urlscan.io logo urlscan.io
SecurityTrails logo

mybooster.com Open in urlscan Pro
18.214.171.19  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mybooster.com/a/s/jIDnj-Nm/
Effective URL: https://mybooster.com/v3/dash/jIDnj-Nm?utm_source=eedayafter&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsor...
Submission: On February 16 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 4 countries across 19 domains to perform 68 HTTP transactions. The main IP is 18.214.171.19, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is mybooster.com. The Cisco Umbrella rank of the primary domain is 288545.
TLS certificate: Issued by Amazon on April 1st 2021. Valid for: a year.
This is the only time mybooster.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 9 18.214.171.19 14618 (AMAZON-AES)
1 151.101.2.2 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
2 52.217.133.73 16509 (AMAZON-02)
3 7 2600:9000:225... 16509 (AMAZON-02)
9 2a04:4e42:200... 54113 (FASTLY)
7 2a00:1450:400... 15169 (GOOGLE)
1 35.171.59.225 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.32.121.116 16509 (AMAZON-02)
1 18.66.97.53 16509 (AMAZON-02)
4 2a03:2880:f02... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
4 151.101.67.9 54113 (FASTLY)
2 52.72.213.233 14618 (AMAZON-AES)
1 52.222.236.43 16509 (AMAZON-02)
3 34.206.210.180 14618 (AMAZON-AES)
1 108.157.4.7 16509 (AMAZON-02)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
68 25
9    18.214.171.19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-171-19.compute-1.amazonaws.com
mybooster.com
1    151.101.2.2 (United States)

ASN54113 (FASTLY, US)
cdn.split.io
2    2a00:1450:400e:803::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    52.217.133.73 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
funrun-prod.s3.amazonaws.com
7    2600:9000:225e:3000:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
content.jwplatform.com
9    2a04:4e42:200::626 (United States)

ASN54113 (FASTLY, US)
assets-jpcust.jwpsrv.com
ssl.p.jwpcdn.com
prd.jwpltx.com
7    2a00:1450:400e:800::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    35.171.59.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-59-225.compute-1.amazonaws.com
events.split.io
2    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    13.32.121.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-116.fra60.r.cloudfront.net
cdn.heapanalytics.com
1    18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net
static.hotjar.com
4    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    151.101.67.9 (United States)

ASN54113 (FASTLY, US)
sdk.split.io
2    52.72.213.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-213-233.compute-1.amazonaws.com
auth.split.io
1    52.222.236.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-43.fra56.r.cloudfront.net
script.hotjar.com
3    34.206.210.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-210-180.compute-1.amazonaws.com
heapanalytics.com
1    108.157.4.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-7.dus51.r.cloudfront.net
vars.hotjar.com
2    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2606:4700::6812:da5 (United States)

ASN13335 (CLOUDFLARENET, US)
videos-cloudflare.jwpsrv.com
Apex Domain
Subdomains		 Transfer
9 mybooster.com
mybooster.com — Cisco Umbrella Rank: 288545
315 KB
8 split.io
cdn.split.io — Cisco Umbrella Rank: 16064
events.split.io — Cisco Umbrella Rank: 4106
sdk.split.io — Cisco Umbrella Rank: 2984
auth.split.io — Cisco Umbrella Rank: 3845
10 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
55 KB
7 jwplatform.com
content.jwplatform.com — Cisco Umbrella Rank: 3014
44 KB
6 jwpsrv.com
assets-jpcust.jwpsrv.com — Cisco Umbrella Rank: 2922
videos-cloudflare.jwpsrv.com — Cisco Umbrella Rank: 10311
350 KB
5 jwpcdn.com
ssl.p.jwpcdn.com — Cisco Umbrella Rank: 2468
243 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
43 KB
4 heapanalytics.com
cdn.heapanalytics.com — Cisco Umbrella Rank: 3026
heapanalytics.com — Cisco Umbrella Rank: 2637
46 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 574
script.hotjar.com — Cisco Umbrella Rank: 726
vars.hotjar.com — Cisco Umbrella Rank: 809
65 KB
2 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 747
138 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
15 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126
83 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
2 KB
2 amazonaws.com
funrun-prod.s3.amazonaws.com — Cisco Umbrella Rank: 568276
272 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
79 KB
1 jwpltx.com
prd.jwpltx.com — Cisco Umbrella Rank: 2733
40 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6342
501 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
501 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 67
440 B
68 19
Domain Requested by
9 mybooster.com 2 redirects mybooster.com
cdn.split.io
7 www.google-analytics.com mybooster.com
www.google-analytics.com
cdn.split.io
7 content.jwplatform.com 3 redirects mybooster.com
content.jwplatform.com
ssl.p.jwpcdn.com
5 ssl.p.jwpcdn.com content.jwplatform.com
4 sdk.split.io cdn.split.io
3 videos-cloudflare.jwpsrv.com ssl.p.jwpcdn.com
3 www.gstatic.com content.jwplatform.com
www.gstatic.com
3 heapanalytics.com mybooster.com
3 assets-jpcust.jwpsrv.com mybooster.com
2 static.xx.fbcdn.net www.facebook.com
2 www.facebook.com cdn.split.io
connect.facebook.net
2 auth.split.io cdn.split.io
2 connect.facebook.net mybooster.com
connect.facebook.net
2 fonts.googleapis.com mybooster.com
2 funrun-prod.s3.amazonaws.com mybooster.com
2 www.googletagmanager.com mybooster.com
1 prd.jwpltx.com
1 www.google.de
1 www.google.com
1 stats.g.doubleclick.net cdn.split.io
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 fonts.gstatic.com fonts.googleapis.com
1 static.hotjar.com mybooster.com
1 cdn.heapanalytics.com mybooster.com
1 events.split.io cdn.split.io
1 cdn.split.io mybooster.com
68 27
Subject Issuer Validity Valid
*.mybooster.com
Amazon		 2021-04-01 -
2022-04-30		 a year crt.sh
*.split.io
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-12-24 -
2023-01-25		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-12-13 -
2022-12-13		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
cdn.heapanalytics.com
Amazon		 2021-08-28 -
2022-09-26		 a year crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-25 -
2022-02-23		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
jwplayer.com
Amazon		 2021-12-29 -
2023-01-25		 a year crt.sh
heapanalytics.com
Amazon		 2021-12-09 -
2023-01-06		 a year crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-20 -
2022-05-22		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
videos-cloudflare.jwpsrv.com
Cloudflare Inc ECC CA-3		 2021-06-10 -
2022-06-09		 a year crt.sh

This page contains 5 frames:

Primary Page: https://mybooster.com/v3/dash/jIDnj-Nm?utm_source=eedayafter&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
Frame ID: 9A98C2808C17E8298D8C39D6228D122C
Requests: 40 HTTP requests in this frame

Frame: https://content.jwplatform.com/players/2Zc8QBmJ-JcxcCN5H.html?rel=0&wmode=transparent&showinfo=0
Frame ID: B9901EB5CEE69AE5549FD6D67A770385
Requests: 1 HTTP requests in this frame

Frame: https://content.jwplatform.com/players/2Zc8QBmJ-JcxcCN5H.html?rel=0&wmode=transparent&showinfo=0
Frame ID: 92669F4516EEB1A573B0FBE303496A99
Requests: 19 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: 330437B2FDB14B7F3A988921C8A5CF0C
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=1056623917722217&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df40e27bdc62094%26domain%3Dmybooster.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmybooster.com%252Ff3ec453968b7554%26relation%3Dparent.parent&container_width=1600&href=https%3A%2F%2Fwww.facebook.com%2FBoosterthon&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&size=small
Frame ID: AFD0C98C152EF10F0A0E43CA6B653855
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Armstrong Elementary Dance Fit

Page URL History Show full URLs

  1. https://mybooster.com/a/s/jIDnj-Nm/ HTTP 302
    https://mybooster.com/v3/dash/jIDnj-Nm HTTP 302
    https://mybooster.com/v3/dash/jIDnj-Nm?utm_source=eedayafter&utm_medium=email&utm_content=ssvideo&... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • heap-\d+\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

68
Requests

90 %
HTTPS

54 %
IPv6

19
Domains

27
Subdomains

25
IPs

4
Countries

1759 kB
Transfer

4361 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mybooster.com/a/s/jIDnj-Nm/ HTTP 302
    https://mybooster.com/v3/dash/jIDnj-Nm HTTP 302
    https://mybooster.com/v3/dash/jIDnj-Nm?utm_source=eedayafter&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://content.jwplatform.com/thumbs/2Zc8QBmJ-320.jpg HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/92obvjic-320.jpg
Request Chain 50
  • https://content.jwplatform.com/strips/2Zc8QBmJ-120.vtt HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/2Zc8QBmJ-120.vtt
Request Chain 54
  • https://content.jwplatform.com/v2/media/2Zc8QBmJ/poster.jpg?width=720 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/92obvjic-720.jpg

