urlscan.io logo urlscan.io
SecurityTrails logo

shepastaway.org Open in urlscan Pro
192.0.78.171  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://shepastaway.org/
Effective URL: https://shepastaway.org/
Submission: On February 10 via api from SG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 2 countries across 16 domains to perform 64 HTTP transactions. The main IP is 192.0.78.171, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is shepastaway.org.
TLS certificate: Issued by R3 on December 13th 2021. Valid for: 3 months.
This is the only time shepastaway.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

13    192.0.78.171 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
shepastaway.org
2    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
s0.wp.com
3    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
8    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2600:1f18:243f:2d01:9623:b882:49cb:3964 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
analytics.sitewit.com
3    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2.17.177.117 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-177-117.deploy.static.akamaitechnologies.com
chimpstatic.com
6    151.101.1.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
1    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com
i0.wp.com
1    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    151.101.66.133 (United States)

ASN54113 (FASTLY, US)
www.paypalobjects.com
2    151.101.129.35 (United States)

ASN54113 (FASTLY, US)
t.paypal.com
1    54.209.11.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-11-1.compute-1.amazonaws.com
connect.sitewit.com
3    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
13 shepastaway.org
shepastaway.org
367 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 92
tpc.googlesyndication.com — Cisco Umbrella Rank: 120
191 KB
8 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2530
t.paypal.com — Cisco Umbrella Rank: 3430
108 KB
8 gstatic.com
fonts.gstatic.com
113 KB
5 wp.com
s0.wp.com — Cisco Umbrella Rank: 5774
stats.wp.com — Cisco Umbrella Rank: 2460
pixel.wp.com — Cisco Umbrella Rank: 2394
i0.wp.com — Cisco Umbrella Rank: 2614
82 KB
3 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 1536
33 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126
134 KB
3 sitewit.com
analytics.sitewit.com — Cisco Umbrella Rank: 45152
connect.sitewit.com — Cisco Umbrella Rank: 54167
21 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
386 B
2 google.com
adservice.google.com — Cisco Umbrella Rank: 59
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 236
17 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 37
5 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
2 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 9027
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 741
648 B
1 chimpstatic.com
chimpstatic.com — Cisco Umbrella Rank: 4367
1 KB
64 16
Domain Requested by
13 shepastaway.org 1 redirects shepastaway.org
8 fonts.gstatic.com fonts.googleapis.com
6 www.paypal.com www.paypal.com
www.paypalobjects.com
6 pagead2.googlesyndication.com shepastaway.org
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
3 connect.facebook.net shepastaway.org
connect.facebook.net
2 t.paypal.com shepastaway.org
2 www.facebook.com shepastaway.org
2 pixel.wp.com shepastaway.org
2 ssl.google-analytics.com shepastaway.org
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 analytics.sitewit.com shepastaway.org
2 fonts.googleapis.com shepastaway.org
1 www.google.com tpc.googlesyndication.com
1 connect.sitewit.com analytics.sitewit.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 i0.wp.com shepastaway.org
1 chimpstatic.com shepastaway.org
1 stats.wp.com shepastaway.org
1 s0.wp.com shepastaway.org
64 23
Subject Issuer Validity Valid
tls.automattic.com
R3		 2021-12-13 -
2022-03-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
*.gstatic.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
analytics.sitewit.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-09-30 -
2022-10-31		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-19 -
2022-02-17		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
wildcardsan.us15.list-manage.com
DigiCert SHA2 Secure Server CA		 2021-11-19 -
2022-11-19		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2021-11-02 -
2022-03-15		 4 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2021-09-21 -
2022-10-22		 a year crt.sh
*.sitewit.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-12 -
2022-08-12		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://shepastaway.org/
Frame ID: FBDCEAC360A537C671F72DE7C2E97992
Requests: 53 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220208/r20190131/zrt_lookup.html
Frame ID: 8053A82B17D8B4C9606A00B4C3C0AEFF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1918114966255733&output=html&adk=1812271804&adf=3025194257&lmt=1644501717&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fshepastaway.org%2F&ea=0&flash=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644501718076&bpp=23&bdt=416&idt=173&shv=r20220208&mjsv=m202202020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1936188062073&frm=20&pv=2&ga_vid=1406375181.1644501718&ga_sid=1644501718&ga_hid=746132207&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C21066434&oid=2&pvsid=3154760148017271&pem=523&tmod=2099398223&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=187
Frame ID: 139F620B5AFDED88BC299BFE2FE51A4B
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 04B770DCBCB6A5D5DDF2910DD5196AD4
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 583EF3444ECC5B6DA288C9ADDC090A2D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E10D080A02BD8BDAD573277C6E9A75D5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

She Past Away Official Website

Page URL History Show full URLs

  1. http://shepastaway.org/ HTTP 301
    https://shepastaway.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]+s\d+\.wp\.com
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • chimpstatic\.com/mcjs-connected
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

64
Requests

100 %
HTTPS

55 %
IPv6

16
Domains

23
Subdomains

23
IPs

2
Countries

1077 kB
Transfer

3317 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://shepastaway.org/ HTTP 301
    https://shepastaway.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

64 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
shepastaway.org/
Redirect Chain
  • http://shepastaway.org/
  • https://shepastaway.org/
143 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shepastaway.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.171 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
feb9edda1d5726341c6fa8d419fe9f1a99518d4a62f6a250f9fa38a235bd25cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 10 Feb 2022 14:01:57 GMT
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=31536000
vary
Accept-Encoding Cookie
x-hacker
If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
host-header
WordPress.com
link
<https://shepastaway.org/wp-json/>; rel="https://api.w.org/" <https://wp.me/9np3v>; rel=shortlink
last-modified
Thu, 10 Feb 2022 14:01:57 GMT
cache-control
max-age=300, must-revalidate
x-nananana
Batcache-Set
content-encoding
br
x-ac
2.hhn _atomic_ams

