ0d3A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
80ac659198919223-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
uWUedEOdi916OKIaXkcqxuqPPt_1-pYAtXdo_wVOl9aLoxfQTsqL7w==
id
googleads.g.doubleclick.net/pagead/ Frame E3FC
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/vRMogko0pow?rel=0
Protocol
H3
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
be9ec99e968851f08f31353658ae3c9fe5b1a6f509bef902dcf3dd5a0233857e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 17:51:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 22 Sep 2023 17:51:34 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame E3FC
29 B
495 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f130aa11/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 17:40:59 GMT
x-content-type-options
nosniff
age
635
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Sep 2023 17:55:59 GMT
/
www.google.com/pagead/1p-user-list/679563641/
42 B
455 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/679563641/?random=1695405094452&cv=11&fst=1695402000000&bg=ffffff&guid=ON&async=1&gtm=45be39k0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnatural-chough.cloudvent.net%2Fhighlights-from-our-time-at-the-david-s-refuge-charity-event.html&frm=0&tiba=Racing%20for%20a%20Cause%3A%20Our%20Experience%20at%20the%20David%27s%20Refuge%20Foundation%20Event&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=753105830&rmt_tld=0&ipr=y
Requested by
Host: natural-chough.cloudvent.net
URL: https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://natural-chough.cloudvent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 17:51:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/679563641/
42 B
455 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/679563641/?random=1695405094452&cv=11&fst=1695402000000&bg=ffffff&guid=ON&async=1&gtm=45be39k0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnatural-chough.cloudvent.net%2Fhighlights-from-our-time-at-the-david-s-refuge-charity-event.html&frm=0&tiba=Racing%20for%20a%20Cause%3A%20Our%20Experience%20at%20the%20David%27s%20Refuge%20Foundation%20Event&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=753105830&rmt_tld=1&ipr=y
Requested by
Host: natural-chough.cloudvent.net
URL: https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://natural-chough.cloudvent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 17:51:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 22 Sep 2023 17:51:34 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame E3FC
68 KB
32 KB
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f130aa11/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b26956f5e7f7a8c5d67f19e6b8f209f40323e5619b347f88011c834a13e2f8ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 22 Sep 2023 17:51:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32201
x-xss-protection
0
remote.js
www.youtube.com/s/player/f130aa11/player_ias.vflset/de_DE/ Frame E3FC
116 KB
33 KB
Script
General
Full URL
https://www.youtube.com/s/player/f130aa11/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f130aa11/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ff42611cba8673fc8528d4f051c9f162ffa691af3ca410315b5a147e49bd5f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/vRMogko0pow?rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:36:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
209689
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33722
x-xss-protection
0
last-modified
Wed, 20 Sep 2023 01:59:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 19 Sep 2024 07:36:45 GMT
glybE_mf_pMFkK3qzBykJ5gIoRAFQO3TESEgEWHxXEQ.js
www.google.com/js/th/ Frame E3FC
38 KB
15 KB
Script
General
Full URL
https://www.google.com/js/th/glybE_mf_pMFkK3qzBykJ5gIoRAFQO3TESEgEWHxXEQ.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f130aa11/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
825c9b13f99ffe930590adeacc1ca4279808a1100540edd31121201161f15c44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 05:29:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
217335
