www.planusa.org Open in urlscan Pro
2606:4700:3037::6815:4da4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://click.email.planusa.org/?qs=2859b56e8bd90622ed957873fc96328b7d678dac8bbf08ea6af7255d6002bb1ca9f427629050a817e3077a8b8f75...
Effective URL:
https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=No...
Submission: On January 20 via api (January 20th 2022, 2:29:40 am UTC) from US — Scanned from DE

Summary HTTP 113 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 34 IPs in 6 countries across 25 domains to perform 113 HTTP transactions. The main IP is 2606:4700:3037::6815:4da4, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.planusa.org. The Cisco Umbrella rank of the primary domain is 862345.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 10th 2021. Valid for: a year.

This is the only time www.planusa.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.18.12 13.111.18.12	22606 (EXACT-7) (EXACT-7)
32	2606:4700:303... 2606:4700:3037::6815:4da4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	89.187.169.47 89.187.169.47	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
3	52.216.207.171 52.216.207.171	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 3	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	67.225.220.126 67.225.220.126	32244 (LIQUIDWEB) (LIQUIDWEB)
1	151.101.65.131 151.101.65.131	54113 (FASTLY) (FASTLY)
7	2.16.186.242 2.16.186.242	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
10	93.184.220.42 93.184.220.42	15133 (EDGECAST) (EDGECAST)
1	2606:4700::68... 2606:4700::6811:e04e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.157.4.69 108.157.4.69	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1	108.157.1.118 108.157.1.118	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0a::9a	15169 (GOOGLE) (GOOGLE)
3	52.224.31.34 52.224.31.34	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:a200:d:87ae:bb80:21	16509 (AMAZON-02) (AMAZON-02)
2 4	185.33.221.15 185.33.221.15	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	34.96.127.16 34.96.127.16	15169 (GOOGLE) (GOOGLE)
5	138.197.61.175 138.197.61.175	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	51.77.64.70 51.77.64.70	16276 (OVH) (OVH)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
113	34

1 13.111.18.12 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.s10.exacttarget.com

click.email.planusa.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2606:4700:3037::6815:4da4 (United States)

ASN13335 (CLOUDFLARENET, US)

www.planusa.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.187.169.47 (Frankfurt am Main, Germany) 2 redirects

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com

cdn.rawgit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
files1.cybba.solutions	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.216.207.171 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

planusa-org-staging.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

9879419.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.225.220.126 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host.rtb123.com

www.rtb123.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.131 (United States)

ASN54113 (FASTLY, US)

2e07d875b89549cf92917817c484f293.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.16.186.242 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-242.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 93.184.220.42 (London, United Kingdom)

ASN15133 (EDGECAST, US)

static.olark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e04e (United States)

ASN13335 (CLOUDFLARENET, US)

fast.fonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.69 (United States)

ASN16509 (AMAZON-02, US)

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.1.118 (United States)

ASN16509 (AMAZON-02, US)

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.224.31.34 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

h.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:a200:d:87ae:bb80:21 (United States)

ASN16509 (AMAZON-02, US)

d2rp1k1dldbai6.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.15 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.96.127.16 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 16.127.96.34.bc.googleusercontent.com

knrpc.olark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.olark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.olark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.197.61.175 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

app.cybba.solutions	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com

pro.ip-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	planusa.org 1 redirects click.email.planusa.org www.planusa.org — Cisco Umbrella Rank: 862345	2 MB
13	olark.com static.olark.com — Cisco Umbrella Rank: 12806 knrpc.olark.com — Cisco Umbrella Rank: 13445 api.olark.com — Cisco Umbrella Rank: 14605 log.olark.com — Cisco Umbrella Rank: 13907	451 KB
7	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 1300	123 KB
7	doubleclick.net 1 redirects 9879419.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 96 googleads.g.doubleclick.net — Cisco Umbrella Rank: 46	5 KB
6	cybba.solutions files1.cybba.solutions — Cisco Umbrella Rank: 32860 app.cybba.solutions — Cisco Umbrella Rank: 32778	26 KB
5	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 404 ib.adnxs.com — Cisco Umbrella Rank: 241	5 KB
5	clarity.ms 1 redirects h.clarity.ms — Cisco Umbrella Rank: 2241 c.clarity.ms — Cisco Umbrella Rank: 917	24 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13	1 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	65 KB
4	google.de www.google.de — Cisco Umbrella Rank: 5557	693 B
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 385 c.bing.com — Cisco Umbrella Rank: 273	12 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	221 KB
3	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1531 insight.adsrvr.org — Cisco Umbrella Rank: 624	3 KB
3	amazonaws.com planusa-org-staging.s3.amazonaws.com	1 MB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 106	30 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	427 B
2	ubembed.com 2e07d875b89549cf92917817c484f293.js.ubembed.com assets.ubembed.com — Cisco Umbrella Rank: 10642	50 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	113 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 440	7 KB
2	rawgit.com 2 redirects cdn.rawgit.com — Cisco Umbrella Rank: 8219	1 KB
1	ip-api.com pro.ip-api.com — Cisco Umbrella Rank: 6473	438 B
1	cloudfront.net d2rp1k1dldbai6.cloudfront.net	20 KB
1	fonts.net fast.fonts.net — Cisco Umbrella Rank: 2989	604 B
1	rtb123.com www.rtb123.com — Cisco Umbrella Rank: 19071	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	1 KB
113	25