Redirect headers

Server
nginx
Date
Thu, 10 Feb 2022 14:01:57 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Location
https://shepastaway.org/
X-ac
2.hhn _atomic_ams
/
shepastaway.org/_static/ 		987 KB
133 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shepastaway.org/_static/??-eJydVNtS4zAM/SGMh4Fh+8Lstzi2moraVsaSCfn7dW6QpqRb8hbJOkeXI6VtlKUoEEU3PtcYWb+DNMaedSCXPbDGeMSIAoptIu9nu3u0zA/tNb7Oxawg1brK6J2uPNmz8lglkzrN0nnYB5UThE2oNx1lUXVCd5kDo/XZlT7eWQdwaMAXmoJcGk2BQ1IeamO7x4Dxv+jytrSXmHVpLZGlECBZ0P1kTQ0XTjW0yVPPrZ1s9QHRUWJ1c2R7yW+SWppQDlnGcarZt8YMqnAJogTHVJzaMIMUEi5ZDcO3qupnhpDVVzdNqZtPemxdmywUjAhaLfAp48RVi64GGTsY00yePmarpfVWW5MoM3jNLTZF+ipHtz2QTfT0oGbHvQSCHpyqjffQb/a2dS+hx/Ogwg+qXit0Z9haSCyhv9N/rnL1D9nFMYp8lX9rIFO4ZrJovBpqvzB+VcTyzBbfW8V8k6gjkfT7ZdKS7+b5LdAnCtCUmx5ijC1bD1aQ4h6uJqHFWCsxVT+gHQwJPhDa+6GzJgsZ+9C/4e3p9eX58HT483z4B4BOhKY=
Requested by
Host: shepastaway.org
URL: https://shepastaway.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.171 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c2edf0f1a2002c918be080bd81683b3103c1e1b97076f5b0bc1492203b545bf2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-hacker
If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 02 Feb 2022 16:18:58 GMT
server
nginx
x-page-optimize
uncached
etag
W/"0e4955daf4973f1fd7cc75092f586a5c"
vary
Accept-Encoding
content-type
text/css;charset=utf-8
cache-control
max-age=31536000
date
Thu, 10 Feb 2022 14:01:57 GMT
x-ac
2.hhn _atomic_ams
host-header
WordPress.com
webfont.js
shepastaway.org/wp-content/mu-plugins/wpcomsh/vendor/automattic/custom-fonts/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shepastaway.org/wp-content/mu-plugins/wpcomsh/vendor/automattic/custom-fonts/js/webfont.js
Requested by
Host: shepastaway.org
URL: https://shepastaway.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.171 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
2711b037e078e306e59765e9fc22d9f86867eb26af8c6af72d864a1c52bed8ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 08 Dec 2020 21:49:26 GMT
server
nginx
etag
W/"5fcff4e6-30cd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
date
Thu, 10 Feb 2022 14:01:57 GMT
x-ac
2.hhn _atomic_ams
expires
Thu, 17 Feb 2022 14:01:57 GMT
wp-emoji-release.min.js
shepastaway.org/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shepastaway.org/wp-includes/js/wp-emoji-release.min.js?ver=5.9
Requested by
Host: shepastaway.org
URL: https://shepastaway.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.171 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 08 Jun 2021 22:15:12 GMT
server
nginx
etag
W/"60bfebf0-4705"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
date
Thu, 10 Feb 2022 14:01:58 GMT
x-ac
2.hhn _atomic_ams
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C300%2C300italic%2C400italic%2C600%2C700%2C900&subset=latin%2Clatin-ext&ver=3.9.1
Requested by
Host: shepastaway.org
URL: https://shepastaway.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b5ef5f5c3d9e648dee1e1c1b863a6476bf9e12fc539c6fcf984908bdb8406707
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://shepastaway.org/
Origin
https://shepastaway.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 10 Feb 2022 13:52:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 10 Feb 2022 14:01:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 10 Feb 2022 14:01:57 GMT
masterbar.css
shepastaway.org/wp-content/mu-plugins/wpcomsh/vendor/automattic/wc-calypso-bridge/store-on-wpcom/assets/css/ 		728 B
540 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shepastaway.org/wp-content/mu-plugins/wpcomsh/vendor/automattic/wc-calypso-bridge/store-on-wpcom/assets/css/masterbar.css?ver=1.8.6
Requested by
Host: shepastaway.org
URL: https://shepastaway.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.171 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c5964852604fae6fb0997a80858f9f2ee0cb6159896741625306a3a9654d9f78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 01 Feb 2022 01:15:44 GMT
server
nginx
etag
W/"61f889c0-2d8"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
date
Thu, 10 Feb 2022 14:01:57 GMT
x-ac
2.hhn _atomic_ams
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
shepastaway.org/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shepastaway.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: shepastaway.org
URL: https://shepastaway.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.171 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
server
nginx
etag
W/"6048e0ac-15db1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
date
Thu, 10 Feb 2022 14:01:57 GMT
x-ac
2.hhn _atomic_ams
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
shepastaway.org/_static/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shepastaway.org/_static/??wp-includes/js/jquery/jquery-migrate.min.js,wp-content/plugins/jetpack/_inc/build/tiled-gallery/tiled-gallery/tiled-gallery.min.js?m=1638896208
Requested by
Host: shepastaway.org
URL: https://shepastaway.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.171 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
89c5314e12d29bf3bc413ae55b71d08b57919695674b14aed3c4ef8670ed2b2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-hacker
If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 07 Dec 2021 16:56:48 GMT
server
nginx
x-page-optimize
uncached
etag
W/"b8765a7782472af02a67683cabbb586f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
date
Thu, 10 Feb 2022 14:01:57 GMT
x-ac
2.hhn _atomic_ams
host-header
WordPress.com
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		152 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1918114966255733
Requested by
Host: shepastaway.org
URL: https://shepastaway.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
80d2ee6a1968dfbef338c168666504b392ab0d6ab07a3a9155cdb78cdf59ecb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shepastaway.org/
Origin
https://shepastaway.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 14:01:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53584
x-xss-protection
0
server
cafe
etag
15173585621902811686
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 14:01:57 GMT
bilmur.min.js
s0.wp.com/wp-content/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/wp-content/js/bilmur.min.js?m=202206
Requested by
Host: shepastaway.org
URL: https://shepastaway.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
a31787ee881a66e120b58304cb018cf42efa96f1e3b9fbd2255af685f2c2db57