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14846
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 20:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Sep 2024 05:29:19 GMT
maxresdefault.jpg
i.ytimg.com/vi/vRMogko0pow/ Frame E3FC
60 KB
60 KB
Image
General
Full URL
https://i.ytimg.com/vi/vRMogko0pow/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGFEgWihlMA8=&rs=AOn4CLAlM2V_m3aqBf0nA_EFDKRBjbhDrg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/vRMogko0pow?rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28dcfead9d2bb82a6fa774d32ecfaeff01566a48348a4f87ae56397676f636b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 17:51:08 GMT
x-content-type-options
nosniff
age
26
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61698
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 22 Sep 2023 19:51:08 GMT
truncated
/ Frame E3FC
175 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type
image/png
fJWpDh6LDuprv8qwwwnTlWNrj0IenU7o2qZg3DARXPBYaEVWRpvsYzXy0OIF8QUaCYg6vEB7=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame E3FC
2 KB
3 KB
Image
General
Full URL
https://yt3.ggpht.com/fJWpDh6LDuprv8qwwwnTlWNrj0IenU7o2qZg3DARXPBYaEVWRpvsYzXy0OIF8QUaCYg6vEB7=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/vRMogko0pow?rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a34012b4bed31cc77d115d204bdc625c5d2d5a0c25f1078445945e74bc329e75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 17:51:08 GMT
x-content-type-options
nosniff
age
26
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2525
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 23 Sep 2023 17:51:08 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame E3FC
90 B
134 B
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f130aa11/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7fddc079936285bc635ed6c8e084e8ebf0d8236aa413fb47cc8d68cc49a45efa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 22 Sep 2023 17:51:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 22 Sep 2023 17:51:34 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame E3FC
4 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f130aa11/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 17:51:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 17:51:35 GMT
generate_204
www.youtube.com/ Frame E3FC
0
10 B
Image
General
Full URL
https://www.youtube.com/generate_204?yJZozA
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/vRMogko0pow?rel=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/vRMogko0pow?rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 17:51:35 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
www.facebook.com/tr/
0
54 B
Image
General
Full URL
https://www.facebook.com/tr/?id=909073350302686&ev=Microdata&dl=https%3A%2F%2Fnatural-chough.cloudvent.net%2Fhighlights-from-our-time-at-the-david-s-refuge-charity-event.html&rl=&if=false&ts=1695405095568&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Racing%20for%20a%20Cause%3A%20Our%20Experience%20at%20the%20David%27s%20Refuge%20Foundation%20Event%22%2C%22meta%3Adescription%22%3A%22We%20recently%20got%20the%20opportunity%20to%20drive%20in%20a%20race%20for%20charity!%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Racing%20for%20a%20Cause%3A%20Our%20Experience%20at%20the%20David%27s%20Refuge%20Foundation%20Event%22%2C%22og%3Adescription%22%3A%22We%20recently%20got%20the%20opportunity%20to%20drive%20in%20a%20race%20for%20charity!%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fimg.youtube.com%2Fvi%2FvRMogko0pow%2Fmaxresdefault.jpg%22%2C%22og%3Aurl%22%3A%22%2Fhighlights-from-our-time-at-the-david-s-refuge-charity-event.html%22%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A0%2C%22w%22%3A600%7D%2C%22properties%22%3A%7B%22articleBody%22%3A%22By%20Chip%20Hodgkins%5Cn%5CnThe%20Chip%20Hodgkins%20Team%20specializes%20in%20Residential%20Real%20Estate%20Selling%20and%20Buying%2C%20mortgage%2C%20title%2C%20development%2C%20new%20construction%20and%20remodeling.