68 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request jIDnj-Nm
mybooster.com/v3/dash/
Redirect Chain
  • https://mybooster.com/a/s/jIDnj-Nm/
  • https://mybooster.com/v3/dash/jIDnj-Nm
  • https://mybooster.com/v3/dash/jIDnj-Nm?utm_source=eedayafter&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
70 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mybooster.com/v3/dash/jIDnj-Nm?utm_source=eedayafter&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.171.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-171-19.compute-1.amazonaws.com
Software
nginx/1.21.6 /
Resource Hash
4c5db639ccd0ab54a88f7780c1d4216a2e32ef09a1e3b2f11fa42a0f7527ea20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 16 Feb 2022 02:32:34 GMT
content-type
text/html; charset=UTF-8
server
nginx/1.21.6
vary
Accept-Encoding
cache-control
no-cache, private
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-encoding
gzip

Redirect headers

date
Wed, 16 Feb 2022 02:32:33 GMT
content-type
text/html; charset=UTF-8
location
https://mybooster.com/v3/dash/jIDnj-Nm?utm_source=eedayafter&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
server
nginx/1.21.6
cache-control
no-cache, private
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
1; mode=block
rum-agent-0.2.1.min.js
cdn.split.io/rum-agent/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.split.io/rum-agent/rum-agent-0.2.1.min.js
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3/dash/jIDnj-Nm?utm_source=eedayafter&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
176456b092cd1d5d4f005291a165ced9629dc6513d8df0485069d8d8de19c140

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:32:34 GMT
content-encoding
gzip
age
989475
via
1.1 varnish
x-cache
HIT
fastly-restarts
1
x-amz-id-2
zB6CjNwvdUKebL3hAF1fK3XyTNpcN8yWUAme5U5oYgaPX5sVcAfR/LTXURhx3PSzkFLwIRdziCQ=
x-served-by
cache-hhn4083-HHN
accept-ranges
bytes
last-modified
Fri, 09 Aug 2019 20:02:25 GMT
server
AmazonS3
x-timer
S1644978755.671826,VS0,VE0
etag
"b04fe930021a34c69d19067ea7689df6"
vary
Accept-Encoding
x-amz-request-id
QMSXMF59HZ31G1G5
access-control-allow-origin
*
cache-control
max-age=31536000, public
content-length
3450
content-type
application/javascript
x-cache-hits
82
app.css
mybooster.com/v3-assets/public/css/ 		195 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mybooster.com/v3-assets/public/css/app.css?id=21adbd1b93dd5a809fa5
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3/dash/jIDnj-Nm?utm_source=eedayafter&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.171.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-171-19.compute-1.amazonaws.com
Software
nginx/1.21.6 /
Resource Hash
0d672fd24a23248ebd323d33ca77ae1ab562e320f3c7d3ba61103d38012b2ecf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/v3/dash/jIDnj-Nm?utm_source=eedayafter&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:32:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 04 Feb 2022 18:16:23 GMT
server
nginx/1.21.6
etag
W/"61fd6d77-30d1c"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1209600
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
expires
Wed, 02 Mar 2022 02:32:34 GMT
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-18391724-4
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3/dash/jIDnj-Nm?utm_source=eedayafter&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:803::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8d9b77f6b3196afd417391d6f3776960dd37db05d691c4eb73b5b1c076968229
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:32:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36112
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 00:57:59 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 16 Feb 2022 02:32:34 GMT
5c6479a718f3cd758ca5771ad629c628.png
funrun-prod.s3.amazonaws.com/program_logos/ 		228 KB
229 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://funrun-prod.s3.amazonaws.com/program_logos/5c6479a718f3cd758ca5771ad629c628.png
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3/dash/jIDnj-Nm?utm_source=eedayafter&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.133.73 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
b2afb3001eea0048c361f04782638dbf9e391773be594edcd6f3f0f13098f32e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 02:32:36 GMT
Last-Modified
Wed, 05 Jan 2022 19:27:32 GMT
Server
AmazonS3
x-amz-request-id
WN60YMWYQ2DCV5AS
ETag
"cb85c7e0b969e3c920c73500cb17535f"
x-amz-version-id
x5oTknpuabjaVx13tkSn6VpAfbf8OsNC
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Type
binary/octet-stream
Content-Length
233887
x-amz-id-2
YqZ6UwgHZOmRXHkm0OozUTw4SBkfSWaO0+J3b6umEgoe2Htj0DpvP1YoT/9sWSBsfBJdETYGZok=
22897396_1644502128.jpg
funrun-prod.s3.amazonaws.com/user_profile_images/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://funrun-prod.s3.amazonaws.com/user_profile_images/22897396_1644502128.jpg
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3/dash/jIDnj-Nm?utm_source=eedayafter&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.133.73 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
bb2db3951db9f6347a72eaff1a8c564baf4f6876d6699bc56d5df96ec2bbe662

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 02:32:36 GMT
Last-Modified
Thu, 10 Feb 2022 14:08:49 GMT
Server
AmazonS3
x-amz-request-id
WN61XGGJQN200527
ETag
"56492683a245b7b501f954f6a9fa9c20"
x-amz-version-id
8Sy78jd6u2C7LBMDu.CQldqXzQsg0ijv
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
43648
x-amz-id-2
VuksUMqBs2X/bwIm5VBequU8WZcMjB/q4J1eEjZk5a24FCp8dJCa7vBom4I0o99VdlbP3ioiZoM=
92obvjic-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://content.jwplatform.com/thumbs/2Zc8QBmJ-320.jpg
  • https://assets-jpcust.jwpsrv.com/thumbnails/92obvjic-320.jpg
33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/92obvjic-320.jpg
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3/dash/jIDnj-Nm?utm_source=eedayafter&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
Protocol
H2
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d581639c3efe2314fc804f8b2d5e2bc95ada3b486f4da4b4a5661c458cbb4206

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:32:35 GMT
content-encoding
gzip
age
0
x-amz-server-side-encryption
AES256
x-cache
MISS, MISS
content-length
33387
x-served-by
cache-iad-kiad7000171-IAD, cache-hhn4059-HHN
access-control-allow-origin
*
last-modified
Fri, 11 Feb 2022 02:00:27 GMT
server
nginx
x-timer
S1644978755.225995,VS0,VE155
etag
"e4171dade0f58c9579d299257c5c21cb"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
0, 0