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Thu, 10 Feb 2022 14:01:58 GMT
content-encoding
br
server
nginx
etag
W/"61bc7883-14c4"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-ac
2.hhn _dca
timing-allow-origin
*
expires
Tue, 07 Feb 2023 00:00:01 GMT
/
shepastaway.org/_static/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shepastaway.org/_static/??-eJydj01Ow0AMhS/ExPxIVbpArDkAazTxTFtPZux07Cj09pSQChZQtV35Pdvvkz0NDoUtssGQxy2xQoo2eOzhnRihGykHIN4Qk0WnWCXnkz80hbhJejddRBl2YsJLORNF6bJgrxBIDdJPw3mm4o3k+mSm7c46+fgnOImglBIrRvCq0fQrnfZjrAc3I0ZabDPbt9czD/xN29R5LYAPwZk49NWuhiQ9LkpP8aiab3X7Ib/GC+SlPD+sntp2vXq8bz8BgzbNtA==
Requested by
Host: shepastaway.org
URL: https://shepastaway.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.171 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
797e54b21a5de4e1ccb9cc64d9b23a7352898f5d649d3365239062f0c961821c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-hacker
If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 07 Dec 2021 16:56:48 GMT
server
nginx
x-page-optimize
uncached
etag
W/"62cb370e6660b788ac8ddba145881c5c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
date
Thu, 10 Feb 2022 14:01:57 GMT
x-ac
2.hhn _atomic_ams
host-header
WordPress.com
cart-fragments.min.js
shepastaway.org/wp-content/plugins/woocommerce/assets/js/frontend/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shepastaway.org/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.2.0
Requested by
Host: shepastaway.org
URL: https://shepastaway.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.171 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 23 Nov 2021 22:30:14 GMT
server
nginx
etag
W/"619d6b76-b7a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
date
Thu, 10 Feb 2022 14:01:57 GMT
x-ac
2.hhn _atomic_ams
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
shepastaway.org/_static/ 		215 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shepastaway.org/_static/??-eJytUltOAzEMvBBpeIhK/UAcpXK9bjdtEke2s0s5PVlo1UVQoUp8WRpPxp5xxuKQs1E2X2Ldhax+ZEZOiQTJFTgWiFNJjaI+cVcjqS8Fi9tUM87egyq13l79F7LY6934UzdBiNiHVNyWxc2m+FI3MeAkcOF82+Kzv0jhmvSerAAe/DpkbEuE2HkE4aoUzz13Bn6RsZ5SM6XGQltp4MxShiHswEKzdX3+fNlGphGO5+jorQipOuwJD1zn0iNeyIXQsXQkTmgINP5h9FTXA+WOxUM1TmA2hXiyG+H96EKCXTPWBTUfmpIo4WTF8UZJBpL/HzMDbkh5/ht6gimHdi+78VZb5ubx9Og1vTwsn1bP96vV8vEDsrId9Q==
Requested by
Host: shepastaway.org
URL: https://shepastaway.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.171 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d01579369eb4c9cb6ecad8d3e7c22941fa43689e6811c5aca5fe20728b8c806c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-hacker
If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 14 Dec 2021 19:26:02 GMT
server
nginx
x-page-optimize
uncached
etag
W/"6391c1b62b13bfbddeed460d496ca51b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
date
Thu, 10 Feb 2022 14:01:57 GMT
x-ac
2.hhn _atomic_ams
host-header
WordPress.com
e-202206.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202206.js
Requested by
Host: shepastaway.org
URL: https://shepastaway.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc
HIT hhn
date
Thu, 10 Feb 2022 14:01:58 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 22 Jan 2023 20:00:49 GMT
css
fonts.googleapis.com/ 		3 KB
631 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Domine:r,i,b,bi%7CEB+Garamond:r&subset=latin,latin-ext,latin,latin-ext
Requested by
Host: shepastaway.org
URL: https://shepastaway.org/wp-content/mu-plugins/wpcomsh/vendor/automattic/custom-fonts/js/webfont.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0965456bb11b95d06a2a814e84dcb45ac286dd12d1410da952c060cf3226f62d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 10 Feb 2022 14:01:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 10 Feb 2022 14:01:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 10 Feb 2022 14:01:57 GMT
L0x8DFMnlVwD4h3hu_qn.woff2
fonts.gstatic.com/s/domine/v17/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/domine/v17/L0x8DFMnlVwD4h3hu_qn.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Domine:r,i,b,bi%7CEB+Garamond:r&subset=latin,latin-ext,latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edbfbc1fb14bc704831f952888b7e51e96e69e9075d7768f2a0d8b24fc0b0b9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://shepastaway.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 07:01:47 GMT
x-content-type-options
nosniff
age
111610
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27760
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:40:07 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 07:01:47 GMT
SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-6_RkBI9_.woff2
fonts.gstatic.com/s/ebgaramond/v24/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ebgaramond/v24/SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-6_RkBI9_.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Domine:r,i,b,bi%7CEB+Garamond:r&subset=latin,latin-ext,latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0e2e4f3925ac951585a8e9a50a38861646106b56c059d111b80da01eb5976d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://shepastaway.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 05:38:07 GMT
x-content-type-options
nosniff
age
30230
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20472
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:28:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 10 Feb 2023 05:38:07 GMT
sw.js
analytics.sitewit.com/v3/67591910/ 		19 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.sitewit.com/v3/67591910/sw.js
Requested by
Host: shepastaway.org
URL: https://shepastaway.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:243f:2d01:9623:b882:49cb:3964 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4d46a3afa9a03f7ac48ee48b8dfbb7086db35c5d4ad9ebfcebe5e12c0a06593b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 14:01:58 GMT
cache-control
private,no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
text/javascript; charset=utf-8
content-length
19532
p3p
CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: shepastaway.org
URL: https://shepastaway.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26236
x-xss-protection
0
pragma
public
x-fb-debug
wZvOQ9p9X5HBTvZYjOms+XDK8zkdRs2wZetaj+0dfncf0UkBTgE0MPw/GRLlP5FFpo3NAt7I6BMChUa5LVVgeg==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Thu, 10 Feb 2022 14:01:58 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202020101/ 		286 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1918114966255733&plah=shepastaway.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1918114966255733
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c6571248761a3e4984d37e72227bb4e11a1e407fa30438b25863eed231b456f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 14:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
105562
x-xss-protection
0
server
cafe
etag
10449989649523951561
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 14:01:58 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220208/r20190131/ Frame 8053 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220208/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1918114966255733
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4612
x-xss-protection
0
date
Wed, 09 Feb 2022 21:54:54 GMT
expires
Wed, 23 Feb 2022 21:54:54 GMT
cache-control
public, max-age=1209600
age
58024
etag
18247940800414524076
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: shepastaway.org
URL: https://shepastaway.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3569
date
Thu, 10 Feb 2022 13:02:29 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Thu, 10 Feb 2022 15:02:29 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C300%2C300italic%2C400italic%2C600%2C700%2C900&subset=latin%2Clatin-ext&ver=3.9.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://shepastaway.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 14:56:27 GMT
x-content-type-options
nosniff
age
83131
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13080
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:10:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 14:56:27 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C300%2C300italic%2C400italic%2C600%2C700%2C900&subset=latin%2Clatin-ext&ver=3.9.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7209c26bc245ae1b293f4b9622201b1dc97282229a2e8fcae555f36caa8650e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://shepastaway.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 14:06:47 GMT