	Domain	Requested by
32	www.planusa.org	www.planusa.org
10	static.olark.com	www.planusa.org srcdoc static.olark.com
7	analytics.tiktok.com	www.planusa.org analytics.tiktok.com
5	app.cybba.solutions	files1.cybba.solutions
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.planusa.org
4	secure.adnxs.com	2 redirects www.planusa.org
4	www.google.de	www.planusa.org
4	www.google.com	www.planusa.org
4	www.googletagmanager.com	www.planusa.org www.googletagmanager.com www.rtb123.com
3	googleads.g.doubleclick.net	www.googleadservices.com
3	h.clarity.ms	bat.bing.com h.clarity.ms
3	9879419.fls.doubleclick.net	1 redirects www.googletagmanager.com www.planusa.org
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.planusa.org
3	planusa-org-staging.s3.amazonaws.com	www.planusa.org
2	insight.adsrvr.org	js.adsrvr.org
2	c.clarity.ms	1 redirects www.planusa.org
2	www.googleadservices.com	www.googletagmanager.com
2	www.facebook.com	www.planusa.org
2	connect.facebook.net	www.planusa.org connect.facebook.net
2	cdn.jsdelivr.net	www.planusa.org
2	cdn.rawgit.com	2 redirects
1	ib.adnxs.com	d2rp1k1dldbai6.cloudfront.net
1	log.olark.com
1	api.olark.com	static.olark.com
1	pro.ip-api.com	files1.cybba.solutions
1	knrpc.olark.com	static.olark.com
1	files1.cybba.solutions	www.rtb123.com
1	d2rp1k1dldbai6.cloudfront.net	www.rtb123.com
1	c.bing.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	js.adsrvr.org	www.planusa.org
1	adservice.google.com	9879419.fls.doubleclick.net
1	assets.ubembed.com	2e07d875b89549cf92917817c484f293.js.ubembed.com
1	fast.fonts.net	www.planusa.org
1	2e07d875b89549cf92917817c484f293.js.ubembed.com	www.googletagmanager.com
1	www.rtb123.com	www.planusa.org
1	fonts.googleapis.com	www.planusa.org
1	click.email.planusa.org	1 redirects
113	38

This site contains links to these domains. Also see Links.

Domain
planusa.org
www.facebook.com
www.twitter.com
www.instagram.com
twitter.com
www.youtube.com
www.tiktok.com
www.charitynavigator.org
give.org
www.guidestar.org
greatnonprofits.org
planusa-org-staging.s3.amazonaws.com
constructive.co

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-10` - `2022-10-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-12-13` - `2022-12-13`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-29` - `2022-01-27`	3 months	crt.sh
www.rtb123.com GlobalSign GCC R3 DV TLS CA 2020	`2021-01-09` - `2022-02-10`	a year	crt.sh
*.js.ubembed.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2022-01-04` - `2023-02-05`	a year	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
s2.wac.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-09` - `2022-11-30`	a year	crt.sh
assets.ubembed.com Amazon	`2021-03-06` - `2022-04-04`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
files1.cybba.solutions R3	`2021-12-28` - `2022-03-28`	3 months	crt.sh
*.olark.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-09-20` - `2022-10-21`	a year	crt.sh
*.cybba.solutions Sectigo RSA Domain Validation Secure Server CA	`2021-06-15` - `2022-07-16`	a year	crt.sh
*.ip-api.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-28` - `2022-11-27`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Frame ID: 53A3FEB63943A43F6DBD6F625B90803F
Requests: 102 HTTP requests in this frame