Redirect headers

date
Wed, 16 Feb 2022 02:32:35 GMT
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
location
https://assets-jpcust.jwpsrv.com/thumbnails/92obvjic-320.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
rNMBNV4Vhgf1dUnapIz_i7mLZGdRC5fLiwk0-l7Jh4bUc_-QsPZ9ZA==
app.js
mybooster.com/v3-assets/public/js/ 		584 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mybooster.com/v3-assets/public/js/app.js?id=fd5a71dd0bc8035e564d
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3/dash/jIDnj-Nm?utm_source=eedayafter&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.171.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-171-19.compute-1.amazonaws.com
Software
nginx/1.21.6 /
Resource Hash
bc77f593a9905244fe035916bcb8f189dcf357eba369645edbc08d5e54e71481
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/v3/dash/jIDnj-Nm?utm_source=eedayafter&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:32:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 04 Feb 2022 18:16:22 GMT
server
nginx/1.21.6
etag
W/"61fd6d76-91e2c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=1209600
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
expires
Wed, 02 Mar 2022 02:32:34 GMT
gtm.js
www.googletagmanager.com/ 		119 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K6MGXPQ
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3/dash/jIDnj-Nm?utm_source=eedayafter&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:803::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f9d11cb857627083b322bf5cdc1bd49888220a990172060d6e7d2a359d563efa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:32:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43939
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 00:57:59 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 16 Feb 2022 02:32:34 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3/dash/jIDnj-Nm?utm_source=eedayafter&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:800::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2023
date
Wed, 16 Feb 2022 01:58:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 16 Feb 2022 03:58:52 GMT
beacon
events.split.io/api/events/ 		0
303 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.split.io/api/events/beacon
Requested by
Host: cdn.split.io
URL: https://cdn.split.io/rum-agent/rum-agent-0.2.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.59.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-59-225.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mybooster.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 16 Feb 2022 02:32:34 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://mybooster.com
access-control-expose-headers
Access-Control-Allow-Origin,X-Request-ID
access-control-allow-credentials
true
strict-transport-security
max-age=15770000; includeSubDomains
vary
Origin
x-xss-protection
1; mode=block
x-request-id
22avqix8vti
css
fonts.googleapis.com/ 		2 KB
635 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3-assets/public/css/app.css?id=21adbd1b93dd5a809fa5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6e6ca8458e665dbb0c6ef4974ee969c1a854bbc5c0f2a66edeebf68b806f3a0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 00:56:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 16 Feb 2022 02:32:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Feb 2022 02:32:34 GMT
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:300,400,600
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3-assets/public/css/app.css?id=21adbd1b93dd5a809fa5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c679492caf13cd4940c5f93844f65b1317b16ec768b363a8b177f9e6d8b5b81f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 00:51:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 16 Feb 2022 02:32:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Feb 2022 02:32:34 GMT
heap-1943480710.js
cdn.heapanalytics.com/js/ 		120 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/heap-1943480710.js
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3/dash/jIDnj-Nm?utm_source=eedayafter&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-116.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
e287557427be813737c082e6f853e5abe5d9ecffac84a7d89219079975a8ca8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:30:48 GMT
content-encoding
gzip
server
nginx
age
107
etag
W/"1e027-DA3FE1gAk74Bd33+U0KTxQ"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
cache-control
public, max-age=120
x-amz-cf-pop
FRA60-P1
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-id
28iOpFLBnGEHO0ShPrtkrN86ep5zKTxfmIcvoJ0T0ZOEU6sON3haQw==
hotjar-640032.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-640032.js?sv=6
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3/dash/jIDnj-Nm?utm_source=eedayafter&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-53.fra56.r.cloudfront.net
Software
/
Resource Hash
73ab66b3bba5cc0179a73a0d0f21a762edc3d7b541fea72517d61b02c9cb08aa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:31:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
36
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1932
access-control-allow-origin
*
x-cache-hit
1
etag
W/41c3d229b741e1ad22dcef13ccb1d379
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
cache-control
max-age=60
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
MXo9eIYqrA2acIjIOiaWAun6cx5pLP5UfNX5GPIBKhNIxLGqOOSWjw==
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3/dash/jIDnj-Nm?utm_source=eedayafter&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e8a5a6c756fc393f489775f4a4a35a17bb194541f665d60e7b8e6aabec347a6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
UN2cf3qr68IAVX1aWgXb/A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Wed, 16 Feb 2022 02:39:52 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
fvWG6dU29GYXI23itY1J6PS7pQXoldIXAFNyYiikJ5zYpBbRcf4lrX1zQlPIm/w1Wp4WwsIyUI7gFF5d6PTmCQ==
x-fb-trip-id
917726464
x-fb-content-md5
503253ffda86640a1aa1f3836e44650c
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 16 Feb 2022 02:32:34 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"7b9bca747cc9e2a118b0024a95f37db5"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
2Zc8QBmJ-JcxcCN5H.html
content.jwplatform.com/players/ Frame B990 		0
0
left-chevron.svg
mybooster.com/v3-assets/public/images/ 		1 KB
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mybooster.com/v3-assets/public/images/left-chevron.svg
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3-assets/public/css/app.css?id=21adbd1b93dd5a809fa5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.171.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-171-19.compute-1.amazonaws.com
Software
nginx/1.21.6 /
Resource Hash
f0180347aaa59315dbec8ed6f465ffe2843a4df4bb6e49a7748604cf5f2ecf4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/v3-assets/public/css/app.css?id=21adbd1b93dd5a809fa5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:32:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 04 Feb 2022 18:14:59 GMT
server
nginx/1.21.6
etag
W/"61fd6d23-430"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=1209600
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
expires
Wed, 02 Mar 2022 02:32:35 GMT
right-chevron.svg
mybooster.com/v3-assets/public/images/ 		1 KB
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mybooster.com/v3-assets/public/images/right-chevron.svg
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3-assets/public/css/app.css?id=21adbd1b93dd5a809fa5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.171.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-171-19.compute-1.amazonaws.com
Software
nginx/1.21.6 /
Resource Hash
c184d109e21a7d81a00b6196811413901f9c3dd66e6dc5a52deb53c725e3bfea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/v3-assets/public/css/app.css?id=21adbd1b93dd5a809fa5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:32:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 04 Feb 2022 18:14:59 GMT
server
nginx/1.21.6
etag
W/"61fd6d23-42d"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=1209600
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
expires
Wed, 02 Mar 2022 02:32:35 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mybooster.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 14:56:27 GMT
x-content-type-options
nosniff
age
560168
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13080
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:10:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 14:56:27 GMT
fontawesome-webfont.woff2
mybooster.com/v3-assets/public/fonts/vendor/font-awesome/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mybooster.com/v3-assets/public/fonts/vendor/font-awesome/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3-assets/public/css/app.css?id=21adbd1b93dd5a809fa5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.171.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-171-19.compute-1.amazonaws.com
Software
nginx/1.21.6 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mybooster.com/v3-assets/public/css/app.css?id=21adbd1b93dd5a809fa5
Origin
https://mybooster.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:32:35 GMT
x-content-type-options
nosniff
last-modified
Fri, 04 Feb 2022 18:14:59 GMT
server
nginx/1.21.6
etag
"61fd6d23-12d68"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
font/woff2
cache-control
max-age=1209600
accept-ranges
bytes
content-length
77160
x-xss-protection
1; mode=block
expires
Wed, 02 Mar 2022 02:32:35 GMT
e751692e-1d7c-4318-a522-fb9d51a179a7
sdk.split.io/api/mySegments/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.split.io/api/mySegments/e751692e-1d7c-4318-a522-fb9d51a179a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.9 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,splitsdkversion
Origin
https://mybooster.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Varnish
retry-after
0
allow
HEAD,GET,OPTIONS,POST,PUT,DELETE
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-max-age
7200
accept-ranges
bytes
date
Wed, 16 Feb 2022 02:32:35 GMT
via
1.1 varnish
x-served-by
cache-hhn4046-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1644978755.159501,VS0,VE0
vary
Cookie
access-control-allow-origin
https://mybooster.com
content-length
37
e751692e-1d7c-4318-a522-fb9d51a179a7
sdk.split.io/api/mySegments/ 		17 B
267 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sdk.split.io/api/mySegments/e751692e-1d7c-4318-a522-fb9d51a179a7
Requested by
Host: cdn.split.io
URL: https://cdn.split.io/rum-agent/rum-agent-0.2.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.9 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubDomains

Request headers

Accept
application/json
Referer
https://mybooster.com/
Authorization
Bearer 9qtq8gvmb8dnha0ecdhf853cdociul8hdse9
Accept-Language
de-DE,de;q=0.9
SplitSDKVersion
javascript-10.16.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=15770000; includeSubDomains
via
1.1 varnish, 1.1 varnish
etag
"1000002--gzip"
age
0
x-cache
MISS, MISS
content-encoding
gzip
content-length
37
x-request-id
22b1qw7gkpf
x-served-by
cache-iad-kjyo7100103-IAD, cache-hhn4046-HHN
x-timer
S1644978755.167017,VS0,VE95
date
Wed, 16 Feb 2022 02:32:35 GMT
vary
Origin, Accept-Encoding, Cookie
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin,X-Request-ID
cache-control
no-transform, max-age=60, s-maxage=60
trace
cache-iad-kjyo7100103-IAD-2cf6e61e-76d5-42c8-b4b3-2b8a7566eb58; cache-hhn4046-HHN-535d8a80-7b68-4ee2-be9d-4bb5740c2446
accept-ranges
bytes
x-cache-hits
0, 0
2Zc8QBmJ-JcxcCN5H.html
content.jwplatform.com/players/ Frame 9266 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://content.jwplatform.com/players/2Zc8QBmJ-JcxcCN5H.html?rel=0&wmode=transparent&showinfo=0
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3-assets/public/js/app.js?id=fd5a71dd0bc8035e564d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:3000:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
60b8295a4ff112d8ccb06428a0faa56cbea24ef1d631718911434311b15de90b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/

Response headers

content-type
text/html; charset=utf-8
content-length
1465
access-control-allow-origin
*
content-encoding
gzip
date
Wed, 16 Feb 2022 02:32:35 GMT
server
openresty
x-cache
Hit from cloudfront
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
IMycdeejDlrc2uibqV1gnKNLhvVCIEEMwUqpg4gGCxVs6w_f6hWWAw==
splitChanges
sdk.split.io/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.split.io/api/splitChanges?since=-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.9 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,splitsdkversion
Origin
https://mybooster.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Varnish
retry-after
0
allow
HEAD,GET,OPTIONS,POST,PUT,DELETE
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-max-age
7200
accept-ranges
bytes
date
Wed, 16 Feb 2022 02:32:35 GMT
via
1.1 varnish
x-served-by
cache-hhn4046-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1644978755.175314,VS0,VE0
vary
Cookie
access-control-allow-origin
https://mybooster.com
content-length
37
splitChanges
sdk.split.io/api/ 		27 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sdk.split.io/api/splitChanges?since=-1
Requested by
Host: cdn.split.io
URL: https://cdn.split.io/rum-agent/rum-agent-0.2.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.9 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7b04a0a72f9ba0cee70cbdba99f9ac45a80d260618a778701b079681f01992e9
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubDomains

Request headers

Accept
application/json
Referer
https://mybooster.com/
Authorization
Bearer 9qtq8gvmb8dnha0ecdhf853cdociul8hdse9
Accept-Language
de-DE,de;q=0.9
SplitSDKVersion
javascript-10.16.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=15770000; includeSubDomains
content-encoding
gzip
etag
"-723423789--gzip"
age
11963
x-cache
HIT, HIT
content-length
4611
via
1.1 varnish, 1.1 varnish
x-request-id
22aumh1vguo
x-served-by
cache-iad-kjyo7100173-IAD, cache-hhn4046-HHN
last-modified
Thu, 13 Jan 2022 14:28:25 GMT
x-timer
S1644978755.183226,VS0,VE0
date
Wed, 16 Feb 2022 02:32:35 GMT
vary
Origin, Accept-Encoding, Cookie
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin,X-Request-ID
cache-control
no-transform, max-age=60, s-maxage=60
trace
cache-iad-kjyo7100173-IAD-48de3cdd-1d42-40d8-ba3d-f01d6cd4e919; cache-hhn4055-HHN-809542bd-4e55-41cd-8cda-2382a81485a8
accept-ranges
bytes
x-cache-hits
13, 3
auth
auth.split.io/api/v2/ 		664 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://auth.split.io/api/v2/auth?users=e751692e-1d7c-4318-a522-fb9d51a179a7
Requested by
Host: cdn.split.io
URL: https://cdn.split.io/rum-agent/rum-agent-0.2.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.213.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-213-233.compute-1.amazonaws.com
Software
/
Resource Hash
ba90601566675534a8efef821728f11409d22756130693619771cb9eeb7e333b
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubdomains

Request headers

Accept
application/json
Referer
https://mybooster.com/
Authorization
Bearer 9qtq8gvmb8dnha0ecdhf853cdociul8hdse9
Accept-Language
de-DE,de;q=0.9
SplitSDKVersion
javascript-10.16.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 16 Feb 2022 02:32:35 GMT
strict-transport-security
max-age=15770000; includeSubdomains
access-control-allow-methods
GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mybooster.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion
content-length
664
auth
auth.split.io/api/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://auth.split.io/api/v2/auth?users=e751692e-1d7c-4318-a522-fb9d51a179a7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.213.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-213-233.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,splitsdkversion
Origin
https://mybooster.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 16 Feb 2022 02:32:35 GMT
content-type
application/json; charset=utf-8
content-length
4
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://mybooster.com
strict-transport-security
max-age=15770000; includeSubdomains
modules.855de5fca5328f4d913a.js
script.hotjar.com/ 		235 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.855de5fca5328f4d913a.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-640032.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-43.fra56.r.cloudfront.net
Software
/
Resource Hash
23b3d2b54537739075db04f57c66bd7a4b95aef7a8d95cfd50516c51ec094250
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 17:20:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
465149
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
62578
access-control-allow-origin
*
last-modified
Thu, 10 Feb 2022 17:19:42 GMT
etag
"6f96b4466f1ad2a1f9575d6ac84a137f"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
dOgBKvF9sfBR6WIuSF2vAfuskhFJUmK-zhKmbSdT-nAHyey3jFWR-A==
all.js
connect.facebook.net/en_US/ 		285 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=07a9b83be6a74486a670090c3eba7954
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9cee604111319ff2ecbf101a286b002f021b2d553fe1e8048dd570ef25eeb2ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://mybooster.com/
Origin
https://mybooster.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
tMlbksiGpMeHHcuQQE3yVg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Wed, 15 Feb 2023 21:22:13 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
82117
x-fb-rlafr
0
x-fb-debug
bgFa1q9Ou43ejl7pyamFITLwaE231j0gJ10Qjs1WLZxLUuJFoKMCNNxXBV93VMh9iFcsRyO1rxr35cVc+2vIUA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
3f4b9f826d225164a015686e82293b16
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 16 Feb 2022 02:32:35 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"693086efcbe303b937c51cd8f59fc430"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
js
www.google-analytics.com/gtm/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-5NBXL2R&t=gtag_UA_18391724_4&cid=770695009.1644978755
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:800::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7c0ebdd66b09f4789b3f427d19020a726ac4be7cc2e0c2d1baf11913a302109a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:32:35 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35903
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 00:57:59 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 16 Feb 2022 02:32:35 GMT
h
heapanalytics.com/ 		37 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=1943480710&u=4154484892297322&v=8437069606136127&s=554680969422384&b=web&tv=4.0&z=0&h=%2Fv3%2Fdash%2FjIDnj-Nm&q=%3Futm_source%3Deedayafter%26utm_medium%3Demail%26utm_content%3Dssvideo%26utm_campaign%3Dsponsorpledgeask&d=mybooster.com&t=Armstrong%20Elementary%20Dance%20Fit&us=eedayafter&um=email&uc=ssvideo&ua=sponsorpledgeask&k=Program%20Name&k=Armstrong%20Elementary%20Dance%20Fit&k=Video%20Title&k=Benjamin%27s%20Video&k=Event%20Date%20-%20String&k=Event%20Date%3A%2002%2F11%2F2022&k=Total%20Raised%20to%20Goal%20-%20String&k=%2413.17%20per%20minute%20danced&k=Participant%20User%20ID&k=22897396&k=Screen%20Dimensions&k=1600%20x%201200&ts=1644978755248&st=1644978755249
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3/dash/jIDnj-Nm?utm_source=eedayafter&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.210.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-210-180.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 02:32:35 GMT
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
box-acca23410e696f2ca3087d947271c3d0.html
vars.hotjar.com/ Frame 3304 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-640032.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-7.dus51.r.cloudfront.net
Software
/
Resource Hash
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/

Response headers

content-type
text/html
content-length
1044
date
Fri, 04 Feb 2022 08:52:06 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
etag
"6f65fac4e8efe167ff5132c0c54c5729"
last-modified
Fri, 04 Feb 2022 08:51:39 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 b0067143f1e1520182fe27b53cced2a6.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
iQpXGsYDhNDLIlXkDtUwtfkHDm6pUabZ135PcQax7DyEVoQRzXw8SA==
age
1014029
experiment
mybooster.com/v3/api/ 		462 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mybooster.com/v3/api/experiment
Requested by
Host: cdn.split.io
URL: https://cdn.split.io/rum-agent/rum-agent-0.2.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.171.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-171-19.compute-1.amazonaws.com
Software
nginx/1.21.6 /
Resource Hash
19b4c0e48cd68cfc64bd87ecbd811d96ac3dddbfe69cae2287e19a53f99090bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-XSRF-TOKEN
eyJpdiI6Impmd3N2dnQ0dHNRTXJaamJ1U2c0cnc9PSIsInZhbHVlIjoiR0dTVzFBQVl0dEE1NnFQdm1US1NrYmFLNjc5bHk2UUtnRGRWYjhmRnVLUzBOaG1TS1dwY2lJNjhORFNXM2tQWEpqcll2UnhOQ3g4YWhkMjFXWGFOZXZ5OHF3S0huanIvYkZiSlRVaDhKWEx6cGEwODA1cVFtbC9wZjF1dTJEZHEiLCJtYWMiOiJiYWIyMjBkYmI0MWI5NzQzOTVlOGZjOGNiNWU4MDU5ODA0NzYwM2M2OGJiMmViMTlkNzQ0YzU4ZGNkNzBjNDAxIiwidGFnIjoiIn0=
X-CSRF-TOKEN
iKMlCuWpwziEiYPBk1BcDiQEqvD5YjEHLW97l3Lf
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://mybooster.com/v3/dash/jIDnj-Nm?utm_source=eedayafter&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
X-Requested-With
XMLHttpRequest

Response headers

date
Wed, 16 Feb 2022 02:32:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.21.6
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
cache-control
no-cache, private
vary
Accept-Encoding
x-xss-protection
1; mode=block
telemetry
heapanalytics.com/api/ 		37 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/api/telemetry?a=1943480710&te=type&te=data&te=cm&te=addUserProperties%20-%20no%20valid%20props&st=1644978755258&hv=4.17.0
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3/dash/jIDnj-Nm?utm_source=eedayafter&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.210.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-210-180.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 02:32:35 GMT
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=1056623917722217&input_token&origin=1&redirect_uri=https%3A%2F%2Fmybooster.com%2Fv3%2Fdash%2FjIDnj-Nm%3Futm_source%3Deedayafter%26utm_medium%3Demail%26utm_content%3Dssvideo%26utm_campaign%3Dsponsorpledgeask&sdk=joey&wants_cookie_data=true
Requested by
Host: cdn.split.io
URL: https://cdn.split.io/rum-agent/rum-agent-0.2.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
jShKZfBGsfKc/XeZV1tsO3Ogbcjus5lES0ZHFQDWEHKesIvSUj7mB5T0e6BloRrqlGVTnbYDl8yDPTqgaA8Cdg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
date
Wed, 16 Feb 2022 02:32:35 GMT
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://mybooster.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
2Zc8QBmJ-JcxcCN5H.js
content.jwplatform.com/players/ Frame 9266 		112 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.jwplatform.com/players/2Zc8QBmJ-JcxcCN5H.js?rel=0&amp;wmode=transparent&amp;showinfo=0
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/players/2Zc8QBmJ-JcxcCN5H.html?rel=0&wmode=transparent&showinfo=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:3000:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
a723d0f43fd09a07247f03f1f776d2833f10c6b035ac3e448ef49dfff6d50e76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/players/2Zc8QBmJ-JcxcCN5H.html?rel=0&wmode=transparent&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:32:35 GMT
content-encoding
gzip
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=150, max-stale=180
content-length
40394
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
x-amz-cf-id
bgBKqinSQOoUsdGlh556ax-ZynBopayYw2phdEq6Jj1tDzl7iE0DzA==
expires
Wed, 16 Feb 2022 02:35:05 GMT
jwpsrv.js
ssl.p.jwpcdn.com/player/v/8.24.3/ Frame 9266 		61 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.24.3/jwpsrv.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/players/2Zc8QBmJ-JcxcCN5H.js?rel=0&amp;wmode=transparent&amp;showinfo=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aefe09194c600df28a1d55fd7148031678d5d7a19d337d532cb4efcecff81869