x-content-type-options
nosniff
age
172511
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13008
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:10:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 08 Feb 2023 14:06:47 GMT
fa-solid-900.woff2
shepastaway.org/wp-content/themes/storefront/assets/fonts/ 		78 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://shepastaway.org/wp-content/themes/storefront/assets/fonts/fa-solid-900.woff2
Requested by
Host: shepastaway.org
URL: https://shepastaway.org/_static/??-eJydVNtS4zAM/SGMh4Fh+8Lstzi2moraVsaSCfn7dW6QpqRb8hbJOkeXI6VtlKUoEEU3PtcYWb+DNMaedSCXPbDGeMSIAoptIu9nu3u0zA/tNb7Oxawg1brK6J2uPNmz8lglkzrN0nnYB5UThE2oNx1lUXVCd5kDo/XZlT7eWQdwaMAXmoJcGk2BQ1IeamO7x4Dxv+jytrSXmHVpLZGlECBZ0P1kTQ0XTjW0yVPPrZ1s9QHRUWJ1c2R7yW+SWppQDlnGcarZt8YMqnAJogTHVJzaMIMUEi5ZDcO3qupnhpDVVzdNqZtPemxdmywUjAhaLfAp48RVi64GGTsY00yePmarpfVWW5MoM3jNLTZF+ipHtz2QTfT0oGbHvQSCHpyqjffQb/a2dS+hx/Ogwg+qXit0Z9haSCyhv9N/rnL1D9nFMYp8lX9rIFO4ZrJovBpqvzB+VcTyzBbfW8V8k6gjkfT7ZdKS7+b5LdAnCtCUmx5ijC1bD1aQ4h6uJqHFWCsxVT+gHQwJPhDa+6GzJgsZ+9C/4e3p9eX58HT483z4B4BOhKY=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.171 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://shepastaway.org/_static/??-eJydVNtS4zAM/SGMh4Fh+8Lstzi2moraVsaSCfn7dW6QpqRb8hbJOkeXI6VtlKUoEEU3PtcYWb+DNMaedSCXPbDGeMSIAoptIu9nu3u0zA/tNb7Oxawg1brK6J2uPNmz8lglkzrN0nnYB5UThE2oNx1lUXVCd5kDo/XZlT7eWQdwaMAXmoJcGk2BQ1IeamO7x4Dxv+jytrSXmHVpLZGlECBZ0P1kTQ0XTjW0yVPPrZ1s9QHRUWJ1c2R7yW+SWppQDlnGcarZt8YMqnAJogTHVJzaMIMUEi5ZDcO3qupnhpDVVzdNqZtPemxdmywUjAhaLfAp48RVi64GGTsY00yePmarpfVWW5MoM3jNLTZF+ipHtz2QTfT0oGbHvQSCHpyqjffQb/a2dS+hx/Ogwg+qXit0Z9haSCyhv9N/rnL1D9nFMYp8lX9rIFO4ZrJovBpqvzB+VcTyzBbfW8V8k6gjkfT7ZdKS7+b5LdAnCtCUmx5ijC1bD1aQ4h6uJqHFWCsxVT+gHQwJPhDa+6GzJgsZ+9C/4e3p9eX58HT483z4B4BOhKY=
Origin
https://shepastaway.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 14:01:58 GMT
x-ac
2.hhn _atomic_ams
last-modified
Tue, 15 Dec 2020 22:33:38 GMT
server
nginx
etag
"5fd939c2-13654"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET, HEAD
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
79444
expires
Thu, 17 Feb 2022 14:01:58 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C300%2C300italic%2C400italic%2C600%2C700%2C900&subset=latin%2Clatin-ext&ver=3.9.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d14a3a656216743eb1e133b5af93d6eaa98c6260b411a01894323e62166f80f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://shepastaway.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 14:41:55 GMT
x-content-type-options
nosniff
age
84003
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12936
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:10:32 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 14:41:55 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C300%2C300italic%2C400italic%2C600%2C700%2C900&subset=latin%2Clatin-ext&ver=3.9.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://shepastaway.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 21:39:33 GMT
x-content-type-options
nosniff
age
231745
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13072
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:17:36 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 07 Feb 2023 21:39:33 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/gif
6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlBduz8A.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlBduz8A.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C300%2C300italic%2C400italic%2C600%2C700%2C900&subset=latin%2Clatin-ext&ver=3.9.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b4c0aaac9237f559675cfbb4e881f4a5ecd5d2ea3bb62904a45a3d7cbfd48d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://shepastaway.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 07:35:28 GMT
x-content-type-options
nosniff
age
195990
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6992
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:10:31 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 08 Feb 2023 07:35:28 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qO67lqDY.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qO67lqDY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C300%2C300italic%2C400italic%2C600%2C700%2C900&subset=latin%2Clatin-ext&ver=3.9.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99fbe63059288e616bf0889665f2bb74e43f9a03fe4ce8cd2724eeae502f3be2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://shepastaway.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 03:07:29 GMT
x-content-type-options
nosniff
age
125669
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7020
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:12:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 03:07:29 GMT
d22495a98bba93186b25e26d8.js
chimpstatic.com/mcjs-connected/js/users/312a7deeddf0cb0a5ca23b533/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chimpstatic.com/mcjs-connected/js/users/312a7deeddf0cb0a5ca23b533/d22495a98bba93186b25e26d8.js
Requested by
Host: shepastaway.org
URL: https://shepastaway.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.17.177.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-177-117.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
9e7eb0c036a4aa626811ae4868c6398a8253d4daaaf679da8f5cbb4b32aecbbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency
98, 101, 95
Date
Thu, 10 Feb 2022 14:01:58 GMT
Content-Encoding
gzip
x-amz-request-id
CAAGGQJ72NYG1GSD
X-EdgeConnect-MidMile-RTT
0, 0, 0
Connection
keep-alive
Content-Length
653
x-amz-id-2
djgQ1rZkWGMrhzXhkPIUrfVUX3GgRaMqrozpVQJ5R0nXvYF9JpMme69h6OZGJ5KQ+pv6E1MOLG4=
Last-Modified
Fri, 02 Oct 2020 12:55:36 GMT
Server
AmazonS3
ETag
"4b60d3ea13c42468679685c32a1680ac"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=1767
Accept-Ranges
bytes
Expires
Thu, 10 Feb 2022 14:31:25 GMT
g.gif
pixel.wp.com/ 		50 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A10.7-a.1&blog=138564885&post=0&tz=2&srv=shepastaway.org&host=shepastaway.org&ref=&fcp=1041&rand=0.8502057703448263
Requested by
Host: shepastaway.org
URL: https://shepastaway.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 10 Feb 2022 14:01:58 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
js
www.paypal.com/sdk/ 		318 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=ATW5IwJePXMzO2aU3R5M1F6kX2S2_L6G5Bx4QSVhy9bbAOL-KajsjqHQggx_f-y86mEl2EcqLLhcal60&currency=EUR&integration-date=2021-09-17&components=buttons&vault=false&commit=false&intent=capture&disable-funding=card&enable-funding=venmo,paylater
Requested by
Host:
URL: webpack-internal:///94
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8b940343cd9f6cd2f9d20062e3c5c5a4cd476f5a6701a63ea3cba18cc04534bc
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-OEJ37ZK0N8Gl+VjpSo/RIPS6ap2WFgasGGPxMASqTc5abawP' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-OEJ37ZK0N8Gl+VjpSo/RIPS6ap2WFgasGGPxMASqTc5abawP' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-OEJ37ZK0N8Gl+VjpSo/RIPS6ap2WFgasGGPxMASqTc5abawP' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-OEJ37ZK0N8Gl+VjpSo/RIPS6ap2WFgasGGPxMASqTc5abawP' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
age
4486
via
1.1 varnish
x-cache
HIT
p3p
true
paypal-debug-id
f956844ce0203
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
99012
x-xss-protection
1; mode=block
x-served-by
cache-hhn4054-HHN
x-timer
S1644501718.301143,VS0,VE2
x-frame-options
SAMEORIGIN
date
Thu, 10 Feb 2022 14:01:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=10800
etag
W/"182c4-DwwdkJNsLtObU6nFiKypkKqJo2U"
accept-ranges
bytes
x-cache-hits
1
/
shepastaway.org/ 		712 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shepastaway.org/?wc-ajax=get_refreshed_fragments
Requested by
Host: shepastaway.org
URL: https://shepastaway.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.171 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a5a158f829228bea657cbf364dccde690f3379634e78a26a0a2bed4e8f08362d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://shepastaway.org/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-hacker
If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
strict-transport-security
max-age=31536000
content-encoding
br
x-content-type-options
nosniff
server
nginx
date
Thu, 10 Feb 2022 14:01:58 GMT
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://shepastaway.org
