save-hens.safe.org.nz Open in urlscan Pro
2a09:8280:1:9169:525:6faf:8a6f:9ab1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://save-hens.safe.org.nz/
Submission: On September 18 via automatic, source certstream-suspicious (September 18th 2022, 11:13:50 pm UTC) — Scanned from DE

Summary HTTP 51 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 13 domains to perform 51 HTTP transactions. The main IP is 2a09:8280:1:9169:525:6faf:8a6f:9ab1, located in United States and belongs to FLY, US. The main domain is save-hens.safe.org.nz.
TLS certificate: Issued by R3 on September 18th 2022. Valid for: 3 months.

This is the only time save-hens.safe.org.nz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a09:8280:1:9... 2a09:8280:1:9169:525:6faf:8a6f:9ab1	40509 (FLY) (FLY)
14	2606:4700:10:... 2606:4700:10::ac43:76c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
8	2606:4700:10:... 2606:4700:10::6816:4662	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.180.12.68 185.180.12.68	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
11	2a04:4e42:3::720 2a04:4e42:3::720	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
51	15

1 2a09:8280:1:9169:525:6faf:8a6f:9ab1 (United States)

ASN40509 (FLY, US)

save-hens.safe.org.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:10::ac43:76c (United States)

ASN13335 (CLOUDFLARENET, US)

api.raisely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:10::6816:4662 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.raisely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.180.12.68 (Vienna, Austria)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-731.bunnyinfra.net

superb-rudolph.raisely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a04:4e42:3::720 (United States)

ASN54113 (FASTLY, US)

raisely-images.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	raisely.com api.raisely.com — Cisco Umbrella Rank: 721679 cdn.raisely.com — Cisco Umbrella Rank: 722026 superb-rudolph.raisely.com — Cisco Umbrella Rank: 938229	593 KB
11	imgix.net raisely-images.imgix.net — Cisco Umbrella Rank: 898857	642 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	199 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	20 KB
2	gstatic.com fonts.gstatic.com	16 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6352	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79	446 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	42 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	410 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40	2 KB
1	safe.org.nz save-hens.safe.org.nz	91 KB
0	stripe.com Failed js.stripe.com Failed
51	13

	Domain	Requested by
14	api.raisely.com	save-hens.safe.org.nz cdn.raisely.com
11	raisely-images.imgix.net	save-hens.safe.org.nz
8	cdn.raisely.com	save-hens.safe.org.nz
4	connect.facebook.net	save-hens.safe.org.nz connect.facebook.net cdn.raisely.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
1	www.google.de	save-hens.safe.org.nz
1	www.google.com	save-hens.safe.org.nz
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagmanager.com	cdn.raisely.com
1	www.facebook.com	save-hens.safe.org.nz
1	fonts.googleapis.com	api.raisely.com
1	superb-rudolph.raisely.com	save-hens.safe.org.nz
1	save-hens.safe.org.nz
0	js.stripe.com Failed	cdn.raisely.com
51	15

This site contains links to these domains. Also see Links.

Domain
raisely.com

Subject Issuer	Validity	Valid
save-hens.safe.org.nz R3	`2022-09-18` - `2022-12-17`	3 months	crt.sh
raisely.com Cloudflare Inc ECC CA-3	`2022-05-06` - `2023-05-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-28` - `2022-09-26`	3 months	crt.sh
superb-rudolph.raisely.com R3	`2022-08-09` - `2022-11-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-06-01` - `2023-07-03`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://save-hens.safe.org.nz/
Frame ID: D2DD3722F785E6AB9A7C81CB5D97B8B1
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Save HensRaisely

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

51
Requests

96 %
HTTPS

93 %
IPv6

13
Domains

15
Subdomains

15
IPs

4
Countries

1607 kB
Transfer

4167 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://raisely.com/?utm_source=footer&utm_medium=organic&utm_campaign=sign_up&utm_content=save-hens
Title: Powered byRaisely

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
save-hens.safe.org.nz/ 433 KB
91 KB 285ms
242ms Document
text/html 2a09:8280:1:9169:525:6faf:8a6f:9ab1
FLY

General

Check archive.org

Show headers Download Go to

Full URL

https://save-hens.safe.org.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1:9169:525:6faf:8a6f:9ab1 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/2ceba9e7 (2022-09-17) /

Resource Hash

d3346607515f82252ecec643066b1e67c5a0c6eb2e0bd9abdba7a711af9aa135

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.raisely.com save-hens.safe.org.nz;
Strict-Transport-Security	max-age=86400;
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=30, s-maxage=60
content-encoding: gzip
content-security-policy: frame-ancestors *.raisely.com save-hens.safe.org.nz;
content-type: text/html; charset=utf-8
date: Sun, 18 Sep 2022 23:13:41 GMT
fly-request-id: 01GD9E20KHBX79SGS3KM6GA2DA-fra
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
request-id: 5e95aa2b-1c91-4b29-977f-5c43bc50d035
server: Fly/2ceba9e7 (2022-09-17)
strict-transport-security: max-age=86400;
via: 2 fly.io
x-connection-region: fra
x-frame-options: DENY
x-raisely-cache-status: MISS
x-server-region: ord

GET
H2 200 styles.css
api.raisely.com/v3/campaigns/be12a2f0-33ab-11ed-a6f1-ff641694cb11/ 85 KB
12 KB 1144ms
1079ms Stylesheet
text/css 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/campaigns/be12a2f0-33ab-11ed-a6f1-ff641694cb11/styles.css

Requested by

Host: save-hens.safe.org.nz
URL: https://save-hens.safe.org.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5cbc006636c864bd64231498383cbae42991879fbefca498aaad8346035cf8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://save-hens.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 23:13:43 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
strict-transport-security: max-age=15552000; includeSubDomains; preload
request-id: 5301b6b7-7c38-4da9-8cde-5d7fb1125cfe
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 18 Sep 2022 23:13:43 GMT
server: cloudflare
x-cloud-trace-context: a811c492ead72f4b22f877072cf2b93b/4489000194801207;o=1
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: text/css; charset=utf-8
access-control-allow-origin: undefined
vary: Accept-Encoding
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
cf-ray: 74cdc60eadcacc56-ZRH
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset

GET
H2 200 sdk.js Show response
connect.facebook.net/en_GB/ 3 KB
2 KB 69ms
17ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js

Requested by

Host: save-hens.safe.org.nz
URL: https://save-hens.safe.org.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