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:32:35 GMT
content-encoding
gzip
age
238
x-cache
HIT
content-length
18658
via
1.1 varnish
x-served-by
cache-hhn4059-HHN
last-modified
Wed, 02 Feb 2022 23:47:03 GMT
server
AmazonS3
x-timer
S1644978756.591435,VS0,VE0
etag
"f50a9a91be4569c9271626978d999b7a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, immutable
accept-ranges
bytes
x-cache-hits
130
jwplayer.core.controls.js
ssl.p.jwpcdn.com/player/v/8.24.3/ Frame 9266 		309 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.24.3/jwplayer.core.controls.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/players/2Zc8QBmJ-JcxcCN5H.js?rel=0&amp;wmode=transparent&amp;showinfo=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5cf7b01e9bad3d3a9da846f6be9bde1e9e50625bc4c0c19ef3f2cc52ab0278b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:32:35 GMT
content-encoding
gzip
age
1075233
x-cache
HIT
content-length
81490
via
1.1 varnish
x-served-by
cache-hhn4059-HHN
last-modified
Wed, 02 Feb 2022 23:46:53 GMT
server
AmazonS3
x-timer
S1644978756.591530,VS0,VE0
etag
"a99512d5317fbe4cd7b8949ad229be5a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
638824
2Zc8QBmJ
content.jwplatform.com/v2/media/ Frame 9266 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.jwplatform.com/v2/media/2Zc8QBmJ?recommendations_playlist_id=9x56mHvt
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/players/2Zc8QBmJ-JcxcCN5H.js?rel=0&amp;wmode=transparent&amp;showinfo=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:3000:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
c2765958da9b8e78abf7cb4db8259a58057c71bbcbea2d394096b143121f3fdd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/players/2Zc8QBmJ-JcxcCN5H.html?rel=0&wmode=transparent&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:32:35 GMT
content-encoding
gzip
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
content-length
707
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
x-amz-cf-id
jVd7ftfDJ9V1JPhQzRStcgELNHzDAbz2FyxHKlca4IGleHMDsXEMCg==
expires
Wed, 16 Feb 2022 02:35:35
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1067982591&t=event&_s=1&dl=https%3A%2F%2Fmybooster.com%2Fv3%2Fdash%2FjIDnj-Nm%3Futm_source%3Deedayafter%26utm_medium%3Demail%26utm_content%3Dssvideo%26utm_campaign%3Dsponsorpledgeask&ul=en-us&de=UTF-8&dt=Armstrong%20Elementary%20Dance%20Fit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Pledge%20Button&ea=Text%3A%20Donate%20Now%20(Treatment%20Enabled)&el=1&_u=aGhAAUADQAAAAC~&jid=469870815&gjid=1291184529&cid=770695009.1644978755&tid=UA-18391724-4&_gid=2104663804.1644978755&_r=1&_slc=1&z=2008375950
Requested by
Host: cdn.split.io
URL: https://cdn.split.io/rum-agent/rum-agent-0.2.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:800::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mybooster.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 02:32:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mybooster.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1067982591&t=event&_s=2&dl=https%3A%2F%2Fmybooster.com%2Fv3%2Fdash%2FjIDnj-Nm%3Futm_source%3Deedayafter%26utm_medium%3Demail%26utm_content%3Dssvideo%26utm_campaign%3Dsponsorpledgeask&ul=en-us&de=UTF-8&dt=Armstrong%20Elementary%20Dance%20Fit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Pledge%20Button&ea=Text%3A%20Donate%20Now%20(Treatment%20Enabled)&el=1&_u=aGhAAUADQAAAAC~&jid=&gjid=&cid=770695009.1644978755&tid=UA-18391724-4&_gid=2104663804.1644978755&z=1009534871
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3/dash/jIDnj-Nm?utm_source=eedayafter&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:800::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 22:02:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
16221
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1067982591&t=event&_s=3&dl=https%3A%2F%2Fmybooster.com%2Fv3%2Fdash%2FjIDnj-Nm%3Futm_source%3Deedayafter%26utm_medium%3Demail%26utm_content%3Dssvideo%26utm_campaign%3Dsponsorpledgeask&ul=en-us&de=UTF-8&dt=Armstrong%20Elementary%20Dance%20Fit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Pledge%20Button&ea=Text%3A%20Donate%20Now%20(Treatment%20Enabled)&el=1&_u=aGhAAUADQAAAAC~&jid=&gjid=&cid=770695009.1644978755&tid=UA-18391724-4&_gid=2104663804.1644978755&z=2141337268
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3/dash/jIDnj-Nm?utm_source=eedayafter&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:800::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 22:02:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
16221
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-18391724-4&cid=770695009.1644978755&jid=469870815&gjid=1291184529&_gid=2104663804.1644978755&_u=aGhAAUACQAAAAC~&z=705809141
Requested by
Host: cdn.split.io
URL: https://cdn.split.io/rum-agent/rum-agent-0.2.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mybooster.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 16 Feb 2022 02:32:35 GMT
content-type
text/plain
access-control-allow-origin
https://mybooster.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
like.php
www.facebook.com/plugins/ Frame AFD0 		48 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?action=like&app_id=1056623917722217&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df40e27bdc62094%26domain%3Dmybooster.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmybooster.com%252Ff3ec453968b7554%26relation%3Dparent.parent&container_width=1600&href=https%3A%2F%2Fwww.facebook.com%2FBoosterthon&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&size=small
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=07a9b83be6a74486a670090c3eba7954
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2bec69cd223b45525d00a1de6ca5a94eeb0236633d8c5e9de09b333b43b30062
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
document-policy
force-load-at-top
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
/0Vn5bOz/+dVg+ghvA9qy5XQ5jldmyhFZZ+WrwgwHgM41NhMUf9Tim1R0RglKzM2xMqxhTEYsrTYvSN9Xv7dkQ==
date
Wed, 16 Feb 2022 02:32:35 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-18391724-4&cid=770695009.1644978755&jid=469870815&_u=aGhAAUACQAAAAC~&z=533446642
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 02:32:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-18391724-4&cid=770695009.1644978755&jid=469870815&_u=aGhAAUACQAAAAC~&z=533446642
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 02:32:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
telemetry
heapanalytics.com/api/ 		37 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/api/telemetry?a=1943480710&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=16&st=1644978755259&hv=4.17.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.210.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-210-180.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 02:32:35 GMT
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
OqOE21UvWe3.png
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame AFD0 		400 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/OqOE21UvWe3.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?action=like&app_id=1056623917722217&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df40e27bdc62094%26domain%3Dmybooster.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmybooster.com%252Ff3ec453968b7554%26relation%3Dparent.parent&container_width=1600&href=https%3A%2F%2Fwww.facebook.com%2FBoosterthon&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&size=small
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:32:35 GMT
x-content-type-options
nosniff
content-md5
uF0RL4E+h23ClLQmPOTTMw==
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
400
x-fb-rlafr
0
x-fb-debug
hrmzlvzycwarQVAMLKQhkjId8DF5clotYM77HZeuLsQwmA4Z9Dzpg8zDGi4WDQjIlmBfrzSB9TgfxZcVVFas4g==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 08 Feb 2023 00:25:53 GMT
UZ7k9A2O053.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yP/l/en_US/ Frame AFD0 		520 KB
136 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yP/l/en_US/UZ7k9A2O053.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?action=like&app_id=1056623917722217&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df40e27bdc62094%26domain%3Dmybooster.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmybooster.com%252Ff3ec453968b7554%26relation%3Dparent.parent&container_width=1600&href=https%3A%2F%2Fwww.facebook.com%2FBoosterthon&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&size=small
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0d76b75a95e883b681546dc20f0675407bae83841f32527609d8940a7e8cf823
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:32:35 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
5+ODeJFDMh8f0lJmRYCcKA==
document-policy
force-load-at-top
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
139011
x-fb-rlafr
0
x-fb-debug
d6bWzLZ5Pm5Bnt/Yo/17F5glW6G+Eq+Hj6nQERhtDo33rUKbjpVvivoq7QlJQ8BGTx2cB16IdZ/qbwcx2G2nyA==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 15 Feb 2023 19:59:24 GMT
provider.hlsjs.js
ssl.p.jwpcdn.com/player/v/8.24.3/ Frame 9266 		387 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.24.3/provider.hlsjs.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/players/2Zc8QBmJ-JcxcCN5H.js?rel=0&amp;wmode=transparent&amp;showinfo=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2bfe57a23d8ef229c88a3d24babf237122d897f8f6f43e69c6cc4ebe14896687