%5Cn%5CnAt%20a%20recent%20event%20hosted%20by%20the%20David%E2%80%99s%20Refuge%20Foundation%2C%20we%20had%20the%20privilege%20of%20combining%20the%20thrill%20of%20racing%20with%20the%20satisfaction%20of%20supporting%20a%20worthy%20cause.%20This%20charity%20race%20was%20not%20just%20about%20speed%20and%20competition%3B%20it%20was%20about%20coming%20together%20as%20a%20community%20to%20make%20a%20positive%20impact.%20Watch%20as%20we%20take%20you%20through%20our%20unforg%22%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FBlogPosting%22%7D%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.128&r=stable&ec=1&o=30&fbp=fb.1.1695405094583.543757588&it=1695405094411&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: natural-chough.cloudvent.net
URL: https://natural-chough.cloudvent.net/highlights-from-our-time-at-the-david-s-refuge-charity-event.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://natural-chough.cloudvent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 22 Sep 2023 17:51:35 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
cast_sender.js
www.gstatic.com/eureka/clank/117/ Frame E3FC
51 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/eureka/clank/117/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9cdf2602ac04f7e2bed582d4299c73d464fc4ab069e3ad5a20ee2b6635a015b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 12:15:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20175
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15373
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 15:05:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sat, 23 Sep 2023 12:15:20 GMT
log_event
www.youtube.com/youtubei/v1/ Frame E3FC
28 B
54 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f130aa11/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
X-Goog-Request-Time
1695405097054
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/vRMogko0pow?rel=0
X-YouTube-Client-Version
1.20230919.12.00
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtDcGhVQlN6ajNabyimqLeoBjIGCgJERRIA
X-YouTube-Ad-Signals
dt=1695405094589&flash=0&frm=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C960%2C540&vis=1&wgl=true&ca_type=image

Response headers

date
Fri, 22 Sep 2023 17:51:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Fri, 22 Sep 2023 17:51:39 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture function| fbq function| _fbq function| gtag object| dataLayer function| hj object| _hjSettings function| scrollFunction function| topFunction function| $ function| jQuery object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| google_tag_manager object| google_tag_data object| FontAwesomeKitConfig object| GooglebQhCsO function| labnolIframe function| initYouTubeVideos function| toggleNav function| closeButtonNav function| bootstrap object| hellobarSiteSettings object| script function| Hellobar

12 Cookies

Domain/Path Name / Value
t.e2ma.net/ Name: AWSALB
Value: ZhIuaLdxjUB/99giDNziNam9kwoTNkADVXV4P6U3BOFDqiO0JJJ21cdWALE+Ss+xj20TmG/7MqLUHbz+i4m16CqR5MVsoSOlMb9rmIvQM9VX8RiCdHracDPF1nys
t.e2ma.net/ Name: AWSALBCORS
Value: ZhIuaLdxjUB/99giDNziNam9kwoTNkADVXV4P6U3BOFDqiO0JJJ21cdWALE+Ss+xj20TmG/7MqLUHbz+i4m16CqR5MVsoSOlMb9rmIvQM9VX8RiCdHracDPF1nys
.youtube.com/ Name: YSC
Value: fsRNzcC9qv0
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: CphUBSzj3Zo
.cloudvent.net/ Name: _gcl_au
Value: 1.1.1225345939.1695405094
.cloudvent.net/ Name: _hjSessionUser_3413358
Value: eyJpZCI6Ijk5ODZhMmQwLTNlNWQtNTk2Mi05NmE4LWI2M2IxN2JlNGM5YiIsImNyZWF0ZWQiOjE2OTU0MDUwOTQ1NDgsImV4aXN0aW5nIjpmYWxzZX0=
.cloudvent.net/ Name: _hjFirstSeen
Value: 1
.cloudvent.net/ Name: _hjIncludedInSessionSample_3413358
Value: 0
.cloudvent.net/ Name: _hjSession_3413358
Value: eyJpZCI6ImUxNmM4YzE1LTE1YzQtNGFhYi05OGM3LTc5MWIyZDUwODk1OCIsImNyZWF0ZWQiOjE2OTU0MDUwOTQ1NTAsImluU2FtcGxlIjpmYWxzZX0=
.cloudvent.net/ Name: _hjAbsoluteSessionInProgress
Value: 0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.cloudvent.net/ Name: _fbp
Value: fb.1.1695405094583.543757588

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
img.youtube.com
jnn-pa.googleapis.com
ka-f.fontawesome.com
kit.fontawesome.com
maxcdn.bootstrapcdn.com
my.hellobar.com