595fb68d990f8c2e7bcec5e642df9b00666e8932c8721b804b11e4b9d83d4e55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://save-hens.safe.org.nz/
Origin: https://save-hens.safe.org.nz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: lWlfpKLNbckIJMJylDDsAA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: 3i8P0vaFKj1eqf8xahTOA+vyzd+Xm6Nrm9ivTve92rZDnGfBaqakT9Wi7nSNBeMVrFbXQKxlviuFs+IWc5Vo8g==
x-fb-trip-id: 686109401
x-fb-content-md5: 790aa7c36c2c8985d067f865014f2c15
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 18 Sep 2022 23:13:42 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "138cea161d16ff7d3ffca85606602fcf"
timing-allow-origin: *
priority: u=1,i
expires: Sun, 18 Sep 2022 23:15:40 GMT

GET
H2 200 vendor.29c0e.bundle.js Show response
cdn.raisely.com/v3/ 282 KB
89 KB 120ms
60ms Script
application/javascript 2606:4700:10::6816:4662
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.raisely.com/v3/vendor.29c0e.bundle.js

Requested by

Host: save-hens.safe.org.nz
URL: https://save-hens.safe.org.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4662 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c0a0cd310cd3e63daa90db8e11dc291a4f9bdd30feb8f57a2e0460294282df9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://save-hens.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 23:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1663326314
age: 42218
x-guploader-uploadid: ADPycdsW9_937pkSYPf4SVEaz7SxuAjULA7ZJngD3YAeDiAG0PATzWZ-rZStGCFIhAyRPAUzHhw1XmrqdePlPdjIcleS2g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 18 Sep 2023 11:30:04 GMT
last-modified: Fri, 16 Sep 2022 11:06:35 GMT
server: cloudflare
etag: W/"d24ced864f5fb3b40dabb440a9316c51"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-goog-hash: crc32c=f567Dg==, md5=0kzthk9fs7QNq7RAqTFsUQ==
x-goog-generation: 1663326394995576
access-control-allow-origin: *
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
x-goog-stored-content-length: 289166
cf-ray: 74cdc60ebb3a2325-ZRH
access-control-expose-headers: Content-Type, x-session-id

GET
H2 200 polyfill.29c0e.bundle.js Show response
cdn.raisely.com/v3/ 128 KB
42 KB 118ms
58ms Script
application/javascript 2606:4700:10::6816:4662
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.raisely.com/v3/polyfill.29c0e.bundle.js

Requested by

Host: save-hens.safe.org.nz
URL: https://save-hens.safe.org.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4662 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

748946db8a26d574fca067204deb081d499be5e0725191015f5ddde35efd7382

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://save-hens.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 23:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1663326314
age: 42218
x-guploader-uploadid: ADPycdtAkK40z4NYT753hZn6-ykj-Pl48eSOlZ96mgDeB1Rvkv1kEpRngPh_ATW8hGJopF2XPgEP_WkXeFQguY6yTPle3w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 18 Sep 2023 11:30:04 GMT
last-modified: Fri, 16 Sep 2022 11:06:34 GMT
server: cloudflare
etag: W/"ba7ed8c076a5cab512fb7df0ea61d23d"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-goog-hash: crc32c=DE3UBw==, md5=un7YwHalyrUS+33w6mHSPQ==
x-goog-generation: 1663326394035395
access-control-allow-origin: *
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
x-goog-stored-content-length: 131371
cf-ray: 74cdc60ebb3b2325-ZRH
access-control-expose-headers: Content-Type, x-session-id

GET
H2 200 editor.29c0e.bundle.js Show response
cdn.raisely.com/v3/ 810 KB
212 KB 119ms
59ms Script
application/javascript 2606:4700:10::6816:4662
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.raisely.com/v3/editor.29c0e.bundle.js

Requested by

Host: save-hens.safe.org.nz
URL: https://save-hens.safe.org.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4662 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2edf477b34eeaf13d8bb762880aad797ae514af6836d1658a9b43bc26c90a703

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://save-hens.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 23:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1663326314
age: 42218
x-guploader-uploadid: ADPycdvpnVUyP0vq1n5mUQ3K3se7BGRxP5xsy5gfIetH8XRo7k5PCvDRn9cBenUmScRrwMUitfhP0nN72oxTFU4g4KK0tA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 18 Sep 2023 11:30:04 GMT
last-modified: Fri, 16 Sep 2022 11:06:33 GMT
server: cloudflare
etag: W/"6599e3737e150bcbc54bf8d3d9427c2d"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-goog-hash: crc32c=hUUbWw==, md5=ZZnjc34VC8vFS/jT2UJ8LQ==
x-goog-generation: 1663326393938461
access-control-allow-origin: *
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
x-goog-stored-content-length: 829416
cf-ray: 74cdc60ebb3c2325-ZRH
access-control-expose-headers: Content-Type, x-session-id

GET
H2 200 common+api.29c0e.bundle.js Show response
cdn.raisely.com/v3/ 144 KB
35 KB 98ms
39ms Script
application/javascript 2606:4700:10::6816:4662
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.raisely.com/v3/common+api.29c0e.bundle.js

Requested by

Host: save-hens.safe.org.nz
URL: https://save-hens.safe.org.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4662 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09306d45a56d4b23ad24b5d37b4ed3bc53ce234e958289215b850b872e30d705

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://save-hens.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 23:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1663326314
age: 42218
x-guploader-uploadid: ADPycdtrXIT4_8Hxrm5VsLaexwja-sRhDe6ArTzPaTzf9K1awav_ruXixArPSHBcWitqIujlhUh5vh5S196L6mhGyFjzII5Y6JvE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 18 Sep 2023 11:30:04 GMT
last-modified: Fri, 16 Sep 2022 11:06:33 GMT
server: cloudflare
etag: W/"ea92bc3dc45d5b464e8a3ab6a6c474b7"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-goog-hash: crc32c=PmWFVw==, md5=6pK8PcRdW0ZOijq2psR0tw==
x-goog-generation: 1663326393795263
access-control-allow-origin: *
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
x-goog-stored-content-length: 147667
cf-ray: 74cdc60ebb3d2325-ZRH
access-control-expose-headers: Content-Type, x-session-id

GET
H2 200 sentry.29c0e.bundle.js Show response
cdn.raisely.com/v3/ 71 KB
20 KB 93ms
34ms Script
application/javascript 2606:4700:10::6816:4662
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.raisely.com/v3/sentry.29c0e.bundle.js

Requested by

Host: save-hens.safe.org.nz
URL: https://save-hens.safe.org.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4662 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95df2aad4647b6fb6d81c46c1c427edbfc504b9c585da7048ef26b2f70d8fffc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://save-hens.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 23:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1663326314
age: 42218
x-guploader-uploadid: ADPycduMRu7n70CAbidUDhLdemmv5h4_UUyPcH-xEmbCzmUK5EzbfXFiIZpT3Yx_StZGxncOd5SnWJ6aUXrDFNRrgY-iI6xjGfUi
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 18 Sep 2023 11:30:04 GMT
last-modified: Fri, 16 Sep 2022 11:06:34 GMT
server: cloudflare
etag: W/"c40114ca7b2290ee0c4838b2a6f78d5c"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-goog-hash: crc32c=g3J3Sw==, md5=xAEUynsikO4MSDiypveNXA==
x-goog-generation: 1663326394881436
access-control-allow-origin: *
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
x-goog-stored-content-length: 72375
cf-ray: 74cdc60ebb412325-ZRH
access-control-expose-headers: Content-Type, x-session-id