Frame: https://9879419.fls.doubleclick.net/activityi;dc_pre=CPyGtK-kv_UCFcw14AodAQ0LOw;src=9879419;type=allpages;cat=allpa0;ord=7879693603391;gtm=2wg1c0;auiddc=1825221735.1642645775;u7=%2Fblog%2Ftop-10-blog-posts-of-2021%2F;ps=1;~oref=https%3A%2F%2Fwww.planusa.org%2Fblog%2Ftop-10-blog-posts-of-2021%2F%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField
Frame ID: 662EC188867846D2D41E72D23CEA16C4
Requests: 2 HTTP requests in this frame

Frame: https://static.olark.com/jsclient/app.js
Frame ID: 2FD78794C130D9965155595D29E34009
Requests: 7 HTTP requests in this frame

Frame: https://static.olark.com/jsclient-bucket5/storage.html?v=1639596023950
Frame ID: C8EAB970C4B81D0364FC0815D2508CE9
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: B6B0CAEDD348C9A3DB878542BFFAEE31
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=2mlbed5&ref=https%3A%2F%2Fwww.planusa.org%2Fblog%2Ftop-10-blog-posts-of-2021%2F%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField&upid=3gs34vr&upv=1.1.0
Frame ID: 243A0AACADB61B149041459E775481AD
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=4toff13&ref=https%3A%2F%2Fwww.planusa.org%2Fblog%2Ftop-10-blog-posts-of-2021%2F%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField&upid=16dhzbf&upv=1.1.0
Frame ID: FC7D0103252410D31CD951B9D4CB6F11
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Top stories of 2021 Plan USA supporters loved most | Plan USARequired AsteriskRequired AsteriskRequired AsteriskOlark launch button clip path

Page URL History Show full URLs

http://click.email.planusa.org/?qs=2859b56e8bd90622ed957873fc96328b7d678dac8bbf08ea6af7255d6002bb1ca9f42762... HTTP 302
https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

113
Requests

96 %
HTTPS

44 %
IPv6

25
Domains

38
Subdomains

34
IPs

6
Countries

4421 kB
Transfer

10270 kB
Size

33
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://planusa.org/help-items/getting-started/
Title: Help center

Search URL Search Domain Scan URL

URL: https://planusa.org/projects/
Title: Our projects

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer/sharer.php?u=https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField6681&t=Top%2010%20blog%20posts%20of%202021

Search URL Search Domain Scan URL

URL: http://www.twitter.com/intent/tweet?url=https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField6681&via=&text=https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField6681

Search URL Search Domain Scan URL

URL: https://www.instagram.com/plan_usa/?hl=en

Search URL Search Domain Scan URL

URL: https://www.facebook.com/planusa

Search URL Search Domain Scan URL

URL: https://twitter.com/PlanUSA

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/PlanUSAvideos/videos

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@planusa?lang=en%E2%80%A9

Search URL Search Domain Scan URL

URL: https://www.charitynavigator.org/index.cfm?bay=search.summary&orgid=4337

Search URL Search Domain Scan URL

URL: https://give.org/charity-reviews/national/Relief-and-Development/Plan-International-USA-in-Warwick-ri-28092

Search URL Search Domain Scan URL

URL: https://www.guidestar.org/profile/13-5661832

Search URL Search Domain Scan URL

URL: https://greatnonprofits.org/org/plan-international-usa-inc

Search URL Search Domain Scan URL

URL: https://planusa-org-staging.s3.amazonaws.com/public/uploads/2022/01/FreedomFromHarassment-2.pdf
Title: Freedom From Harassment Policy

Search URL Search Domain Scan URL

URL: https://planusa-org-staging.s3.amazonaws.com/public/uploads/2022/01/TraffickingInPersons-2.pdf
Title: Trafficking in Persons Policy and Compliance Plan

Search URL Search Domain Scan URL

URL: https://planusa-org-staging.s3.amazonaws.com/public/uploads/2022/01/CodeofEthicsandConduct-2.pdf
Title: Code of Ethics and Conduct