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-ac
2.hhn _atomic_ams
host-header
WordPress.com
x-robots-tag
noindex
expires
Wed, 11 Jan 1984 05:00:00 GMT
SPA-NEW-POSTER-1.jpg
i0.wp.com/shepastaway.org/wp-content/uploads/2021/10/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/shepastaway.org/wp-content/uploads/2021/10/SPA-NEW-POSTER-1.jpg?resize=724%2C1024&ssl=1
Requested by
Host: shepastaway.org
URL: https://shepastaway.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
7b94a75bb4e15a93dfb983abfc8ebe417a2799f6bd32e79cbf1dc6bbbeafdf21
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Thu, 10 Feb 2022 14:01:58 GMT
x-content-type-options
nosniff
last-modified
Thu, 30 Dec 2021 16:49:39 GMT
server
nginx
etag
"a05391c947218b35"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://shepastaway.org/wp-content/uploads/2021/10/SPA-NEW-POSTER-1.jpg>; rel="canonical"
content-length
78412
expires
Sun, 31 Dec 2023 04:49:39 GMT
__utm.gif
ssl.google-analytics.com/r/ 		35 B
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1704243907&utmhn=shepastaway.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=She%20Past%20Away%20Official%20Website&utmhid=746132207&utmr=-&utmp=%2F&utmht=1644501718227&utmac=UA-171453016-1&utmcc=__utma%3D124838984.1406375181.1644501718.1644501718.1644501718.1%3B%2B__utmz%3D124838984.1644501718.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=676050107&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: shepastaway.org
URL: https://shepastaway.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 14:01:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.52
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
20661
x-xss-protection
0
pragma
public
x-fb-debug
QfH7Ai4+hF39ZVeQnhAbP8Mt1ZG2jxtGe+moiGghHkkbLOn7STpxHU6h5cWZt41pY7nsH24gOYdM8xSRfvKBVQ==
x-frame-options
DENY
date
Thu, 10 Feb 2022 14:01:58 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
311878493581685
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/311878493581685?v=2.9.52&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2d67a4d6a1d2316c367171ecd5c2675625168bbfc42a91026c5c9a4cd7dbbfe2
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
RkE3Giz3ic84j7zqPCqsJDRPKZXR1ghnbDT/Lm0tj0+Cki7QNeYeGJ+oSaWEMUoPN2raCQ3nxp4UcY61rnmEJA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 10 Feb 2022 14:01:58 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		219 B
648 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=shepastaway.org&callback=_gfp_s_&client=ca-pub-1918114966255733
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1918114966255733&plah=shepastaway.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
3d009e1daba8e1681f80d6b0158c307e7e76872d906699c2fef8c8edfec63092
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 14:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
204
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=shepastaway.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1918114966255733&plah=shepastaway.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Feb 2022 14:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=shepastaway.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1918114966255733&plah=shepastaway.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Feb 2022 14:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 139F 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1918114966255733&output=html&adk=1812271804&adf=3025194257&lmt=1644501717&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fshepastaway.org%2F&ea=0&flash=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644501718076&bpp=23&bdt=416&idt=173&shv=r20220208&mjsv=m202202020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1936188062073&frm=20&pv=2&ga_vid=1406375181.1644501718&ga_sid=1644501718&ga_hid=746132207&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C21066434&oid=2&pvsid=3154760148017271&pem=523&tmod=2099398223&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=187
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1918114966255733&plah=shepastaway.org
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 10 Feb 2022 14:01:58 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 10 Feb 2022 14:01:58 GMT
cache-control
private
pptm.js
www.paypal.com/tagmanager/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=shepastaway.org&t=xo&v=5.0.281&source=payments_sdk&client_id=ATW5IwJePXMzO2aU3R5M1F6kX2S2_L6G5Bx4QSVhy9bbAOL-KajsjqHQggx_f-y86mEl2EcqLLhcal60&comp=buttons&vault=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=ATW5IwJePXMzO2aU3R5M1F6kX2S2_L6G5Bx4QSVhy9bbAOL-KajsjqHQggx_f-y86mEl2EcqLLhcal60&currency=EUR&integration-date=2021-09-17&components=buttons&vault=false&commit=false&intent=capture&disable-funding=card&enable-funding=venmo,paylater
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3d8db8b53c69b247ab0a668bb4ab66b1f8cebc6234312c35e6da506287fbc27e
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-kiwW+y7YmkPls+ATaEjArsLsIrWMYj6FLueB3Q7qtv5ldLRM' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-kiwW+y7YmkPls+ATaEjArsLsIrWMYj6FLueB3Q7qtv5ldLRM' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
age
56974
x-cache
HIT
paypal-debug-id
f749540032004
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
4763
x-xss-protection
1; mode=block
x-served-by
cache-hhn4054-HHN
x-timer
S1644501718.362076,VS0,VE2
x-frame-options
SAMEORIGIN
date
Thu, 10 Feb 2022 14:01:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/x-javascript; charset=utf-8
via
1.1 varnish
cache-control
public, max-age=3600
etag
W/"3557-7IbDviIWiZf91/b4iV4muK8ny90"
accept-ranges
bytes
x-cache-hits
1
/
www.facebook.com/tr/ 		44 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=311878493581685&ev=PageView&dl=https%3A%2F%2Fshepastaway.org%2F&rl=&if=false&ts=1644501718363&cd[source]=woocommerce&cd[version]=6.2.0&cd[pluginVersion]=2.6.9&sw=1600&sh=1200&v=2.9.52&r=stable&a=woocommerce-6.2.0-2.6.9&ec=0&o=30&fbp=fb.1.1644501718362.1906839364&it=1644501718237&coo=false&exp=p0&rqm=GET
Requested by
Host: shepastaway.org
URL: https://shepastaway.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 14:01:58 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Thu, 10 Feb 2022 14:01:58 GMT
muse.js
www.paypalobjects.com/muse/ 		55 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/muse.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=shepastaway.org&t=xo&v=5.0.281&source=payments_sdk&client_id=ATW5IwJePXMzO2aU3R5M1F6kX2S2_L6G5Bx4QSVhy9bbAOL-KajsjqHQggx_f-y86mEl2EcqLLhcal60&comp=buttons&vault=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c99732bf8ac7c7d998b435629314511b94de740265771f270f45b08e5e85ab4f
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 14:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
paypal-debug-id
405e5a9542c06
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
16464
x-served-by
cache-sjc10036-SJC, cache-hhn4025-HHN
last-modified
Tue, 21 Dec 2021 17:39:14 GMT
x-timer
S1644501718.424704,VS0,VE0
etag
W/"61c21142-da7e"
strict-transport-security
max-age=31557600
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public,max-age=3600
accept-ranges
bytes
x-cache-hits
342317, 78
ts
t.paypal.com/ 		42 B
761 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AFMX92MCLR9Y26-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AFMX92MCLR9Y26-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=922d538d-8871-4ce8-8ff4-8c9e408c9f10&fltp=analytics&mrid=FMX92MCLR9Y26&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=She%20Past%20Away%20Official%20Website&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1644501718376&g=0&completeurl=https%3A%2F%2Fshepastaway.org%2F
Requested by
Host: shepastaway.org
URL: https://shepastaway.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 14:01:58 GMT
via
1.1 varnish
x-cache
MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
c5fb5fee19942
x-cache-hits
0
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
content-length
42
x-served-by
cache-hhn4022-HHN
pragma
no-cache
x-timer
S1644501718.421663,VS0,VE158
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Feb 2022 14:01:58 GMT
index.html
www.paypalobjects.com/muse/analytics/ Frame 04B7 		54 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/analytics/index.html
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ecf06dedf2cd2406947af6daf66bc6ab53224366f9a31da716d4416a0c58e020
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/