GET
H2 200 inputs.29c0e.bundle.js Show response
cdn.raisely.com/v3/ 54 KB
12 KB 118ms
59ms Script
application/javascript 2606:4700:10::6816:4662
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.raisely.com/v3/inputs.29c0e.bundle.js

Requested by

Host: save-hens.safe.org.nz
URL: https://save-hens.safe.org.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4662 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99bdabb19d46120c330ec9c62e232dd6f246c3aa0d221e2cbe6d394f9f54e583

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://save-hens.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 23:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1663326314
age: 42218
x-guploader-uploadid: ADPycduvIF6mJIfr-63H1wbcYVDINJm37LIiWIrnyLTI7rVDEFvqt-BLefYIzVFZgQc0S5taxxFCpiEsQkFAiVqwmqkm-eGn1mFm
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 18 Sep 2023 11:30:04 GMT
last-modified: Fri, 16 Sep 2022 11:06:33 GMT
server: cloudflare
etag: W/"8159122a8c79e946a51c2d553b124c91"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-goog-hash: crc32c=x8QT8Q==, md5=gVkSKox56UalHC1VOxJMkQ==
x-goog-generation: 1663326393780515
access-control-allow-origin: *
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
x-goog-stored-content-length: 55104
cf-ray: 74cdc60ebb422325-ZRH
access-control-expose-headers: Content-Type, x-session-id

GET
H2 200 core-styles.29c0e.bundle.js Show response
cdn.raisely.com/v3/ 186 B
797 B 91ms
32ms Script
application/javascript 2606:4700:10::6816:4662
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.raisely.com/v3/core-styles.29c0e.bundle.js

Requested by

Host: save-hens.safe.org.nz
URL: https://save-hens.safe.org.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4662 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e038b9d08aa52236f78b1af732b7f4a87b932dfe25262927ebffc05b60b3bc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://save-hens.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 23:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1663326314
age: 42218
x-guploader-uploadid: ADPycdtD7pzwGrC6QP7MFOhyQHcJ6vwOcjbQI_Md8BOBw6VPsQLMK2OrRutcbgXMGTe53zBDO3SYZbN9cwdxG0oDtOHO8fb09zpT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 18 Sep 2023 11:30:04 GMT
last-modified: Fri, 16 Sep 2022 11:06:33 GMT
server: cloudflare
etag: W/"9ee89d974b8f6de385968f24dd6947e7"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-goog-hash: crc32c=WxMt1w==, md5=nuidl0uPbeOFlo8k3WlH5w==
x-goog-generation: 1663326393787435
access-control-allow-origin: *
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
x-goog-stored-content-length: 186
cf-ray: 74cdc60ebb3f2325-ZRH
access-control-expose-headers: Content-Type, x-session-id

GET
H2 200 app.29c0e.bundle.js Show response
cdn.raisely.com/v3/ 520 KB
153 KB 96ms
38ms Script
application/javascript 2606:4700:10::6816:4662
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.raisely.com/v3/app.29c0e.bundle.js

Requested by

Host: save-hens.safe.org.nz
URL: https://save-hens.safe.org.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4662 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d598c29412ef0cd35fe19215a8cea3c0ac0eb25b4102e4e4d36f8903434578c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://save-hens.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 23:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1663326314
age: 42218
x-guploader-uploadid: ADPycdtMZUZ3HSXzMYX40Crm_jwxVp03ZCGQOeNxd-QKxP6xRK-QHBzqrLu0w9mqSbq_sFcqSU-cldQoEzRVe1RZH72FTUBwdlB3
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 18 Sep 2023 11:30:04 GMT
last-modified: Fri, 16 Sep 2022 11:06:33 GMT
server: cloudflare
etag: W/"ec34914753bbbf93ddc6a624a4dcd024"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-goog-hash: crc32c=hQv5Gg==, md5=7DSRR1O7v5PdxqYkpNzQJA==
x-goog-generation: 1663326393827467
access-control-allow-origin: *
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
x-goog-stored-content-length: 532724
cf-ray: 74cdc60ebb3e2325-ZRH
access-control-expose-headers: Content-Type, x-session-id

GET
H2 200 components.js Show response
api.raisely.com/v3/campaigns/be12a2f0-33ab-11ed-a6f1-ff641694cb11/ 90 B
880 B 313ms
272ms Script
application/javascript 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/campaigns/be12a2f0-33ab-11ed-a6f1-ff641694cb11/components.js

Requested by

Host: save-hens.safe.org.nz
URL: https://save-hens.safe.org.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5b0186a5bb9858f730ed0311c9d5bc7826cf8ce3d49ce97010b335888963917

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://save-hens.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 23:13:42 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
strict-transport-security: max-age=15552000; includeSubDomains; preload
request-id: 761dd9d1-272b-4f90-9508-658b26d875b6
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 18 Sep 2022 23:13:42 GMT
server: cloudflare
x-cloud-trace-context: 9df3da6d32bc2d3abbb308557c595cbb/11529076973682325219;o=1
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: undefined
vary: Accept-Encoding
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
cf-ray: 74cdc60eadcbcc56-ZRH
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset

GET
H2 200 script.js Show response
superb-rudolph.raisely.com/ 6 KB
2 KB 146ms
27ms Script
application/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://superb-rudolph.raisely.com/script.js
Requested by: Host: save-hens.safe.org.nz
URL: https://save-hens.safe.org.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT-731 /
Resource Hash: de37a8ced3c2cbbb8703819bf19497c39572df574bef15407936bd3f60cc24f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://save-hens.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 23:13:42 GMT
content-encoding: br
cdn-edgestorageid: 731
x-amz-request-id: 77NEDXY9S90RF6C0
cdn-cachedat: 09/14/2022 23:18:36
cdn-pullzone: 766044
x-amz-id-2: YOIbiHMeDkmQXFBaaROBKU0jwtGA/acUdgll+juMjUS0KMteS9V0k6A35mNby2N+qHwKsx+8uH4=
server: BunnyCDN-AT-731
last-modified: Mon, 12 Sep 2022 15:07:00 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"86eac6eb96c742531f1530d284adc882"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: aa90c48b-f401-4fa1-aac1-c94c8f3ae560
cache-control: public, max-age=0
cdn-requestid: f49917542735ca4181e145ae61602088
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 15 KB
2 KB 69ms
27ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Material%20Icons|Open+Sans:400,700,400i,700i|Poppins:400,700,400i,700i,bold,boldi,bold,boldi,bold,boldi,bold,boldi,bold,boldi,bold,boldi