Search URL Search Domain Scan URL

URL: https://constructive.co/
Title: Constructive

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://click.email.planusa.org/?qs=2859b56e8bd90622ed957873fc96328b7d678dac8bbf08ea6af7255d6002bb1ca9f427629050a817e3077a8b8f75b1d4ee1130f300e52d9b89134a5bf5cae3f1 HTTP 302
https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://cdn.rawgit.com/michalsnik/aos/2.1.1/dist/aos.css HTTP 301
https://cdn.jsdelivr.net/gh/michalsnik/aos@2.1.1/dist/aos.css

Request Chain 27

https://9879419.fls.doubleclick.net/activityi;src=9879419;type=allpages;cat=allpa0;ord=7879693603391;gtm=2wg1c0;auiddc=1825221735.1642645775;u7=%2Fblog%2Ftop-10-blog-posts-of-2021%2F;ps=1;~oref=https%3A%2F%2Fwww.planusa.org%2Fblog%2Ftop-10-blog-posts-of-2021%2F%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField HTTP 302
https://9879419.fls.doubleclick.net/activityi;dc_pre=CPyGtK-kv_UCFcw14AodAQ0LOw;src=9879419;type=allpages;cat=allpa0;ord=7879693603391;gtm=2wg1c0;auiddc=1825221735.1642645775;u7=%2Fblog%2Ftop-10-blog-posts-of-2021%2F;ps=1;~oref=https%3A%2F%2Fwww.planusa.org%2Fblog%2Ftop-10-blog-posts-of-2021%2F%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField

Request Chain 47

https://cdn.rawgit.com/michalsnik/aos/2.1.1/dist/aos.js HTTP 301
https://cdn.jsdelivr.net/gh/michalsnik/aos@2.1.1/dist/aos.js

Request Chain 71

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=362031EC7C3B47BCA85A203DFA137A7A&RedC=c.clarity.ms&MXFR=044FD0A5E77E6D9F35FAC197E37E63EB HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=362031EC7C3B47BCA85A203DFA137A7A&MUID=2B247F05AF496A0B08DB6E37AE9B6B72

Request Chain 78

https://secure.adnxs.com/seg?add=20952558&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D20952558%26t%3D2

Request Chain 79

https://secure.adnxs.com/px?id=1222827&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1222827%26t%3D2

113 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.planusa.org/blog/top-10-blog-posts-of-2021/
Redirect Chain

http://click.email.planusa.org/?qs=2859b56e8bd90622ed957873fc96328b7d678dac8bbf08ea6af7255d6002bb1ca9f427629050a817e3077a8b8f75b1d4ee1130f300e52d9b89134a5bf5cae3f1
https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField

146 KB
52 KB

1443ms
1400ms

Document
text/html

2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ca2a81a98d38979cbeebf9c79e0b16e16a38790d2760dc866646f3e603aeb6b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 20 Jan 2022 02:29:34 GMT
content-type: text/html; charset=UTF-8
x-pingback
link: <https://www.planusa.org/wp-json/>; rel="https://api.w.org/", <https://www.planusa.org/?p=6681>; rel=shortlink
vary: Accept-Encoding
via: 1.1 vegur
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M0E92PX07RIO5PclH5qGSibiBsoCnhODTOuJsIocJkaFLqdnaTc6%2BCbSt0G%2BCL18%2F%2BigR%2BNM2%2Bm7kTsKp1w%2F4OeafI3qdHucQyeWkekL08vsoEuN4LIBlKR4YhpE8o1kmdUU6AhO%2Bx60yYd9XTg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d04e0329d4083a9-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Date: Thu, 20 Jan 2022 02:29:32 GMT
X-Cnection: close
Content-Length: 264

GET
H2 200 styles.css
www.planusa.org//app/plugins/contact-form-7/includes/css/ 2 KB
1 KB 25ms
24ms Stylesheet
text/css 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.planusa.org//app/plugins/contact-form-7/includes/css/styles.css
Requested by: Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 284401fd9cc6074e6211119acdfbb4abb56b1d4c0be4323ccce1d6f6da7642ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:34 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 517
cf-polished: origSize=2630
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Jan 2022 15:39:14 GMT
server: cloudflare
etag: W/"a46-5d4ebac240c80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eaH4kaRwqKo0RoTkH9%2BnIEpFSfi6Hsev5tZ%2BRNhatXWCPIgox9IkhvlEe9LxeUmwLerfOvu5c%2Bw32Op3OHXdn6mecQg%2B4OdRl1n0WmmTaDyc%2FiR1zXGNXNt4GCk500zuW2gRrbHRZ4vCdSsdgKg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6d04e03b793e83a9-MXP
cf-bgj: minify