Response headers

content-encoding
gzip
content-type
text/html
etag
W/"61c21142-d9ea"
last-modified
Tue, 21 Dec 2021 17:39:14 GMT
paypal-debug-id
be807a3ecfd2b
dc
ccg11-origin-www-1.paypal.com
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
date
Thu, 10 Feb 2022 14:01:58 GMT
x-served-by
cache-sjc10042-SJC, cache-hhn4025-HHN
x-cache
HIT, HIT
x-cache-hits
511752, 110
x-timer
S1644501718.461086,VS0,VE0
vary
Accept-Encoding
cache-control
public,max-age=3600
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
content-length
16790
noop.js
www.paypalobjects.com/muse/ Frame 04B7 		18 B
201 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/noop.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.paypalobjects.com/muse/analytics/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 14:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
paypal-debug-id
ef9c765e4af1c
x-cache-hits
125722, 4
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
38
x-served-by
cache-sjc10047-SJC, cache-hhn4025-HHN
last-modified
Sat, 13 Feb 2021 00:26:56 GMT
x-timer
S1644501719.503726,VS0,VE0
etag
"60271cd0-12"
strict-transport-security
max-age=31557600
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public,max-age=3600
accept-ranges
bytes
x-client-location
DE
ts
t.paypal.com/ 		42 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AFMX92MCLR9Y26-1&page=muse%3Aoffer%3A%3A%3AFMX92MCLR9Y26-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=922d538d-8871-4ce8-8ff4-8c9e408c9f10&es=visitorInfoFlowStarted&mrid=FMX92MCLR9Y26&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=She%20Past%20Away%20Official%20Website&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1644501718494&g=0&completeurl=https%3A%2F%2Fshepastaway.org%2F
Requested by
Host: shepastaway.org
URL: https://shepastaway.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 14:01:58 GMT
via
1.1 varnish
x-cache
MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
c1ed2bb46b43e
x-cache-hits
0
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
content-length
42
x-served-by
cache-hhn4022-HHN
pragma
no-cache
x-timer
S1644501719.504296,VS0,VE147
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Feb 2022 14:01:58 GMT
sw_connect.js
connect.sitewit.com/js/67591910/ 		23 B
652 B 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.sitewit.com/js/67591910/sw_connect.js?&ns=sw
Requested by
Host: analytics.sitewit.com
URL: https://analytics.sitewit.com/v3/67591910/sw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.11.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-11-1.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
c71b243fedf9d5386f4b0d649991e7612c2f6405b13ffad130553f05b692f194

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 14:01:58 GMT
cache-control
private
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
text/javascript; charset=utf-8
content-length
23
p3p
CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"
cq_blank.gif
analytics.sitewit.com/images/ 		35 B
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.sitewit.com/images/cq_blank.gif?_sw_id=67591910&_sw_uid=4941e091-dd65-4d7f-ad89-df040a9c5cc4&_sw_fp=3bb033a0724d943671b0c0ea401de0d3406744cb&_sw_pl=306&_sw_pc=3&_sw_dat=MXxzaGVwYXN0YXdheS5vcmd8aHR0cHM6Ly9zaGVwYXN0YXdheS5vcmcvfGVuLVVTfDE2MDB8MTIwMHwyNHxDaHJvbWUvOTguMC40NzU4LjgwfHg2NHwxfDB8MXwwfC18fC18LXwtfDIwMDE6MWI2MDoxMDEwOjI6MTAxMjpjNDA2OjllNjQ6OTIwM3ww&to=513
Requested by
Host: shepastaway.org
URL: https://shepastaway.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:243f:2d01:9623:b882:49cb:3964 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 14:01:58 GMT
last-modified
Thu, 24 Jun 2010 20:21:15 GMT
server
Microsoft-IIS/10.0
etag
"9f8deacbda13cb1:0"
p3p
CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
35
graphql
www.paypal.com/targeting/ Frame 04B7 		435 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7926eb6cbb180fa44593a1a0028b836e72e39d8697ffab9903c052b245464ee1
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-QtpmPqdPvlN21W5SQCxCrQYLkm+QC6Xd5pQJwDJaNfXvRuHb' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypalobjects.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-QtpmPqdPvlN21W5SQCxCrQYLkm+QC6Xd5pQJwDJaNfXvRuHb' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via
1.1 varnish
vary
Accept-Encoding
x-cache
MISS
paypal-debug-id
f7266738b2b09
date
Thu, 10 Feb 2022 14:01:59 GMT
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-hhn4054-HHN
x-timer
S1644501719.746316,VS0,VE269
x-frame-options
SAMEORIGIN
etag
W/"1b3-85CMpeLxAYnScepg2A4H9e8MzBk"
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypalobjects.com
content-encoding
br
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0
graphql
www.paypal.com/targeting/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.paypalobjects.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id
f7266735b0f2a
dc
ccg11-origin-www-1.paypal.com
accept-ranges
bytes
date
Thu, 10 Feb 2022 14:01:58 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-served-by
cache-hhn4029-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1644501719.562320,VS0,VE168
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220208&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1918114966255733&plah=shepastaway.org
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a935e3ff39758cedcba880afd0917e365bdfb4f79da02ab80ed757e047e6fda7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Feb 2022 14:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9685
x-xss-protection
0
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=311878493581685&ev=Microdata&dl=https%3A%2F%2Fshepastaway.org%2F&rl=&if=false&ts=1644501718866&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22She%20Past%20Away%20Official%20Website%22%2C%22meta%3Adescription%22%3A%22She%20Past%20Away%20is%20dark-wave%20with%20a%20reworked%2080%27s%20sound.%20Signature%20guitar%20sound%20of%20the%20post-punk%20era%2C%20combined%20with%20minimalist%20poetry%20in%20Turkish.%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22She%20Past%20Away%20Official%20Website%22%2C%22og%3Adescription%22%3A%22She%20Past%20Away%20is%20dark-wave%20with%20a%20reworked%2080%27s%20sound.%20Signature%20guitar%20sound%20of%20the%20post-punk%20era%2C%20combined%20with%20minimalist%20poetry%20in%20Turkish.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fshepastaway.org%2F%22%2C%22og%3Asite_name%22%3A%22She%20Past%20Away%20Official%20Website%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fi0.wp.com%2Fshepastaway.org%2Fwp-content%2Fuploads%2F2020%2F03%2Fcropped-logo.jpg%3Ffit%3D512%252C512%26ssl%3D1%22%2C%22og%3Aimage%3Awidth%22%3A%22512%22%2C%22og%3Aimage%3Aheight%22%3A%22512%22%2C%22og%3Aimage%3Aalt%22%3A%22%22%2C%22og%3Alocale%22%3A%22en_US%22%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A0%2C%22w%22%3A0%7D%2C%22properties%22%3A%7B%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22https%3A%2F%2Fschema.org%2FImageGallery%22%7D%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%2F%22%2C%22%40type%22%3A%22BreadcrumbList%22%2C%22itemListElement%22%3A%5B%7B%22%40type%22%3A%22ListItem%22%2C%22position%22%3A1%2C%22item%22%3A%7B%22name%22%3A%22Home%22%2C%22%40id%22%3A%22https%3A%2F%2Fshepastaway.org%22%7D%7D%5D%7D%5D&sw=1600&sh=1200&v=2.9.52&r=stable&a=woocommerce-6.2.0-2.6.9&ec=1&o=30&fbp=fb.1.1644501718362.1906839364&it=1644501718237&coo=false&es=automatic&tm=3&exp=p0&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 14:01:58 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Thu, 10 Feb 2022 14:01:58 GMT
logger
www.paypal.com/xoplatform/logger/api/ 		829 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=ATW5IwJePXMzO2aU3R5M1F6kX2S2_L6G5Bx4QSVhy9bbAOL-KajsjqHQggx_f-y86mEl2EcqLLhcal60&currency=EUR&integration-date=2021-09-17&components=buttons&vault=false&commit=false&intent=capture&disable-funding=card&enable-funding=venmo,paylater
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
50a16b2e61922c2f384a0930b2086f02c0663820e57e18fb1151412c3e6bd4b0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://shepastaway.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type
application/json