Requested by

Host: api.raisely.com
URL: https://api.raisely.com/v3/campaigns/be12a2f0-33ab-11ed-a6f1-ff641694cb11/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

93083abe04ab3fbb73e14133bee0a85d867e8a91662e3cbd6d3ea48bb51117f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.raisely.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Sep 2022 23:13:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 18 Sep 2022 23:13:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Sep 2022 23:13:43 GMT

OPTIONS
H3 200 locate
api.raisely.com/v3/utils/ 0
0 225ms
197ms Preflight
text/plain 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/utils/locate?campaign=be12a2f0-33ab-11ed-a6f1-ff641694cb11

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://save-hens.safe.org.nz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://save-hens.safe.org.nz
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 74cdc616fdde0215-ZRH
content-length: 2
content-type: text/plain; charset=utf-8
date: Sun, 18 Sep 2022 23:13:43 GMT
request-id: 645ca9e1-e885-4300-b53e-6c49df5e0f39
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 google
x-cloud-trace-context: a7955a19ca3f310f012f2cbd48281629/16372867920790926160
x-content-type-options: nosniff

OPTIONS
H3 200 donations
api.raisely.com/v3/ 0
0 209ms
209ms Preflight
text/plain 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/donations?campaign=be12a2f0-33ab-11ed-a6f1-ff641694cb11&displayTotalGT=0&limit=10&offset=0&order=desc&sort=date

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://save-hens.safe.org.nz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://save-hens.safe.org.nz
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 74cdc617be800215-ZRH
content-length: 2
content-type: text/plain; charset=utf-8
date: Sun, 18 Sep 2022 23:13:43 GMT
request-id: 05217042-e482-4c23-a857-8889cdaaae19
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 google
x-cloud-trace-context: b468957df62098e3db5257b467264a8d/11536550193633704986
x-content-type-options: nosniff

OPTIONS
H3 200 select
api.raisely.com/v3/campaigns/be12a2f0-33ab-11ed-a6f1-ff641694cb11/providers/ 0
0 196ms
195ms Preflight
text/plain 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/campaigns/be12a2f0-33ab-11ed-a6f1-ff641694cb11/providers/select?campaign=be12a2f0-33ab-11ed-a6f1-ff641694cb11

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://save-hens.safe.org.nz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://save-hens.safe.org.nz
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 74cdc617be830215-ZRH
content-length: 2
content-type: text/plain; charset=utf-8
date: Sun, 18 Sep 2022 23:13:43 GMT
request-id: e1aa7dc7-e9d7-4ef0-8ee4-3c42406fd893
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 google
x-cloud-trace-context: 7a84d0cfb661a3def37d753195c79e9e/4999422537368457995
x-content-type-options: nosniff

OPTIONS
H3 200 select
api.raisely.com/v3/campaigns/be12a2f0-33ab-11ed-a6f1-ff641694cb11/providers/ 0
0 196ms
196ms Preflight
text/plain 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/campaigns/be12a2f0-33ab-11ed-a6f1-ff641694cb11/providers/select?campaign=be12a2f0-33ab-11ed-a6f1-ff641694cb11

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://save-hens.safe.org.nz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://save-hens.safe.org.nz
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 74cdc617de970215-ZRH
content-length: 2
content-type: text/plain; charset=utf-8
date: Sun, 18 Sep 2022 23:13:43 GMT
request-id: cd59673a-c99b-4298-a1b7-6f5db6d5461d
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 google
x-cloud-trace-context: c8e908741ef7e8927fa6a50e9c208bb6/9615658777240864152
x-content-type-options: nosniff

OPTIONS
H3 200 select
api.raisely.com/v3/campaigns/be12a2f0-33ab-11ed-a6f1-ff641694cb11/providers/ 0
0 193ms
193ms Preflight
text/plain 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/campaigns/be12a2f0-33ab-11ed-a6f1-ff641694cb11/providers/select?campaign=be12a2f0-33ab-11ed-a6f1-ff641694cb11

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://save-hens.safe.org.nz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://save-hens.safe.org.nz
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 74cdc617de990215-ZRH
content-length: 2
content-type: text/plain; charset=utf-8
date: Sun, 18 Sep 2022 23:13:43 GMT
request-id: 5859614a-e2ba-4b5c-8b42-c93e603a4a94
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 google
x-cloud-trace-context: fd429c3dde911ec89789077823de3c51/4323164808004270120
x-content-type-options: nosniff

GET /
js.stripe.com/v3/ 0
0

GET
H3 200 locate Show response
api.raisely.com/v3/utils/ 29 B
696 B 172ms
172ms Fetch
application/json 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/utils/locate?campaign=be12a2f0-33ab-11ed-a6f1-ff641694cb11

Requested by

Host: cdn.raisely.com
URL: https://cdn.raisely.com/v3/app.29c0e.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

416c8ffa1a59d4cae68371a6582210d44fd0aa1539299bc807f345e08dbc0cef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://save-hens.safe.org.nz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 18 Sep 2022 23:13:43 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
access-control-max-age: 86400
request-id: 757527a9-93c0-4e84-aabb-57a0b64b10f0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://save-hens.safe.org.nz
x-cloud-trace-context: 9ceb10bbce5e402f4f827d373a6b0e1c/18267175252276530067;o=1
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
cf-ray: 74cdc6183eef0215-ZRH
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset

GET
H2 200 doris-jpg-c2745c.jpg
raisely-images.imgix.net/free-hens/uploads/ 107 KB
107 KB 113ms
38ms Image
image/avif 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/free-hens/uploads/doris-jpg-c2745c.jpg?fit=max&w=2000&auto=format&q=62

Requested by

Host: save-hens.safe.org.nz
URL: https://save-hens.safe.org.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

cc0e0dc8b4c0fa856382e562030f5ca48bd27279e85e3404d4e252d4a06fb0ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://save-hens.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 23:13:43 GMT
x-content-type-options: nosniff
age: 438106
x-cache: HIT, HIT
x-imgix-id: bfef2fb1f35bf39dc9f9b2acf69737742554cd97
content-length: 109596
x-imgix-render-farm: 01.560
last-modified: Tue, 13 Sep 2022 21:31:57 GMT
server: imgix
x-served-by: cache-sjc10065-SJC, cache-fra19177-FRA
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-resource-policy: cross-origin

GET
H2 200 safenz-2022-dig-acq-lp-ask-image-1-480-x-280-v-1-jpg-dc7b8e.jpg
raisely-images.imgix.net/save-hens/uploads/ 20 KB
20 KB 133ms
60ms Image
image/avif 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/save-hens/uploads/safenz-2022-dig-acq-lp-ask-image-1-480-x-280-v-1-jpg-dc7b8e.jpg?fit=max&w=1024&auto=format&q=62