GET
H2 200 main.css
www.planusa.org//app/themes/planusa/dist/styles/ 2 MB
168 KB 30ms
30ms Stylesheet
text/css 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.planusa.org//app/themes/planusa/dist/styles/main.css
Requested by: Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcff0a0ce2e020657abcc4eb811920cb99fd387a06c3548d9ec10c42e6a0fb6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:34 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 517
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Jan 2022 15:41:17 GMT
server: cloudflare
etag: W/"1b997d-5d4ebb378e140-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2FA1Hvd%2F%2Bf91JLpqHkVb6%2FgNsesSqhPoNk4XbNH3CgzXHrApEpPrmFD352iph9x%2B1lca5j4PZuwZGTokLBcCI4O7%2BRSqyEn7FIJHpvNlTjyZLtDgb39iMFdnObHu09scd1sOl2OfXGxvTi9te40%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6d04e03b794283a9-MXP
cf-bgj: minify

GET
H2

200

aos.css
cdn.jsdelivr.net/gh/michalsnik/aos@2.1.1/dist/
Redirect Chain

https://cdn.rawgit.com/michalsnik/aos/2.1.1/dist/aos.css
https://cdn.jsdelivr.net/gh/michalsnik/aos@2.1.1/dist/aos.css

25 KB
2 KB

66ms
30ms

Stylesheet
text/css

2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/michalsnik/aos@2.1.1/dist/aos.css

Requested by

Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField

Protocol

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f60551109a5502a1fb601b2b16872fef5232e7f92bac1c3b779a75e819d3f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7450673
x-jsd-version: 2.1.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19163-FRA, cache-mxp6983-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"657f-JPG3KrqqrRZx4J3G/yvsAP326KE"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6d04e03cd8f359ad-MXP

Redirect headers

date: Thu, 20 Jan 2022 02:29:34 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 756
age: 43517
access-control-expose-headers: *
x-cache: MISS, HIT
cdn-cachedat: 01/20/2022 03:29:34
cdn-pullzone: 201235
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 95
server: BunnyCDN-DE1-756
x-served-by: cache-fra19164-FRA, cache-pwk4947-PWK
access-control-allow-origin: *
cdn-proxyver: 1.02
cdn-requestpullcode: 301
location: https://cdn.jsdelivr.net/gh/michalsnik/aos@2.1.1/dist/aos.css
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
cdn-cache: EXPIRED
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=2592000
cdn-requestid: adbe7134d59844102f35e14541ea6599
timing-allow-origin: *
cdn-requestcountrycode: GB
cdn-status: 301
cdn-requestpullsuccess: True

GET
H3 200 invisible.js Show response
www.planusa.org/cdn-cgi/challenge-platform/h/b/scripts/ 44 KB
16 KB 41ms
40ms Script
text/javascript 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.planusa.org/cdn-cgi/challenge-platform/h/b/scripts/invisible.js
Requested by: Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6934bf0c9473cac4af9fe31a48aa89cbf12b77423974582b6b7cbeb6bd3b565c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:34 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2F3Ok99rNJu6gBYtHqgsSHqgLit9e2adm6j4BgcztnTXNPQUeZPaFIAnsOBs05MIdQNkk35a710X2ikr3eFoOwD2dpAdYdAMYCusR1X93t5dWZhNLG3tRZJ5qL9P6LH4Gxu0vY7F%2BrHpQQbiSRs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 6d04e03be919e907-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 37ms
15ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: www.planusa.org
URL: https://www.planusa.org//app/themes/planusa/dist/styles/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 02:27:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 20 Jan 2022 02:29:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Jan 2022 02:29:34 GMT

GET
H3 200 plan-usa-girls-boys-children-poverty-news-philanthropy-sponsor-default-image.jpg
www.planusa.org//app/themes/planusa/dist/images/general/ 65 KB
65 KB 23ms
23ms Image
image/jpeg 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.planusa.org//app/themes/planusa/dist/images/general/plan-usa-girls-boys-children-poverty-news-philanthropy-sponsor-default-image.jpg
Requested by: Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3990a01f0ae51cf44ecddcf8bb0ec67f1f958d90c7bd209abcbd4597132ca62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:34 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 269
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 66276
last-modified: Thu, 06 Jan 2022 15:41:17 GMT
server: cloudflare
etag: "102e4-5d4ebb378e140"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wGR%2FYTHa3R4Xfc3rtUf6kYPKLpFPeGr0JcivzwrEmPGwv%2BjzfmjaJeJYXVYDffw%2Bw1tIoCeFoepLl4k6319KvyLcrbm0ajsrS7lfmdqgJd0aVkFATXvLxuvq3We8Tkvlz%2FZDj0DU6qNKeZKVeOs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d04e03c4951e907-MXP