Response headers

date
Thu, 10 Feb 2022 14:01:59 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-cache
MISS
paypal-debug-id
f726673676c93
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-hhn4029-HHN
x-timer
S1644501719.063255,VS0,VE158
etag
W/"33d-0wnsIii0mHYOBhOGfBCTqSJYQU4"
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json; charset=utf-8
access-control-allow-origin
https://shepastaway.org
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://shepastaway.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://shepastaway.org
cache-control
max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id
f7266737882c3
x-content-type-options
nosniff
dc
ccg11-origin-www-1.paypal.com
accept-ranges
none
date
Thu, 10 Feb 2022 14:01:59 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-served-by
cache-hhn4029-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1644501719.897193,VS0,VE148
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
content-encoding
br
vary
accept-encoding
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1918114966255733&plah=shepastaway.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 14:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Feb 2022 14:01:58 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 583E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 10 Feb 2022 13:02:59 GMT
expires
Fri, 10 Feb 2023 13:02:59 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
3540
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame E10D 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2587427a34ad488a299ebfc8bc6ec31b30ed1b92a3d20f6c6996183627b74224
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kFbT9DL7HGP3eDev3Ph6ww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Thu, 10 Feb 2022 14:01:59 GMT
date
Thu, 10 Feb 2022 14:01:59 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-kFbT9DL7HGP3eDev3Ph6ww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gzxFwBIDWVjrNRUrZhLg_NzoVxp69M9kEQUe35bI4iA.js
pagead2.googlesyndication.com/bg/ Frame 583E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gzxFwBIDWVjrNRUrZhLg_NzoVxp69M9kEQUe35bI4iA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
833c45c012035958eb35152b6612e0fcdce8571a7af4cf6411051edf96c8e220
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 07:08:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
24829
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13673
x-xss-protection
0
last-modified
Mon, 07 Feb 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Feb 2023 07:08:10 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E10D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220208&jk=3154760148017271&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 583E 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Tb_XzA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 14:01:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220208&jk=3154760148017271&bg=!Li2lLWnNAAbS3PJy0tw7ACkAdvg8WhJST2J7Z8-jRNenX1dsVbEYyz1m5hz6AkwejDYpJSzGd53FpwIAAABYUgAAAAJoAQeZAoUncuAzRsxKHzinedGgzw_SmUBmyD5ZZj0aD5LCkQnCMQhBMXE3nqwKlaX2Wp3XXxu7uyuCqRcOjcNUjLF3fflenCjOV_tCXALaO9OrACbuhKpE4VGWECKc2qTP-TVXzc2ghfZUU87A4T7OEauevETPF2TMmegQDtbCuoF0DHTFWHvbQz-SGRnY2YV4USNz-kp2_AAGvLjVzyUOHtDOQZlM7pJi7WIl_Uum9tODhlDk-chqY9WnezfWZ5R2c7v5gZ6l2x2mRgikhLlrqinbSC3u99cOafkvk-gotELV5HorqTOqygDfEqB2PAh-d9CDnRyXUaik9VwLUsVn-J69QEqzcNAzGhlD0d1ERuezSxLB8T3wMqH3fdgTNOINVl0zZqiP5P6JhCnOgPpyWVb7ZgjBqsM4-DI5JZy9wrfvmE3ZDmRTK3V-YBHojcoo-qvX2enoKuCMGKsVkvQO44DrRoSxL4vsJG1NKBg8llJ1gIoT3NAdAB7cOKn_O3BoR8ad1TJAqNIIiKOytK3IgvNnxMrrV4wIXpq33WbwGVMbLdnzu5az-9n_L1wZApHqlKZycK1Kd2H4PkCS8Y1SNtPhsRWUhoxOnbUA-e38lDn1Nu4inWB3HwNjoCthHl2sNJ46jaHs0w4PxKt9YdGJrNBxRUgauoVB0BLHz3uTCVSGRtNiU_M4sfyWlQKLLzgncyEYapycSB5n75VQYHXYUlR85k2Zo2RLw19zgIQlGeW04m3po3O4is57e3wxXv6xe6OgCsm7quIqaN3PUeuqVpZg75eM5EVvdQZUqCU6ULKBBGJPzU3dTQeqr5uPNfYQKHBmMRFJM5VWmSacuxjd-Fvkt-chAd2tnfg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 14:01:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
boom.gif
pixel.wp.com/ 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/boom.gif?bilmur=1&cumulative_layout_shift=0.004&largest_contentful_paint=1209&batcache_hit=0&provider=wordpress.com&service=atomic&effective_connection_type=4g&host_name=shepastaway.org&url_path=%2F&nt_fetchStart=51&nt_domainLookupStart=52&nt_domainLookupEnd=52&nt_connectStart=52&nt_connectEnd=88&nt_secureConnectionStart=66&nt_requestStart=88&nt_responseStart=544&nt_responseEnd=597&nt_domLoading=547&nt_domInteractive=1078&nt_domContentLoadedEventStart=1080&nt_domContentLoadedEventEnd=1082&nt_domComplete=1722&nt_loadEventStart=1722&nt_loadEventEnd=1724&nt_redirectCount=0&nt_api_level=2&start_render=1041&first_contentful_paint=1041&resource_size=1982722&resource_transferred=534424&js_size=827443&js_transferred=273744&resource_cache_percent=0&js_cache_percent=0&last_resource_end=2150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shepastaway.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 10 Feb 2022 14:02:01 GMT
cache-control
no-cache
server
nginx

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| structuredClone object| WebFontConfig object| _wpemojiSettings object| WebFont undefined| $ function| jQuery object| _swaMa function| fbq function| _fbq object| googletag object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_persistent_state_async object| _gaq function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| infiniteScroll object| coblocksLigthboxData object| wc_add_to_cart_params object| woocommerce_params function| Cookies object| wc_cart_fragments_params object| PayPalCommerceGateway object| mailchimp_public_data object| jetpackSwiperLibraryPath object| jetpackCarouselStrings object| storefrontScreenReaderText object| jetpackLazyImagesL10n object| mailchimp object| mailchimp_cart object| mailchimp_billing_email object| mailchimp_username_email object| mailchimp_registration_email boolean| mailchimp_submitted_email function| mailchimpReady function| mailchimpGetCurrentUserByHash function| mailchimpHandleBillingEmail object| _stq function| st_go function| linktracker_init object| wpcom object| _gat object| gaGlobal object| twemoji object| wp function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| __post_robot_10_0_46___uid_kwaakeeuqumnhdnsiuqflxbeimypfi object| paypal object| __zoid_9_0_86___uid_kwaakeeuqumnhdnsiuqflxbeimypfi object| $mcSite object| paypalDDL string| PaypalOffersObject function| ppq object| __post_robot_10_0_44__ object| PAYPAL object| _sw_b6 function| gup function| _swInitPageRegister function| _sw_analytics function| _sw_cookie function| _sw_user_info function| _sw_hit_info function| _sw_item function| _sw_transaction function| _sw_crypto object| sw object| uapl string| enctype object| oa string| vers string| osv number| c2 number| c1 object| GoogleGcLKhOms object| google_image_requests