Requested by

Host: save-hens.safe.org.nz
URL: https://save-hens.safe.org.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

022304c464809fe1248fd08bbb9792f483d92d953e41ae980d98d0fdecfa112d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://save-hens.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 23:13:43 GMT
x-content-type-options: nosniff
age: 437030
x-cache: HIT, HIT
x-imgix-id: a73d87d23296cc123ea61ff53969478f603f068e
content-length: 20009
x-imgix-render-farm: 01.560
last-modified: Tue, 13 Sep 2022 21:49:53 GMT
server: imgix
x-served-by: cache-sjc10071-SJC, cache-fra19177-FRA
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-resource-policy: cross-origin

GET
H2 200 safenz-2022-dig-acq-lp-ask-image-2-480-x-280-v-1-jpg-48b3de.jpg
raisely-images.imgix.net/save-hens/uploads/ 30 KB
30 KB 134ms
61ms Image
image/avif 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/save-hens/uploads/safenz-2022-dig-acq-lp-ask-image-2-480-x-280-v-1-jpg-48b3de.jpg?fit=max&w=1024&auto=format&q=62

Requested by

Host: save-hens.safe.org.nz
URL: https://save-hens.safe.org.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

8472c71a24e643998f9cb4c6c56045ea4ddad599644e83c6888bcd72daa3afc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://save-hens.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 23:13:43 GMT
x-content-type-options: nosniff
age: 437090
x-cache: HIT, HIT
x-imgix-id: 6cef97eb8b67dd6240a1244404d4b1a47df91ad1
content-length: 30897
x-imgix-render-farm: 01.560
last-modified: Tue, 13 Sep 2022 21:48:53 GMT
server: imgix
x-served-by: cache-sjc10034-SJC, cache-fra19177-FRA
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-resource-policy: cross-origin

GET
H2 200 safenz-2022-dig-acq-lp-ask-image-3-480-x-280-v-1-jpg-3d4fe6.jpg
raisely-images.imgix.net/save-hens/uploads/ 21 KB
22 KB 134ms
61ms Image
image/avif 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/save-hens/uploads/safenz-2022-dig-acq-lp-ask-image-3-480-x-280-v-1-jpg-3d4fe6.jpg?fit=max&w=1024&auto=format&q=62

Requested by

Host: save-hens.safe.org.nz
URL: https://save-hens.safe.org.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

e4ae390cdf7904ff153632350f49351cb588a4367288594a25d526b662d001b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://save-hens.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 23:13:43 GMT
x-content-type-options: nosniff
age: 437052
x-cache: MISS, HIT
x-imgix-id: 779569d4e280ac0ccd819fc259cd6f75a5c50a07
content-length: 21965
x-imgix-render-farm: 01.560
last-modified: Tue, 13 Sep 2022 21:49:31 GMT
server: imgix
x-served-by: cache-sjc10079-SJC, cache-fra19177-FRA
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-resource-policy: cross-origin

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 63ms
20ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Material%20Icons|Open+Sans:400,700,400i,700i|Poppins:400,700,400i,700i,bold,boldi,bold,boldi,bold,boldi,bold,boldi,bold,boldi,bold,boldi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://save-hens.safe.org.nz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 19:24:52 GMT
x-content-type-options: nosniff
age: 359331
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 19:24:52 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 58ms
16ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://save-hens.safe.org.nz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 19:25:00 GMT
x-content-type-options: nosniff
age: 359323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 19:25:00 GMT

GET
H2 200 blue-full-png-dcc38b.png
raisely-images.imgix.net/free-hens/uploads/ 68 KB
68 KB 43ms
15ms Image
image/avif 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/free-hens/uploads/blue-full-png-dcc38b.png?fit=max&w=1000&auto=format&q=62

Requested by

Host: save-hens.safe.org.nz
URL: https://save-hens.safe.org.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

b0a29af6abd7b7399baf0fa46d962bb273efa7d70042d7fbbaa64948c6025f9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://save-hens.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 23:13:43 GMT
x-content-type-options: nosniff
age: 2
x-cache: MISS, HIT
x-imgix-id: c9f58f8886f932d07b00a14fe87c92f77a5695e4
content-length: 69278
x-imgix-render-farm: 01.560
last-modified: Sun, 18 Sep 2022 23:13:41 GMT
server: imgix
x-served-by: cache-sjc10082-SJC, cache-fra19177-FRA
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-resource-policy: cross-origin

GET
H2 200 doris-jpg-c2745c.jpg
raisely-images.imgix.net/free-hens/uploads/ 107 KB
107 KB 89ms
62ms Image
image/avif 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/free-hens/uploads/doris-jpg-c2745c.jpg?fit=max&w=1024&auto=format&q=62

Requested by

Host: save-hens.safe.org.nz
URL: https://save-hens.safe.org.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

cc0e0dc8b4c0fa856382e562030f5ca48bd27279e85e3404d4e252d4a06fb0ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://save-hens.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 23:13:43 GMT
x-content-type-options: nosniff
age: 1
x-cache: MISS, HIT
x-imgix-id: 15821749c7fe851f42ee38e54fb3e6a0230f2bdc
content-length: 109596
x-imgix-render-farm: 01.560
last-modified: Sun, 18 Sep 2022 23:13:42 GMT
server: imgix
x-served-by: cache-sjc10047-SJC, cache-fra19177-FRA
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-resource-policy: cross-origin

GET
H2 200 safenz-2022-dig-acq-lp-header-template-a-v-1-jpg-90ac91.jpg
raisely-images.imgix.net/save-hens/uploads/ 58 KB
58 KB 64ms
40ms Image
image/avif 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/save-hens/uploads/safenz-2022-dig-acq-lp-header-template-a-v-1-jpg-90ac91.jpg?fit=max&w=1024&auto=format&q=62

Requested by

Host: save-hens.safe.org.nz
URL: https://save-hens.safe.org.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

9f5ca400ce72c63158992055cbefc875c114e2e01b14bcb576129f9035216fb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://save-hens.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 23:13:43 GMT
x-content-type-options: nosniff
age: 437367
x-cache: HIT, HIT
x-imgix-id: 1d8a9e5f9c1f1cc526197e5c630c2444b00b9928
content-length: 59571
x-imgix-render-farm: 01.560
last-modified: Tue, 13 Sep 2022 21:44:16 GMT
server: imgix
x-served-by: cache-sjc10021-SJC, cache-fra19177-FRA
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-resource-policy: cross-origin

GET
H2 200 doris-jpg-c2745c.jpg
raisely-images.imgix.net/free-hens/uploads/ 81 KB
81 KB 74ms
74ms Image
image/avif 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/free-hens/uploads/doris-jpg-c2745c.jpg?fit=max&w=750&auto=format&q=62