GET
H3 200 splotch-peach.png
www.planusa.org//app/themes/planusa/dist/images/general/ 451 KB
451 KB 22ms
22ms Image
image/png 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.planusa.org//app/themes/planusa/dist/images/general/splotch-peach.png
Requested by: Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb03f58b57894b8d2c5d6dd9290672a859818c86d797741719234b300d65131c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:34 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 269
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 461545
last-modified: Thu, 06 Jan 2022 15:41:17 GMT
server: cloudflare
etag: "70ae9-5d4ebb378e140"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ezKJHUWojiamspwGcKY66B3Fn7AjUlg8wVO3%2FXCcAWiLdPJrXgiYCwqWJoiluCJKP5QEfZRIJTmkzZxx8v6iwQvkeukPtS5duKSip0V3fTLoDrwQivv5XDg9QgobAiWAAxXrKO1%2FDQ0YVxbWNNE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d04e03ca96ee907-MXP

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 248 KB
82 KB 69ms
40ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NCM2NF

Requested by

Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a0e64e7389bf34076b914587707d7e5f2be8bbec920c24cf5387f338504b3004

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:34 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83278
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 00:28:58 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 20 Jan 2022 02:29:34 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 488f0037e7d36e54fa24655cd5294b223ac6444638065d5fb8a883c78ef4042a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 menu_icon.jpg
www.planusa.org/app/themes/planusa/resources/assets/images/general/ 160 KB
160 KB 22ms
22ms Image
image/jpeg 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.planusa.org/app/themes/planusa/resources/assets/images/general/menu_icon.jpg
Requested by: Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36aa72c2e9a35811b1021156761155c5093b3b01abc1f411f155d4a8d16c9497

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:34 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 269
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 163612
last-modified: Thu, 06 Jan 2022 15:39:14 GMT
server: cloudflare
etag: "27f1c-5d4ebac240c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DtPgsUZ8lC7ehecYWqvMgcuP0nWMtfp%2FfvRNuD98TWRNWdNHMKOhX0v4SKG%2Fa0zq9OIccK4%2B%2FMM0Z7BzelwnJxbrBGLT9LUOojV22XlFrhTKMBW%2Fiwt7tKXbDPW7uSmLm%2FBLpQ6mFmvzLC7n0No%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d04e03d399be907-MXP

GET
DATA 200
OK truncated
/ 805 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 857ad2091f006457a9430c0d437a96ffe6d7d7b75a2aa898a6e169d10ad4256d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 PLAN-blue-hero-simple-background.jpg
www.planusa.org//app/themes/planusa/dist/images/hero-simple/ 190 KB
190 KB 39ms
38ms Image
image/jpeg 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.planusa.org//app/themes/planusa/dist/images/hero-simple/PLAN-blue-hero-simple-background.jpg
Requested by: Host: www.planusa.org
URL: https://www.planusa.org//app/themes/planusa/dist/styles/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a651d51f9499db4554f70fb1357cf359709c7364b76463a57285905221bca9f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org//app/themes/planusa/dist/styles/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:34 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 269
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 194284
last-modified: Thu, 06 Jan 2022 15:41:17 GMT
server: cloudflare
etag: "2f6ec-5d4ebb378e140"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y5P7mZOqZO2XILhQpUjI%2FFQrUleZQM7KUsEG4lBns7U2Ww8g2bioKOZ70iFM7aoF2ZKpazk2jBIRPFJbAbu7GwiCZdmCx6sfQGfa4ek2Jm33igpfIhX94eqVKHddlSozivuhtjcMGouJaUwDx0w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d04e03d49a2e907-MXP