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:32:36 GMT
content-encoding
gzip
age
1075281
x-cache
HIT
content-length
113210
via
1.1 varnish
x-served-by
cache-hhn4059-HHN
last-modified
Wed, 02 Feb 2022 23:46:58 GMT
server
AmazonS3
x-timer
S1644978756.026478,VS0,VE0
etag
"ba7d083531c284e20d19b93345e56932"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
553775
2Zc8QBmJ-120.vtt
assets-jpcust.jwpsrv.com/strips/ Frame 9266
Redirect Chain
  • https://content.jwplatform.com/strips/2Zc8QBmJ-120.vtt
  • https://assets-jpcust.jwpsrv.com/strips/2Zc8QBmJ-120.vtt
4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/strips/2Zc8QBmJ-120.vtt
Protocol
H2
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
37618c711df22e3cc165a9a440b6943740396a0612fcf0dafdeec4fde5618e0c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:32:36 GMT
content-encoding
gzip
age
0
x-amz-server-side-encryption
AES256
x-cache
MISS, MISS
access-control-max-age
180
content-length
588
x-served-by
cache-iad-kcgs7200081-IAD, cache-hhn4037-HHN
access-control-allow-origin
*
last-modified
Fri, 11 Feb 2022 01:59:00 GMT
server
nginx
x-timer
S1644978756.208150,VS0,VE128
etag
"0ad335aa89fd3201f20bddf2286c57aa"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/vtt
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
0, 0

Redirect headers

date
Wed, 16 Feb 2022 02:32:36 GMT
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
location
https://assets-jpcust.jwpsrv.com/strips/2Zc8QBmJ-120.vtt
x-cache
Miss from cloudfront
content-type
text/html
access-control-allow-origin
*
content-length
166
x-amz-cf-id
4cGdgbcp9V1rRmfbwT3xPgwkFkgTERdK1SabRJYPOmiPaC07igg6iQ==
provider.cast.js
ssl.p.jwpcdn.com/player/v/8.24.3/ Frame 9266 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.24.3/provider.cast.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/players/2Zc8QBmJ-JcxcCN5H.js?rel=0&amp;wmode=transparent&amp;showinfo=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1cd7eab92dcc04e7057d83a115c54de3d28e12634131e390fc005a06a2071a53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:32:36 GMT
content-encoding
gzip
age
1075279
x-cache
HIT
content-length
9002
via
1.1 varnish
x-served-by
cache-hhn4059-HHN
last-modified
Wed, 02 Feb 2022 23:46:58 GMT
server
AmazonS3
x-timer
S1644978756.096941,VS0,VE0
etag
"b3fd54f5e5702e3206bb36d2483ea577"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
307196
related.js
ssl.p.jwpcdn.com/player/v/8.24.3/ Frame 9266 		109 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.24.3/related.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/players/2Zc8QBmJ-JcxcCN5H.js?rel=0&amp;wmode=transparent&amp;showinfo=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bb5e2ea41114aac7cc85db465754f2f71644dc601ff16689ac1c3afbddc66138

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:32:36 GMT
content-encoding
gzip
age
1075280
x-cache
HIT
content-length
25207
via
1.1 varnish
x-served-by
cache-hhn4059-HHN
last-modified
Wed, 02 Feb 2022 23:47:01 GMT
server
AmazonS3
x-timer
S1644978756.097150,VS0,VE0
etag
"3244e814aba5e28b2d0b25b5fa10fbcf"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
435021
2Zc8QBmJ.m3u8
content.jwplatform.com/manifests/ Frame 9266 		1 KB
801 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.jwplatform.com/manifests/2Zc8QBmJ.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.24.3/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:3000:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
9ab609565ae9e74c14ab7cee7fecb71d8630c1d220718912947bba25575411fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/players/2Zc8QBmJ-JcxcCN5H.html?rel=0&wmode=transparent&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:32:36 GMT
content-encoding
gzip
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
application/vnd.apple.mpegurl; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600, max-stale=180
content-length
437
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
x-amz-cf-id
Sj32FfIBgrxn5jfYIpBaJi9SBQkTDZub9m1JgQe78Hs-IqPrnqZK7g==
expires
Wed, 16 Feb 2022 02:42:36 GMT
92obvjic-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/ Frame 9266
Redirect Chain
  • https://content.jwplatform.com/v2/media/2Zc8QBmJ/poster.jpg?width=720
  • https://assets-jpcust.jwpsrv.com/thumbnails/92obvjic-720.jpg
109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/92obvjic-720.jpg
Protocol
H2
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6360a0845402fb69aa28d9ab020d07b68e68ab953bb589ca103a72581553580a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:32:36 GMT
content-encoding
gzip
age
0
x-amz-server-side-encryption
AES256
x-cache
MISS, MISS
content-length
111084
x-served-by
cache-iad-kcgs7200085-IAD, cache-hhn4059-HHN
access-control-allow-origin
*
last-modified
Fri, 11 Feb 2022 02:00:28 GMT
server
nginx
x-timer
S1644978756.219237,VS0,VE213
etag
"58abdb8c7e433ebb6e196d12f42d51ec"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
0, 0