Requested by

Host: save-hens.safe.org.nz
URL: https://save-hens.safe.org.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

a7bcc86aebdb7ded153ab87afbd54a5ad423f5eb4d0efa51d4031e7e208f2668

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://save-hens.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 23:13:43 GMT
x-content-type-options: nosniff
age: 437006
x-cache: HIT, HIT
x-imgix-id: ceb90be71282e3bd6a847ac87df283e36a7daf80
content-length: 82702
x-imgix-render-farm: 01.560
last-modified: Tue, 13 Sep 2022 21:50:17 GMT
server: imgix
x-served-by: cache-sjc10023-SJC, cache-fra19177-FRA
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-resource-policy: cross-origin

GET
H3 200 donations Show response
api.raisely.com/v3/ 2 KB
2 KB 413ms
411ms Fetch
application/json 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/donations?campaign=be12a2f0-33ab-11ed-a6f1-ff641694cb11&displayTotalGT=0&limit=10&offset=0&order=desc&sort=date

Requested by

Host: cdn.raisely.com
URL: https://cdn.raisely.com/v3/app.29c0e.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d115c05ada31d4a93ce0a48a78c17c3751371bac39e3b27bd2b759d770d52d77

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://save-hens.safe.org.nz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 18 Sep 2022 23:13:44 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
access-control-max-age: 86400
request-id: 616326c6-cb19-4df3-8931-12a6daf72726
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://save-hens.safe.org.nz
x-cloud-trace-context: 5be062df89c30dd46df651785f8fe1d9/4074325163348659885;o=1
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
cf-ray: 74cdc6190f9b0215-ZRH
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset

POST
H3 200 select Show response
api.raisely.com/v3/campaigns/be12a2f0-33ab-11ed-a6f1-ff641694cb11/providers/ 187 B
847 B 185ms
184ms Fetch
application/json 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/campaigns/be12a2f0-33ab-11ed-a6f1-ff641694cb11/providers/select?campaign=be12a2f0-33ab-11ed-a6f1-ff641694cb11

Requested by

Host: cdn.raisely.com
URL: https://cdn.raisely.com/v3/app.29c0e.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8c07159630037d681b24f395800599f85865ef961db8f1c1983f50adfcbdb72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://save-hens.safe.org.nz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 18 Sep 2022 23:13:43 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
access-control-max-age: 86400
request-id: 7288dfb5-29d7-4fa8-9f59-068e4b149215
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://save-hens.safe.org.nz
x-cloud-trace-context: c9609f440503d5e7d43f5d8d5c481775/4013817251347997988
cache-control: public, max-age=300, s-maxage=300
access-control-allow-credentials: true
cf-ray: 74cdc618ff930215-ZRH
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset

GET
DATA 200
OK truncated
/ 227 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c5d0dd081e3225e936fe080371c2b7d53b52e269abf3f730aa1a3282f6f2761

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 224 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 808ebf38c291dc03ea969d5b2c24c3e8269b65e930effd0dc6a88ce25ab86cc0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 200 select Show response
api.raisely.com/v3/campaigns/be12a2f0-33ab-11ed-a6f1-ff641694cb11/providers/ 187 B
849 B 188ms
187ms Fetch
application/json 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/campaigns/be12a2f0-33ab-11ed-a6f1-ff641694cb11/providers/select?campaign=be12a2f0-33ab-11ed-a6f1-ff641694cb11

Requested by

Host: cdn.raisely.com
URL: https://cdn.raisely.com/v3/app.29c0e.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8c07159630037d681b24f395800599f85865ef961db8f1c1983f50adfcbdb72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://save-hens.safe.org.nz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 18 Sep 2022 23:13:44 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
access-control-max-age: 86400
request-id: 4a0d7a7b-fa17-43cd-88e8-328a278a3684
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://save-hens.safe.org.nz
x-cloud-trace-context: 26cd1c5482a077e69c634b2e05c384ee/17495597223547620261;o=1
cache-control: public, max-age=300, s-maxage=300
access-control-allow-credentials: true
cf-ray: 74cdc6191fa00215-ZRH
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset

POST
H3 200 select Show response
api.raisely.com/v3/campaigns/be12a2f0-33ab-11ed-a6f1-ff641694cb11/providers/ 187 B
849 B 185ms
184ms Fetch
application/json 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/campaigns/be12a2f0-33ab-11ed-a6f1-ff641694cb11/providers/select?campaign=be12a2f0-33ab-11ed-a6f1-ff641694cb11

Requested by

Host: cdn.raisely.com
URL: https://cdn.raisely.com/v3/app.29c0e.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8c07159630037d681b24f395800599f85865ef961db8f1c1983f50adfcbdb72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://save-hens.safe.org.nz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 18 Sep 2022 23:13:44 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
access-control-max-age: 86400
request-id: b2b2ac0b-762a-4f16-89af-830e63cf7b42
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://save-hens.safe.org.nz
x-cloud-trace-context: 5476e4855905c7a1c6b2e93dc3081e03/2416099469163279008;o=1
cache-control: public, max-age=300, s-maxage=300
access-control-allow-credentials: true
cf-ray: 74cdc6190f9c0215-ZRH
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset

GET
H2 200 safenz-2022-dig-acq-lp-ask-image-1-480-x-280-v-1-jpg-020841.jpg
raisely-images.imgix.net/save-hens/uploads/ 32 KB
32 KB 55ms
55ms Image
image/jpeg 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/save-hens/uploads/safenz-2022-dig-acq-lp-ask-image-1-480-x-280-v-1-jpg-020841.jpg?w=500

Requested by

Host: save-hens.safe.org.nz
URL: https://save-hens.safe.org.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

fded19f097af31234d27f43f1df5a4663935fda6f64c8ca92dd103f28ed627d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://save-hens.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 23:13:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 18 Sep 2022 23:13:42 GMT
server: imgix
age: 1
x-cache: MISS, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: b728999dd1b1b483f17c336100486f12d0e04ae6
x-imgix-render-farm: 02.552
accept-ranges: bytes
content-length: 32999
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10020-SJC, cache-fra19177-FRA

GET
H2 200 safenz-2022-dig-acq-lp-ask-image-2-480-x-280-v-1-jpg-48b3de.jpg
raisely-images.imgix.net/save-hens/uploads/ 46 KB
46 KB 55ms
55ms Image
image/jpeg 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/save-hens/uploads/safenz-2022-dig-acq-lp-ask-image-2-480-x-280-v-1-jpg-48b3de.jpg?w=500