natural-chough.cloudvent.net
s7.addthis.com
script.hotjar.com
static.doubleclick.net
static.hotjar.com
t.e2ma.net
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
18.173.154.13
18.66.192.117
2.17.190.170
2606:4700:10::6816:f17
2606:4700::6811:180e
2606:4700::6811:ee19
2606:4700::6812:1734
2606:4700::6812:bcf
2606:4700:e2::ac40:8309
2a00:1450:4001:802::2006
2a00:1450:4001:808::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2016
2a00:1450:4001:811::2008
2a00:1450:4001:812::2003
2a00:1450:4001:813::200a
2a00:1450:4001:828::2001
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:830::200e
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
3.219.138.169
0e81443469aa4b967191ce19b7474eb223746a2b8d5dc42d3786da84d99dfad9
11bc5790c268852ef61ed72841b2a428782d03a4fa14ae5763277b72272da456
184f263c8a0cf32ae43d5a71874448ee748057dae78d16b189355f20856d1571
21c1af2e85f96e9cad7d02458c1fe8179c7dd948fdc4b68e8f0dc14699a7c393
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
236e285339a2a692e9491d356489cdf83513cfb1add049a0620123d644e47554
28dcfead9d2bb82a6fa774d32ecfaeff01566a48348a4f87ae56397676f636b1
300255c715b9b7baa6adaee0697687046b105164253083ee1ae349340e06f083
30bf85002564244a495aa374dd3b3e49744f3b85f948a41a0b6b98807df9a9c8
37f43a2446a888561c181a97d0a7d95952ca67e4852ce7c1299ab103430f1dc1
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
535b2abfe5021a4ebd5577db4ff0bcc358dd30d4943df49d02a26feb8c1a4ea4
5721f53c689982d42752413c694af6d5099bd212826edff13410dbefae7aac8f
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e0821588462d15b0ff8e911760fc041332c162e2e30ab4b1071bcc8eb6c8223
600230e783fa38f88891426af12ddac8e12e9c4cff3222b60310d8d2814b341b
611e6b27fb6e4e7af5e3d978b5a063706d9ba144126aacea2fac24187e273369
661d4b208656c006e7aab58acf7784857963123675de2302279fbe6c05313547
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
6c58c4804370b9c347d517491c450416ca371fb1403aceaa1d6f751403b07c48
74511bfa45ec3a55c3154e1af7e1307c713ccf58542611064d46f7ce48726d83
7631c94f66c4f650c162d68383a1efb74ec21b3b4e048fb6dce5befd42b0d060
7fddc079936285bc635ed6c8e084e8ebf0d8236aa413fb47cc8d68cc49a45efa
814a083900a57d4247f0698dc4c4ebc204e44e3e24d481506fda5e82e0d05bab
825c9b13f99ffe930590adeacc1ca4279808a1100540edd31121201161f15c44
841ba35b8e3fc88fe1e5a6317b8af80664f8759a4130a82276ecebe8b37cb901
8e969a72cbb95b7b32ca714034fe49a8235f70ad64bac26c93c1b80cea91f36d
9762b4ff0f88634dedcad02456901ccdf840df92baa0323804d385a47bc8d064
9cdf2602ac04f7e2bed582d4299c73d464fc4ab069e3ad5a20ee2b6635a015b8
9ff42611cba8673fc8528d4f051c9f162ffa691af3ca410315b5a147e49bd5f9
a0231f83cfbe00fdd17f97011165ad76ea260d71e9e4150580fc2b66ef18c4c1
a34012b4bed31cc77d115d204bdc625c5d2d5a0c25f1078445945e74bc329e75
a4596cf23feec69a9707a8d20a7a1df7090c2ab283b4452b5b9f90bce6b481b8
ac71a04fd3b24d1405b0cbdef8e8d0347ed3c8fa0faf13dea94ed3900ccd652c
adc07999a53fc29fac6aea101ccc3d83e3a70d0fb8777541b0183e152d6b548b
ae45024f0a150036f3bd74bec78521d9a97e8ff85dd024b33b6c3bb3145f6597
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b02d00f123297597d6e4b02dfbee910cfe211687b2d454309d5dd9b1b39fd0e4
b26956f5e7f7a8c5d67f19e6b8f209f40323e5619b347f88011c834a13e2f8ca
be9ec99e968851f08f31353658ae3c9fe5b1a6f509bef902dcf3dd5a0233857e
c1ca6cbe074a7b249ccc393451b733b20bb191059f1f30fc3ba7b97f2715a85b
cf13e6368e1fa3b6f717d24367c61a68cef4a1888f6455ef92503f2d332cdf07
d2eebc7a4dbe8a186c5a4a5bc35661f9955b38148da96d008cedf216c5d40aa6
d3e9a900f61c6811de529e4227226b898ce88b65a66347d0088a2da3af5e60b5
d5cbdd5869cc731398439e9ade789ce8775028d5ba389eb2d2b6525be3783933
d754769862e7342f32678df9379ec608124e3061553c71e04d8ca9d47aaf3f1a
d7891eaa380c192fb4cfaac26b1a93e908100c6242d9cc85be17319e34597bcb
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
e0e2bc4e1d3ee5024c4e1aa58a6cad9aa42fc63a8c89ce18013a1c8f2b94875c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f62d12dd49a52d84cb188d9f95797bec90806fb273e1f91e0b9fb855e64bf717
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fcee44fb5bf22ae67167c33528d342422074b0fbbc2f382bfe654ea4b96a2b9a
fe1d55fd7fd1a52ef969c0fb5a6bff62034f4a1dce413797bd6b9cd86a9c2735