Redirect headers

date
Wed, 16 Feb 2022 02:32:36 GMT
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
location
https://assets-jpcust.jwpsrv.com/thumbnails/92obvjic-720.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
O3gfvAAe7UJkjGt0yv1KST3p7EySkc7D66N93X6fzt4q0b34R--abQ==
ping.gif
prd.jwpltx.com/v1/jwplayer6/ Frame 9266 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=907892631&e=e&n=9080775830899066&aid=PiCMMH9uEeamsxKCk4Wcgw&amp=0&at=1&c=-1&ccp=0&cp=0&d=0&eb=0&ed=6&emi=1abmebppg33h&i=1&id=2Zc8QBmJ&lid=5qpasdpn7rwn&lsa=set&mt=0&pbd=1&pbr=1&pgi=10y6meiolq2h&ph=3&pid=JcxcCN5H&pii=0&pl=387&plc=1&pli=lb094s1ycjix&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Benjamin%20Armstrong%20Elementary%20Dance%20Fit&pu=https%3A%2F%2Fmybooster.com%2F&pv=8.24.3&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=Benjamin%20Armstrong%20Elementary%20Dance%20Fit&tv=3.38.0&vb=0&vi=0&vl=90&wd=688&ab=0&cae=0&cb=1&cdid=botr_2Zc8QBmJ_JcxcCN5H_div&cme=0&dd=0&flc=0&fv=&ga=0&mk=hls&mu=https%3A%2F%2Fcontent.jwplatform.com%2Fmanifests%2F2Zc8QBmJ.m3u8&pbc=0&pd=2&plng=en-US&plt=100&pni=0&po=0&pogt=Benjamin%20Armstrong%20Elementary%20Dance%20Fit&sp=0&st=520&sa=1644978756095
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:32:36 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-served-by
cache-hhn4059-HHN
x-cache
MISS
x-cache-hits
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 9266 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/players/2Zc8QBmJ-JcxcCN5H.js?rel=0&amp;wmode=transparent&amp;showinfo=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:32:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Feb 2022 02:32:36 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1067982591&t=event&_s=4&dl=https%3A%2F%2Fmybooster.com%2Fv3%2Fdash%2FjIDnj-Nm%3Futm_source%3Deedayafter%26utm_medium%3Demail%26utm_content%3Dssvideo%26utm_campaign%3Dsponsorpledgeask&ul=en-us&de=UTF-8&dt=Armstrong%20Elementary%20Dance%20Fit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Public%20Page&ea=Exit%20Modal&el=exit-modal-on&_u=aGhAAUADQAAAAC~&jid=&gjid=&cid=770695009.1644978755&tid=UA-18391724-4&_gid=2104663804.1644978755&z=931536751
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:800::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 22:02:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
16222
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1067982591&t=event&_s=5&dl=https%3A%2F%2Fmybooster.com%2Fv3%2Fdash%2FjIDnj-Nm%3Futm_source%3Deedayafter%26utm_medium%3Demail%26utm_content%3Dssvideo%26utm_campaign%3Dsponsorpledgeask&ul=en-us&de=UTF-8&dt=Armstrong%20Elementary%20Dance%20Fit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Public%20Page&ea=Exit%20Modal%20Timer&el=exit-modal-off&_u=aGhAAUADQAAAAC~&jid=&gjid=&cid=770695009.1644978755&tid=UA-18391724-4&_gid=2104663804.1644978755&z=1882255007
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:800::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 22:02:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
16222
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
cast_framework.js
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame 9266 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf016295997068c6cd58f52c4fca8fdec2806b76e09b12521fcf734e0fcbf5f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:32:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12390
x-xss-protection
0
last-modified
Mon, 06 Jul 2020 23:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type
text/javascript
cache-control
private, max-age=0
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="chrome-dongle"
expires
Wed, 16 Feb 2022 02:32:36 GMT
cast_sender.js
www.gstatic.com/eureka/clank/98/ Frame 9266 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/98/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b3043a59925da95728c8d505da11bc06e2c7a502486e1c84fcc9445dee2ab96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 12:39:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49965
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15480
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 16:03:53 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview-release"
expires
Wed, 16 Feb 2022 12:39:51 GMT
2Zc8QBmJ-27622234.mp4.m3u8
videos-cloudflare.jwpsrv.com/620d0b04_48e454623e88b7dc8cd6ff86aa3e44a55dcff490/content/conversions/oCniVb9Q/videos/ Frame 9266 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudflare.jwpsrv.com/620d0b04_48e454623e88b7dc8cd6ff86aa3e44a55dcff490/content/conversions/oCniVb9Q/videos/2Zc8QBmJ-27622234.mp4.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.24.3/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:da5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77d863204d1c073b66e4faf8093ea584d3ca27da037d118ecbdd0cede0db4e5b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:32:36 GMT
via
1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-backend
https://s3-external-1.amazonaws.com
x-cache
HIT, MISS
fastly-stats
otfp=1
x-served-by
cache-iad-kcgs7200041-IAD, cache-fra19158-FRA
server
cloudflare
x-timer
S1644978756.403932,VS0,VE89
etag
W/"w-f_JA0IeMQg4rRnYeopcKSNO88fOGsmZJf8q18v2wiARHBtJxqq_CNj532qBi7U0oYaHeHNJWzxUR5jcvBvkipoPw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-mpegurl
access-control-allow-origin
*
cf-ray
6de35dcb49f3020d-ZRH
access-control-allow-headers
accept-encoding, cache-control, origin, dnt
x-cache-hits
1, 0
2Zc8QBmJ-27622234.mp4-1.ts
videos-cloudflare.jwpsrv.com/620d0b04_48e454623e88b7dc8cd6ff86aa3e44a55dcff490/content/conversions/oCniVb9Q/videos/ Frame 9266 		203 KB
204 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudflare.jwpsrv.com/620d0b04_48e454623e88b7dc8cd6ff86aa3e44a55dcff490/content/conversions/oCniVb9Q/videos/2Zc8QBmJ-27622234.mp4-1.ts
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.24.3/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:da5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
392841e06028f734df3db10b41508241b207f2bc095a85fdbd0b63bf364b58d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:32:36 GMT
via
1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-backend
https://s3-external-1.amazonaws.com
x-cache
HIT, MISS
fastly-stats
otfp=1
content-length
207928
x-served-by
cache-iad-kjyo7100148-IAD, cache-fra19145-FRA
x-fastly-otfp-info
ss=0.000 sl=4.000 vl=136.125 rs=320x180
server
cloudflare
x-timer
S1644978757.542781,VS0,VE99
etag
"H5jz1VLU8ibSQLd36BoOgV0irKHk1be8q0WX_aD5EJr42ruXdezjKvLC6TbyXEZu_jrr6ExFMk-qY1U0YNbB7sYQkA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
video/mp2t
access-control-allow-origin
*
accept-ranges
bytes
cf-ray
6de35dcc3ad3020d-ZRH
access-control-allow-headers
accept-encoding, cache-control, origin, dnt
x-cache-hits
1, 0
a2a236eb-1395-4b21-be93-26e0254da0db
https://content.jwplatform.com/ Frame 9266 		87 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://content.jwplatform.com/a2a236eb-1395-4b21-be93-26e0254da0db
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4cd5d51c0d2dc754d6e756033204ff2e492c722eef0ba69624210a14ec94f5e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length
88592
Content-Type
text/javascript
2Zc8QBmJ-27622236.mp4.m3u8
videos-cloudflare.jwpsrv.com/620d0b04_3e08a7a19114571cc7f891e7bb730990206e6910/content/conversions/oCniVb9Q/videos/ Frame 9266 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudflare.jwpsrv.com/620d0b04_3e08a7a19114571cc7f891e7bb730990206e6910/content/conversions/oCniVb9Q/videos/2Zc8QBmJ-27622236.mp4.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.24.3/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:da5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ff028713d969369e5c5ce7620e6a54a224b754f787a97a1ab789d9ed98ef64c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 02:32:36 GMT
via
1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-backend
https://s3-external-1.amazonaws.com
x-cache
HIT, MISS
fastly-stats
otfp=1
x-served-by
cache-iad-kcgs7200106-IAD, cache-fra19125-FRA
server
cloudflare
x-timer
S1644978757.761620,VS0,VE88
etag
W/"veVzBlDNoV3bbe5paouUsx7Q6ye6pltJLwrI64BJoh2f_lBhKH64Ag9PJnWizlSqMqAwKIty5r4iVrmGX2NlBAcgyJgn"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-mpegurl
access-control-allow-origin
*
cf-ray
6de35dcdac20020d-ZRH
access-control-allow-headers
accept-encoding, cache-control, origin, dnt
x-cache-hits
1, 0
bulk
events.split.io/api/testImpressions/ 		0
0
bulk
events.split.io/api/testImpressions/ Frame 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
content.jwplatform.com
URL
https://content.jwplatform.com/players/2Zc8QBmJ-JcxcCN5H.html?rel=0&wmode=transparent&showinfo=0
Domain
events.split.io
URL
https://events.split.io/api/testImpressions/bulk
Domain
events.split.io
URL
https://events.split.io/api/testImpressions/bulk

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| structuredClone object| dataLayer object| __tti object| SPLIT_RUM string| GoogleAnalyticsObject function| ga object| heap function| gtag function| hj object| _hjSettings function| fbAsyncInit object| google_tag_manager object| google_tag_data object| webpackChunk function| _ object| regeneratorRuntime function| jQuery function| $ function| axios object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| FB object| gaplugins object| gaGlobal object| gaData object| gtmRegButton object| pubFBShareButton boolean| gtmPhoneChanged boolean| gtmMonthChanged boolean| gtmDayChanged boolean| gtmYearChanged object| gtmPhoneField object| gtmMonthField object| gtmDayField object| gtmYearField object| gtmPledgeNextStep object| gtmPledgeNext object| gtmPledgePay boolean| gtmSponsorTypeChanged boolean| gtmSponsorNameChanged boolean| gtmSponsorLastChanged boolean| gtmSponsorEmailChanged boolean| gtmSponsorStateChanged boolean| gtmSponsorCCChanged boolean| gtmSponsorCVVChanged object| gtmSponsorTypeField object| gtmSponsorNameField object| gtmSponsorLastField object| gtmSponsorEmailField object| gtmSponsorStateField object| gtmSponsorCCField object| gtmSponsorCVVField object| google_optimize