Requested by

Host: save-hens.safe.org.nz
URL: https://save-hens.safe.org.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

cffe3708d2757fd887e72aa6b630a3b71a08c28e4f09beda54a56cd407080f71

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://save-hens.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 23:13:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 18 Sep 2022 23:13:42 GMT
server: imgix
age: 1
x-cache: MISS, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: bdebaf1794f9ccd62f6f67f17acc012d1956d39c
x-imgix-render-farm: 02.552
accept-ranges: bytes
content-length: 46635
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10023-SJC, cache-fra19177-FRA

GET
H2 200 doris-jpg-c2745c.jpg
raisely-images.imgix.net/free-hens/uploads/ 71 KB
71 KB 56ms
55ms Image
image/jpeg 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/free-hens/uploads/doris-jpg-c2745c.jpg?w=500

Requested by

Host: save-hens.safe.org.nz
URL: https://save-hens.safe.org.nz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

df51e734964f2788e361eb359ef45bdf28dc085a009a6706975fc23c27ef1613

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://save-hens.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 23:13:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 18 Sep 2022 23:13:42 GMT
server: imgix
age: 1
x-cache: MISS, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: cf5fab2e3e12378771b3b3809712bb788f1e7444
x-imgix-render-farm: 02.552
accept-ranges: bytes
content-length: 72387
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10044-SJC, cache-fra19177-FRA

GET
H3 200 sdk.js Show response
connect.facebook.net/en_GB/ 318 KB
87 KB 42ms
15ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js?hash=5cd98df96965d5bb4172646217f9fa1a

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

45f1f66cfb80d923a5e409a98954336c91738d49a134c5f8bc27320ac8da7051

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://save-hens.safe.org.nz/
Origin: https://save-hens.safe.org.nz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: LKX2gfBwY4tmgjS18wsyig==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88698
x-fb-rlafr: 0
x-fb-debug: W6Vlgi+7PhDFnTkk4Pl18qYu8hxmcF4PtnSd0qTGSgZWgE/cQ78D1t1PexGlq3DcDVjHSTRltJozwyWP++/Dvw==
x-fb-content-md5: 5638e1fe36daa92e0f6994e01156107c
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 18 Sep 2022 23:13:43 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "5eb8dd6fdfb65b9ef6920fb7602551a2"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 18 Sep 2023 22:24:37 GMT

GET
BLOB 200
OK 9fa39dbd-cbb5-4140-b82d-b4f35465629c
https://save-hens.safe.org.nz/ 9 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://save-hens.safe.org.nz/9fa39dbd-cbb5-4140-b82d-b4f35465629c
Requested by: Host: save-hens.safe.org.nz
URL: https://save-hens.safe.org.nz/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c50ea820fcf5b6a29e3b03d92abb22ca9322d98814d4b6ae36475acb2d5ce4ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 9021
Content-Type: text/javascript

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 104ms
27ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=503953866403695&ev=fb_page_view&dl=https%3A%2F%2Fsave-hens.safe.org.nz%2F&rl=&if=false&ts=1663542823783&sw=1600&sh=1200&at=

Requested by

Host: save-hens.safe.org.nz
URL: https://save-hens.safe.org.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://save-hens.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 23:13:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sun, 18 Sep 2022 23:13:43 GMT

GET
H3 200 pages Show response
api.raisely.com/v3/campaigns/be12a2f0-33ab-11ed-a6f1-ff641694cb11/ 81 KB
9 KB 245ms
244ms Fetch
application/json 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/campaigns/be12a2f0-33ab-11ed-a6f1-ff641694cb11/pages?client=1&limit=999

Requested by

Host: cdn.raisely.com
URL: https://cdn.raisely.com/v3/app.29c0e.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67a320f0858d2b69a4b78e20c96dab6b79c5c6d62669a6ff1a7c02766d85eeab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://save-hens.safe.org.nz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 18 Sep 2022 23:13:44 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
access-control-max-age: 86400
request-id: 043a6fcf-78c0-44c2-82e7-55f0e825759b
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://save-hens.safe.org.nz
x-cloud-trace-context: 6f3886d3d994241d0cd66e228b109c3c/1832688143910932299;o=1
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
cf-ray: 74cdc619e8430215-ZRH
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset

OPTIONS
H3 200 pages
api.raisely.com/v3/campaigns/be12a2f0-33ab-11ed-a6f1-ff641694cb11/ 0
0 174ms
174ms Preflight
text/plain 2606:4700:10::ac43:76c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/campaigns/be12a2f0-33ab-11ed-a6f1-ff641694cb11/pages?client=1&limit=999

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:76c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://save-hens.safe.org.nz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://save-hens.safe.org.nz
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 74cdc618cf710215-ZRH
content-length: 2
content-type: text/plain; charset=utf-8
date: Sun, 18 Sep 2022 23:13:43 GMT
request-id: 876deade-30dd-429f-80aa-bd2b3cea6a8b
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 google
x-cloud-trace-context: d9d9873d5f9e68d75c46e23227152a19/17687275473084464375
x-content-type-options: nosniff

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
42 KB 73ms
28ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-50133306-1

Requested by

Host: cdn.raisely.com
URL: https://cdn.raisely.com/v3/common+api.29c0e.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f3825e3750cb454f8213f80b888a05d05c0948f22a75f8316e15cbb91ce40541

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://save-hens.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 23:13:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42359
x-xss-protection: 0
last-modified: Sun, 18 Sep 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 18 Sep 2022 23:13:44 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
26 KB 37ms
17ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.raisely.com
URL: https://cdn.raisely.com/v3/common+api.29c0e.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://save-hens.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26839
x-xss-protection: 0
pragma: public
x-fb-debug: ZfYa5HtjYZPHHYlBMe811vCPHMW00tBO/ksnibVmqXoO2/99Wx2yRkHUqwWMVVpQVoq01gycP0Xze8Nv9pkV7w==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 18 Sep 2022 23:13:44 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 194614531476291 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 104ms
104ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/194614531476291?v=2.9.83&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a6090802679c15b06a6c39e0524ab65fe34cf52cdb53feb18e44659443fa445a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://save-hens.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 0ZyIgcAQAI5kh0FDhgjHQ8cOoSDiePps3i3b8dgQ1XRcFZaQjWwK4Gn+X763IzlEDRnOJTQ9EV4Wg7pqdVO29g==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 18 Sep 2022 23:13:44 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 67ms
15ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-50133306-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://save-hens.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 704
date: Sun, 18 Sep 2022 23:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 19 Sep 2022 01:02:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 56ms
24ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=233252159&t=pageview&_s=1&dl=https%3A%2F%2Fsave-hens.safe.org.nz%2F&ul=en-us&de=UTF-8&dt=Save%20Hens&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1904723913&gjid=1815280416&cid=245406679.1663542824&tid=UA-50133306-1&_gid=472376240.1663542824&_r=1&gtm=2ou9e0&z=655483116