GET
H3 200 PLAN-blue-hero-simple-background-top.jpg
www.planusa.org//app/themes/planusa/dist/images/hero-simple/ 53 KB
54 KB 32ms
31ms Image
image/jpeg 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.planusa.org//app/themes/planusa/dist/images/hero-simple/PLAN-blue-hero-simple-background-top.jpg
Requested by: Host: www.planusa.org
URL: https://www.planusa.org//app/themes/planusa/dist/styles/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db0b2e67f36402964c31f7be721fb863d003ac28f335494b6c03a5d4b35328ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org//app/themes/planusa/dist/styles/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:34 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 269
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54517
last-modified: Thu, 06 Jan 2022 15:41:17 GMT
server: cloudflare
etag: "d4f5-5d4ebb378e140"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gzblA4gSW4yq4PFzbKC9rNKlerQQT6vDoLCjz2iE%2BoJzC1gId08eNfHe%2F1obocsd8edKTpe0uumlIy78INrLNb5eC%2FAGtU1DYVh2FGKUYEVBrg0KE93BC3GfT2Ea8phq82UZWdoL4sF4paLlr%2FY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d04e03d49a3e907-MXP

GET
H3 200 PLAN-blue-hero-simple-background-bottom.jpg
www.planusa.org//app/themes/planusa/dist/images/hero-simple/ 74 KB
75 KB 36ms
36ms Image
image/jpeg 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.planusa.org//app/themes/planusa/dist/images/hero-simple/PLAN-blue-hero-simple-background-bottom.jpg
Requested by: Host: www.planusa.org
URL: https://www.planusa.org//app/themes/planusa/dist/styles/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b564aaa156e5e9978268e0743f12da84710f3f9ba5d6174f89cb4393bcb1af9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org//app/themes/planusa/dist/styles/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:34 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 269
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76025
last-modified: Thu, 06 Jan 2022 15:41:17 GMT
server: cloudflare
etag: "128f9-5d4ebb378e140"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YDRuWPbtbneOjeF0RhiZUZFc2CxCfs8Ew9fDsrDUHPGYdide7DvbZyf0AESmjsIESM3LCrGaVz5Ci5kWWt2r1k9bjB2qeVnULIKzcZTbVClbaBnMo3W2fSEEIVcEBZa82b2LaZJ4qcNYvH%2BkaU8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d04e03d49a4e907-MXP

GET
H3 200 jagged-edge-white-off.svg
www.planusa.org//app/themes/planusa/dist/images/general/ 23 KB
11 KB 60ms
59ms Image
image/svg+xml 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.planusa.org//app/themes/planusa/dist/images/general/jagged-edge-white-off.svg
Requested by: Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d01ea7db745423cfd19bc3635e91f04dc38de06dd86ec06ce77c7fe5b81418a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:34 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 269
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Jan 2022 15:41:17 GMT
server: cloudflare
etag: W/"5aa6-5d4ebb378e140-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YQeKiCJTqF5FqKMwJCBnYulMzkyzM4PcpXlORxGgIvkqlD4vdBtxI5ZLTueqJBZk5toRaKEgfCPUnxs%2BeiBIpGNqXwd9qzX7a1JMSGi5slaGu4jOezlTv5voIf3GaUBCle7yuZfVXHhyeGcxnhE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 6d04e03d49a5e907-MXP

GET
H3 200 jagged-edge.svg
www.planusa.org//app/themes/planusa/dist/images/general/ 23 KB
11 KB 59ms
59ms Image
image/svg+xml 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.planusa.org//app/themes/planusa/dist/images/general/jagged-edge.svg
Requested by: Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98817c9af505be714bd9dd7c2ac619597eb181959f379743c01120156d591109

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:34 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 269
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Jan 2022 15:41:17 GMT
server: cloudflare
etag: W/"5aa6-5d4ebb378e140-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QHLZig7LotHdiFeD50MLKkAg39rZ4YhoqpJUEaqgudbQVl8oa17wka6FlDXGZ2BlBT98rcWOt3cp5hdtu%2Fhe4pwmXlUV8AHGy%2FLnGSZi7AUBVucKFIelfmBJFD15hNk2EAbk2aTLej9ooqoH7T4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 6d04e03d49a6e907-MXP

GET
H3 200 800da3b0-675f-465f-892d-d76cecbdd5b1.woff2
www.planusa.org//app/themes/planusa/dist/fonts/5664150/ 27 KB
27 KB 60ms
60ms Font
font/woff2 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.planusa.org//app/themes/planusa/dist/fonts/5664150/800da3b0-675f-465f-892d-d76cecbdd5b1.woff2
Requested by: Host: www.planusa.org
URL: https://www.planusa.org//app/themes/planusa/dist/styles/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e7cf9a9f7bb1bbb6e732a1541b1d0f26f46cfda65e2098c2b2085e8ae1ccf52