21 Cookies

Domain/Path Name / Value
.shepastaway.org/ Name: __utma
Value: 124838984.1406375181.1644501718.1644501718.1644501718.1
.shepastaway.org/ Name: __utmc
Value: 124838984
.shepastaway.org/ Name: __utmz
Value: 124838984.1644501718.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.shepastaway.org/ Name: __utmt
Value: 1
.shepastaway.org/ Name: __utmb
Value: 124838984.1.10.1644501718
.shepastaway.org/ Name: __gads
Value: ID=23b7234edade0bc2-229bb3f63acd0079:T=1644501718:RT=1644501718:S=ALNI_Mb_eggUP8IYiZiFThRUqB8Csx3YeA
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.shepastaway.org/ Name: _fbp
Value: fb.1.1644501718362.1906839364
.shepastaway.org/ Name: _swa_u
Value: 4941e091-dd65-4d7f-ad89-df040a9c5cc4
.paypalobjects.com/ Name: paypal-offers--country
Value: DE
analytics.sitewit.com/ Name: AWSALBCORS
Value: 5g0eAlkmzI2hZOdOzRLfLYlJNXIIo4KC1F+hxpwwrJ5y0PTk/q40d3w7NXa0lrGQ5Uj5W5klNw/3WNEjtmPQFYfWQb2cVf+kuMPJG71vFu44ViaERDIMUFALufxY
.paypal.com/ Name: ts_c
Value: vr%3De3f0d63717e0a89c90a4c7caffffffff%26vt%3De3f0d63717e0a89c90a4c7cafffffffe
connect.sitewit.com/ Name: AWSALBCORS
Value: 6QL0zEuDJYw9NbbQEBx23TKeS1GzIzS6IfDOHZzE3C+rC2mRenNkDz+z4+g0DjuzsKkSVw+37Kb4UDnJEUt/rzVbsJj+LiXEmEAk56yxzgMznq4h1CMQa8VHzTCS
.paypal.com/ Name: enforce_policy
Value: gdpr_v2.1
.paypal.com/ Name: LANG
Value: de_DE%3BDE
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTY0NDUwMTcxODkzMSIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/ Name: tsrce
Value: targetingnodeweb
www.paypal.com/ Name: nsid
Value: s%3Aq5_uAScFLhKS2qwPkgW-YOLKmRUk_uFV.NRXHYvU42PFVj1HDMQoigAwYLgmY1Q5WKjvagk1azEc
.paypal.com/ Name: l7_az
Value: dcg01.phx
.paypal.com/ Name: ts
Value: vreXpYrS%3D1739196118%26vteXpYrS%3D1644503518%26vr%3De3f0d63717e0a89c90a4c7caffffffff%26vt%3De3f0d63717e0a89c90a4c7cafffffffe%26vtyp%3D
.paypalobjects.com/ Name: paypal-offers--cust
Value: null:null:null

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
analytics.sitewit.com
chimpstatic.com
connect.facebook.net
connect.sitewit.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i0.wp.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.wp.com
s0.wp.com
shepastaway.org
ssl.google-analytics.com
stats.wp.com
t.paypal.com
tpc.googlesyndication.com
www.facebook.com
www.google.com
www.paypal.com
www.paypalobjects.com
142.250.184.226
151.101.1.21
151.101.129.35
151.101.66.133
192.0.76.3
192.0.77.2
192.0.77.32
192.0.78.171
2.17.177.117
2600:1f18:243f:2d01:9623:b882:49cb:3964
2a00:1450:4001:801::2004
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2002
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
54.209.11.1
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
0965456bb11b95d06a2a814e84dcb45ac286dd12d1410da952c060cf3226f62d
0d14a3a656216743eb1e133b5af93d6eaa98c6260b411a01894323e62166f80f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1b4c0aaac9237f559675cfbb4e881f4a5ecd5d2ea3bb62904a45a3d7cbfd48d5
2587427a34ad488a299ebfc8bc6ec31b30ed1b92a3d20f6c6996183627b74224
2711b037e078e306e59765e9fc22d9f86867eb26af8c6af72d864a1c52bed8ac
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1
2d67a4d6a1d2316c367171ecd5c2675625168bbfc42a91026c5c9a4cd7dbbfe2
3d009e1daba8e1681f80d6b0158c307e7e76872d906699c2fef8c8edfec63092
3d8db8b53c69b247ab0a668bb4ab66b1f8cebc6234312c35e6da506287fbc27e
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
4d46a3afa9a03f7ac48ee48b8dfbb7086db35c5d4ad9ebfcebe5e12c0a06593b
50a16b2e61922c2f384a0930b2086f02c0663820e57e18fb1151412c3e6bd4b0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7209c26bc245ae1b293f4b9622201b1dc97282229a2e8fcae555f36caa8650e8
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
7926eb6cbb180fa44593a1a0028b836e72e39d8697ffab9903c052b245464ee1
797e54b21a5de4e1ccb9cc64d9b23a7352898f5d649d3365239062f0c961821c
7b94a75bb4e15a93dfb983abfc8ebe417a2799f6bd32e79cbf1dc6bbbeafdf21
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
80d2ee6a1968dfbef338c168666504b392ab0d6ab07a3a9155cdb78cdf59ecb7
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833c45c012035958eb35152b6612e0fcdce8571a7af4cf6411051edf96c8e220
89c5314e12d29bf3bc413ae55b71d08b57919695674b14aed3c4ef8670ed2b2a
8b940343cd9f6cd2f9d20062e3c5c5a4cd476f5a6701a63ea3cba18cc04534bc
99fbe63059288e616bf0889665f2bb74e43f9a03fe4ce8cd2724eeae502f3be2
9c6571248761a3e4984d37e72227bb4e11a1e407fa30438b25863eed231b456f
9e7eb0c036a4aa626811ae4868c6398a8253d4daaaf679da8f5cbb4b32aecbbe
a31787ee881a66e120b58304cb018cf42efa96f1e3b9fbd2255af685f2c2db57
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a5a158f829228bea657cbf364dccde690f3379634e78a26a0a2bed4e8f08362d
a935e3ff39758cedcba880afd0917e365bdfb4f79da02ab80ed757e047e6fda7
b5ef5f5c3d9e648dee1e1c1b863a6476bf9e12fc539c6fcf984908bdb8406707
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c2edf0f1a2002c918be080bd81683b3103c1e1b97076f5b0bc1492203b545bf2
c5964852604fae6fb0997a80858f9f2ee0cb6159896741625306a3a9654d9f78
c71b243fedf9d5386f4b0d649991e7612c2f6405b13ffad130553f05b692f194
c99732bf8ac7c7d998b435629314511b94de740265771f270f45b08e5e85ab4f
d01579369eb4c9cb6ecad8d3e7c22941fa43689e6811c5aca5fe20728b8c806c
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e0e2e4f3925ac951585a8e9a50a38861646106b56c059d111b80da01eb5976d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecf06dedf2cd2406947af6daf66bc6ab53224366f9a31da716d4416a0c58e020
edbfbc1fb14bc704831f952888b7e51e96e69e9075d7768f2a0d8b24fc0b0b9d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
feb9edda1d5726341c6fa8d419fe9f1a99518d4a62f6a250f9fa38a235bd25cc