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://save-hens.safe.org.nz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 23:13:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://save-hens.safe.org.nz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
446 B 100ms
28ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-50133306-1&cid=245406679.1663542824&jid=1904723913&gjid=1815280416&_gid=472376240.1663542824&_u=YEBAAUAAAAAAAC~&z=927374677

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://save-hens.safe.org.nz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 18 Sep 2022 23:13:44 GMT
content-type: text/plain
access-control-allow-origin: https://save-hens.safe.org.nz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 82ms
28ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-50133306-1&cid=245406679.1663542824&jid=1904723913&_u=YEBAAUAAAAAAAC~&z=2059763778

Requested by

Host: save-hens.safe.org.nz
URL: https://save-hens.safe.org.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://save-hens.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 23:13:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 79ms
27ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-50133306-1&cid=245406679.1663542824&jid=1904723913&_u=YEBAAUAAAAAAAC~&z=2059763778

Requested by

Host: save-hens.safe.org.nz
URL: https://save-hens.safe.org.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://save-hens.safe.org.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 23:13:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: js.stripe.com
URL: https://js.stripe.com/v3/

Verdicts & Comments Add Verdict or Comment

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
api.raisely.com/	1970-01-20 06:07:05	Name: __cflb Value: 02DiuDrFw1qRRyJx18kodD7PHZEK1ryy13meuAb2XsFtp
.facebook.com/	1970-01-20 08:15:18	Name: fr Value: 0TvmVNJHTRcy5nidm..BjJ6Yn...1.0.BjJ6Yn.
.safe.org.nz/	1970-01-20 15:41:42	Name: _ga Value: GA1.3.245406679.1663542824
.safe.org.nz/	1970-01-20 06:07:09	Name: _gid Value: GA1.3.472376240.1663542824
.safe.org.nz/	1970-01-20 06:05:42	Name: _gat_gtag_UA_50133306_1 Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors *.raisely.com save-hens.safe.org.nz;
Strict-Transport-Security	max-age=86400;
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.raisely.com
cdn.raisely.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
raisely-images.imgix.net
save-hens.safe.org.nz
stats.g.doubleclick.net
superb-rudolph.raisely.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
js.stripe.com
185.180.12.68
2606:4700:10::6816:4662
2606:4700:10::ac43:76c
2a00:1450:4001:800::200e
2a00:1450:4001:801::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2004
2a00:1450:4001:811::2008
2a00:1450:400c:c08::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f107:83:face:b00c:0:25de
2a04:4e42:3::720
2a09:8280:1:9169:525:6faf:8a6f:9ab1
022304c464809fe1248fd08bbb9792f483d92d953e41ae980d98d0fdecfa112d
09306d45a56d4b23ad24b5d37b4ed3bc53ce234e958289215b850b872e30d705
0d598c29412ef0cd35fe19215a8cea3c0ac0eb25b4102e4e4d36f8903434578c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1c5d0dd081e3225e936fe080371c2b7d53b52e269abf3f730aa1a3282f6f2761
2e038b9d08aa52236f78b1af732b7f4a87b932dfe25262927ebffc05b60b3bc4
2edf477b34eeaf13d8bb762880aad797ae514af6836d1658a9b43bc26c90a703
416c8ffa1a59d4cae68371a6582210d44fd0aa1539299bc807f345e08dbc0cef
45f1f66cfb80d923a5e409a98954336c91738d49a134c5f8bc27320ac8da7051
595fb68d990f8c2e7bcec5e642df9b00666e8932c8721b804b11e4b9d83d4e55
67a320f0858d2b69a4b78e20c96dab6b79c5c6d62669a6ff1a7c02766d85eeab
748946db8a26d574fca067204deb081d499be5e0725191015f5ddde35efd7382
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
808ebf38c291dc03ea969d5b2c24c3e8269b65e930effd0dc6a88ce25ab86cc0
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
8472c71a24e643998f9cb4c6c56045ea4ddad599644e83c6888bcd72daa3afc6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8c0a0cd310cd3e63daa90db8e11dc291a4f9bdd30feb8f57a2e0460294282df9
93083abe04ab3fbb73e14133bee0a85d867e8a91662e3cbd6d3ea48bb51117f3
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
95df2aad4647b6fb6d81c46c1c427edbfc504b9c585da7048ef26b2f70d8fffc
99bdabb19d46120c330ec9c62e232dd6f246c3aa0d221e2cbe6d394f9f54e583
9f5ca400ce72c63158992055cbefc875c114e2e01b14bcb576129f9035216fb1
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a6090802679c15b06a6c39e0524ab65fe34cf52cdb53feb18e44659443fa445a
a7bcc86aebdb7ded153ab87afbd54a5ad423f5eb4d0efa51d4031e7e208f2668
b0a29af6abd7b7399baf0fa46d962bb273efa7d70042d7fbbaa64948c6025f9b
c50ea820fcf5b6a29e3b03d92abb22ca9322d98814d4b6ae36475acb2d5ce4ab
cc0e0dc8b4c0fa856382e562030f5ca48bd27279e85e3404d4e252d4a06fb0ee
cffe3708d2757fd887e72aa6b630a3b71a08c28e4f09beda54a56cd407080f71
d115c05ada31d4a93ce0a48a78c17c3751371bac39e3b27bd2b759d770d52d77
d3346607515f82252ecec643066b1e67c5a0c6eb2e0bd9abdba7a711af9aa135
d5cbc006636c864bd64231498383cbae42991879fbefca498aaad8346035cf8f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de37a8ced3c2cbbb8703819bf19497c39572df574bef15407936bd3f60cc24f5
df51e734964f2788e361eb359ef45bdf28dc085a009a6706975fc23c27ef1613
e4ae390cdf7904ff153632350f49351cb588a4367288594a25d526b662d001b7
e5b0186a5bb9858f730ed0311c9d5bc7826cf8ce3d49ce97010b335888963917
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3825e3750cb454f8213f80b888a05d05c0948f22a75f8316e15cbb91ce40541
f8c07159630037d681b24f395800599f85865ef961db8f1c1983f50adfcbdb72
fded19f097af31234d27f43f1df5a4663935fda6f64c8ca92dd103f28ed627d4

save-hens.safe.org.nz Open in urlscan Pro 2a09:8280:1:9169:525:6faf:8a6f:9ab1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

51 Requests

96 %HTTPS

93 %IPv6

13 Domains

15 Subdomains

15 IPs

4 Countries

1607 kBTransfer

4167 kBSize

5 Cookies

1 Outgoing links

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

save-hens.safe.org.nz Open in urlscan Pro
2a09:8280:1:9169:525:6faf:8a6f:9ab1 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

96 %
HTTPS

93 %
IPv6

13
Domains

15
Subdomains

15
IPs

4
Countries

1607 kB
Transfer

4167 kB
Size

5
Cookies

51 HTTP transactions
2 data transactions