19 Cookies

Domain/Path Name / Value
mybooster.com/v3/dash Name: hide_cookie_policy
Value: hide
.mybooster.com/ Name: csrfer_ckie
Value: 0d2fdcd23655d76fa914cb41ad5e1151
.mybooster.com/ Name: ci_session
Value: 8dep0cjd4ivru55j6fgg7pvfan0dnjqn
.mybooster.com/ Name: ref_code
Value: 8c80e78fe3666dc0c0c4dd04157071cb680a78c6
.mybooster.com/ Name: anon_user_id
Value: e751692e-1d7c-4318-a522-fb9d51a179a7
.mybooster.com/ Name: _hp2_id.1943480710
Value: %7B%22userId%22%3A%224154484892297322%22%2C%22pageviewId%22%3A%228437069606136127%22%2C%22sessionId%22%3A%22554680969422384%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.mybooster.com/ Name: _hp2_props.1943480710
Value: %7B%22Public_Donate_Button_PPP%22%3A%7B%22treatment%22%3A%22on%22%2C%22config%22%3Anull%7D%2C%22F21_PPP_popup_modal%22%3A%7B%22treatment%22%3A%22off%22%2C%22config%22%3Anull%7D%2C%22f21_pledging_ticker%22%3A%7B%22treatment%22%3A%22off%22%2C%22config%22%3Anull%7D%2C%22Exit_Modal_PPP%22%3A%7B%22treatment%22%3A%22on%22%2C%22config%22%3Anull%7D%2C%22logging_titan_public_experiments%22%3A%7B%22treatment%22%3A%22on%22%2C%22config%22%3Anull%7D%2C%22anonCookieHash%22%3A%22e751692e-1d7c-4318-a522-fb9d51a179a7%22%2C%22splitKey%22%3A%22e751692e-1d7c-4318-a522-fb9d51a179a7%22%2C%22programSalesforceId%22%3A%22a4M4U000001pKbVUAU%22%2C%22schoolSalesforceId%22%3A%22001U000000B2WuwIAF%22%2C%22teamId%22%3A%221027%22%2C%22semester%22%3A%222022-1-Spring%22%2C%22serviceLevel%22%3A%22Support%20Service%22%2C%22evenOddParent%22%3A%22even%22%2C%22parentUserId%22%3A%2222897374%22%2C%22funRun%22%3A%222022-02-11%2000%3A00%3A00%22%2C%22programID%22%3A%2228748%22%7D
.mybooster.com/ Name: _ga
Value: GA1.2.770695009.1644978755
.mybooster.com/ Name: _gid
Value: GA1.2.2104663804.1644978755
.mybooster.com/ Name: _hjSessionUser_640032
Value: eyJpZCI6IjdmNjgzYzZkLTc0YTUtNTllMi1iZTIzLWYzODA4ZjViNzJiNiIsImNyZWF0ZWQiOjE2NDQ5Nzg3NTUyNjksImV4aXN0aW5nIjpmYWxzZX0=
.mybooster.com/ Name: _hjFirstSeen
Value: 1
mybooster.com/ Name: _hjIncludedInSessionSample
Value: 0
.mybooster.com/ Name: _hjSession_640032
Value: eyJpZCI6IjkzZWQ3ZDM5LTA4NjQtNDc2Ni1iYzQzLTIxMGQxOGIyM2M2ZiIsImNyZWF0ZWQiOjE2NDQ5Nzg3NTUzMDgsImluU2FtcGxlIjpmYWxzZX0=
.mybooster.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.mybooster.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IlNFSDdteEdRTmlwQzE1M1JmRUowNlE9PSIsInZhbHVlIjoicXhpTVJMTURFd2dBc21uWDEyNENQSlNEOC9FRXAwTHh0VnF4ZFQrWVNDTmN2dUtzaUl3VEcrVm5xRWI3VVBiUEVKSkk4WE5VN1F0R21nQ2NmWFhIemFJM3paVTVBM1p3WTlHWko0ODVGUk10LzFOeVRtSzQzMm5MQnBueXErMU8iLCJtYWMiOiJjZTNmNDBkMzM2NmRmOWJhYTE0NTAxNTc1YjU0NzY2NGMzNzgyOTlhN2NhMTE2YTA4ZTk1ODFlZTkwODU4YTVmIiwidGFnIjoiIn0%3D
.mybooster.com/ Name: titan_session
Value: eyJpdiI6IjFPRTY4QmVVYmpUYzRLZlJRRUxiQUE9PSIsInZhbHVlIjoiL2pYbGtydEdxbWJvblp5aVh4WmdsL1ZDRTdzR0g1L0F3UFNkcTYxMkp6dTB2SlRWbUVxOTRFSDB4VWJnMzhuUVdVVm9TSkJIUFlLYm5RbEFpb0JaUlR3K0FUbk8rVDFvNFQ1dzNEeTJ6SWNrTUVDTnFNeDlzQ05tKzFBbC9ObngiLCJtYWMiOiJmODBhYTYzMTg2MjlmYTUxYzUxODUwNGM4OGNiMDFmNDQxYThmNzkxNjZlOTU2ODQ5NWY2NjljZDI3NDc2OGIxIiwidGFnIjoiIn0%3D
.mybooster.com/ Name: hide_cookie_policy
Value: eyJpdiI6Img5Q05sLytLZ3B1WUlIaWlmbkRoZWc9PSIsInZhbHVlIjoiRWF2aUU2VDRDcXhGd1YweFZQK0NORjM5VFRGMk40M3NYTDRUQkF1cVdxMUNzUUd1bUJEZEhDTDBOU0hjQStxRiIsIm1hYyI6ImQ3YTc4NDVlNmMxNjIyZGI3NTQ1ODhmNjliOWUxMWYxZDgxMWIyY2NlNWI3ZjQwNWZlYmUzNmEwZjNmMDRmNTciLCJ0YWciOiIifQ%3D%3D
.mybooster.com/ Name: _hp2_ses_props.1943480710
Value: %7B%22us%22%3A%22eedayafter%22%2C%22um%22%3A%22email%22%2C%22uc%22%3A%22ssvideo%22%2C%22ua%22%3A%22sponsorpledgeask%22%2C%22ts%22%3A1644978755248%2C%22d%22%3A%22mybooster.com%22%2C%22h%22%3A%22%2Fv3%2Fdash%2FjIDnj-Nm%22%2C%22q%22%3A%22%3Futm_source%3Deedayafter%26utm_medium%3Demail%26utm_content%3Dssvideo%26utm_campaign%3Dsponsorpledgeask%22%7D
.mybooster.com/ Name: _gat
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets-jpcust.jwpsrv.com
auth.split.io
cdn.heapanalytics.com
cdn.split.io
connect.facebook.net
content.jwplatform.com
events.split.io
fonts.googleapis.com
fonts.gstatic.com
funrun-prod.s3.amazonaws.com
heapanalytics.com
mybooster.com
prd.jwpltx.com
script.hotjar.com
sdk.split.io
ssl.p.jwpcdn.com
static.hotjar.com
static.xx.fbcdn.net
stats.g.doubleclick.net
vars.hotjar.com
videos-cloudflare.jwpsrv.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
content.jwplatform.com
events.split.io
108.157.4.7
13.32.121.116
151.101.2.2
151.101.67.9
18.214.171.19
18.66.97.53
2600:9000:225e:3000:1:a3fa:7cc0:93a1
2606:4700::6812:da5
2a00:1450:4001:800::200a
2a00:1450:4001:827::2003
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2004
2a00:1450:400c:c06::9d
2a00:1450:400e:800::200e
2a00:1450:400e:803::2008
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:200::626
34.206.210.180
35.171.59.225
52.217.133.73
52.222.236.43
52.72.213.233
0d672fd24a23248ebd323d33ca77ae1ab562e320f3c7d3ba61103d38012b2ecf
0d76b75a95e883b681546dc20f0675407bae83841f32527609d8940a7e8cf823
176456b092cd1d5d4f005291a165ced9629dc6513d8df0485069d8d8de19c140
19b4c0e48cd68cfc64bd87ecbd811d96ac3dddbfe69cae2287e19a53f99090bd
1cd7eab92dcc04e7057d83a115c54de3d28e12634131e390fc005a06a2071a53
2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95
23b3d2b54537739075db04f57c66bd7a4b95aef7a8d95cfd50516c51ec094250
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bec69cd223b45525d00a1de6ca5a94eeb0236633d8c5e9de09b333b43b30062
2bfe57a23d8ef229c88a3d24babf237122d897f8f6f43e69c6cc4ebe14896687
37618c711df22e3cc165a9a440b6943740396a0612fcf0dafdeec4fde5618e0c
392841e06028f734df3db10b41508241b207f2bc095a85fdbd0b63bf364b58d8
3b3043a59925da95728c8d505da11bc06e2c7a502486e1c84fcc9445dee2ab96
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
4c5db639ccd0ab54a88f7780c1d4216a2e32ef09a1e3b2f11fa42a0f7527ea20
4cd5d51c0d2dc754d6e756033204ff2e492c722eef0ba69624210a14ec94f5e1
5cf7b01e9bad3d3a9da846f6be9bde1e9e50625bc4c0c19ef3f2cc52ab0278b7
60b8295a4ff112d8ccb06428a0faa56cbea24ef1d631718911434311b15de90b
6360a0845402fb69aa28d9ab020d07b68e68ab953bb589ca103a72581553580a
6e6ca8458e665dbb0c6ef4974ee969c1a854bbc5c0f2a66edeebf68b806f3a0e
6ff028713d969369e5c5ce7620e6a54a224b754f787a97a1ab789d9ed98ef64c
73ab66b3bba5cc0179a73a0d0f21a762edc3d7b541fea72517d61b02c9cb08aa
77d863204d1c073b66e4faf8093ea584d3ca27da037d118ecbdd0cede0db4e5b
7b04a0a72f9ba0cee70cbdba99f9ac45a80d260618a778701b079681f01992e9
7c0ebdd66b09f4789b3f427d19020a726ac4be7cc2e0c2d1baf11913a302109a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8d9b77f6b3196afd417391d6f3776960dd37db05d691c4eb73b5b1c076968229
9ab609565ae9e74c14ab7cee7fecb71d8630c1d220718912947bba25575411fd
9cee604111319ff2ecbf101a286b002f021b2d553fe1e8048dd570ef25eeb2ad
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a723d0f43fd09a07247f03f1f776d2833f10c6b035ac3e448ef49dfff6d50e76
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aefe09194c600df28a1d55fd7148031678d5d7a19d337d532cb4efcecff81869
b2afb3001eea0048c361f04782638dbf9e391773be594edcd6f3f0f13098f32e
ba90601566675534a8efef821728f11409d22756130693619771cb9eeb7e333b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2db3951db9f6347a72eaff1a8c564baf4f6876d6699bc56d5df96ec2bbe662
bb5e2ea41114aac7cc85db465754f2f71644dc601ff16689ac1c3afbddc66138
bc77f593a9905244fe035916bcb8f189dcf357eba369645edbc08d5e54e71481
c184d109e21a7d81a00b6196811413901f9c3dd66e6dc5a52deb53c725e3bfea
c2765958da9b8e78abf7cb4db8259a58057c71bbcbea2d394096b143121f3fdd
c679492caf13cd4940c5f93844f65b1317b16ec768b363a8b177f9e6d8b5b81f
cf016295997068c6cd58f52c4fca8fdec2806b76e09b12521fcf734e0fcbf5f5
d581639c3efe2314fc804f8b2d5e2bc95ada3b486f4da4b4a5661c458cbb4206
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e287557427be813737c082e6f853e5abe5d9ecffac84a7d89219079975a8ca8e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8a5a6c756fc393f489775f4a4a35a17bb194541f665d60e7b8e6aabec347a6f
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0180347aaa59315dbec8ed6f465ffe2843a4df4bb6e49a7748604cf5f2ecf4d
f9d11cb857627083b322bf5cdc1bd49888220a990172060d6e7d2a359d563efa