Request headers

Referer: https://www.planusa.org//app/themes/planusa/dist/styles/main.css
Origin: https://www.planusa.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:34 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 269
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27472
last-modified: Thu, 06 Jan 2022 15:41:17 GMT
server: cloudflare
etag: "6b50-5d4ebb378e140"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ew4yRFwSYxBJ75Qk5coy%2FjqrS4d3RSKvEkhcKAmBamixXGgm2NZGHMnlqvy1txzBSazihwIVLfLvFTG9nsHVv3T9ZohvmKzU8eE1AlJlvOZaKALTGfuf7UZjImfTykMsUkBj5jcAb2awWULs5qQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d04e03d49aae907-MXP

GET
H3 200 FreightTextBook.ttf
www.planusa.org//app/themes/planusa/dist/fonts/ 125 KB
47 KB 62ms
62ms Font
font/ttf 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.planusa.org//app/themes/planusa/dist/fonts/FreightTextBook.ttf
Requested by: Host: www.planusa.org
URL: https://www.planusa.org//app/themes/planusa/dist/styles/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a20cd460709095cb95769f66d91eba8bbb81e61d45cd79cce981eb3a5f2a057e

Request headers

Referer: https://www.planusa.org//app/themes/planusa/dist/styles/main.css
Origin: https://www.planusa.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:34 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 269
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Jan 2022 15:41:17 GMT
server: cloudflare
etag: W/"1f540-5d4ebb378e140-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7crPdP%2F9AuH4kUER1YL3fMzVsbzTjQj3SgV510lLYR1V1M3MdcnjzLbfQsm12JYJeRxJ8WtwEQ40HY%2FLV1ZVvxix12Q7ZaanDSU7egLdJqBoSnyrWH6s%2BogZihZ8FPiVys4Zqkm8Gkl7GAAHDpQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: max-age=14400
cf-ray: 6d04e03d49ade907-MXP

GET
H3 200 veneercleanreg-webfont.woff2
www.planusa.org//app/themes/planusa/dist/fonts/ 14 KB
15 KB 68ms
67ms Font
font/woff2 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.planusa.org//app/themes/planusa/dist/fonts/veneercleanreg-webfont.woff2
Requested by: Host: www.planusa.org
URL: https://www.planusa.org//app/themes/planusa/dist/styles/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6a0bd74072c70519c01e1e224b71681e4515e1fc79d4a4c09f63060cb2f0dbd

Request headers

Referer: https://www.planusa.org//app/themes/planusa/dist/styles/main.css
Origin: https://www.planusa.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:34 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 269
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14420
last-modified: Thu, 06 Jan 2022 15:41:17 GMT
server: cloudflare
etag: "3854-5d4ebb378e140"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XVLqywDqhFimMVsBz%2FlFOEsMvAYxtVc5TWRaJz3xcxnESA2IOa0T4hhhks%2FcOpwRDrWCQFDD6ZnGFmkFuQNwsMBweglHvtOGalksVTpcfkShdr9s68t766K3VFu%2BaYLw5vYxf8abtIiac4m9XzI%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d04e03d49aee907-MXP

GET
H3 200 f2f49a5e-567d-4dfa-8152-c28c8f60c84e.woff2
www.planusa.org//app/themes/planusa/dist/fonts/5663763/ 26 KB
27 KB 69ms
68ms Font
font/woff2 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.planusa.org//app/themes/planusa/dist/fonts/5663763/f2f49a5e-567d-4dfa-8152-c28c8f60c84e.woff2
Requested by: Host: www.planusa.org
URL: https://www.planusa.org//app/themes/planusa/dist/styles/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a96ca8021c420d64c7a5cd71509940586c77d3e129acd6e52e780033da10ef5c

Request headers

Referer: https://www.planusa.org//app/themes/planusa/dist/styles/main.css
Origin: https://www.planusa.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:34 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 269
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26980
last-modified: Thu, 06 Jan 2022 15:41:17 GMT
server: cloudflare
etag: "6964-5d4ebb378e140"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XvbjiQMXD2MKWMbvYtps2BRc1r6rOPc1nD8rYWUOplay%2FY%2F8%2BW4%2BkLMPFbClfbmuWZTXjSKb4T3Z6wcyeMlSZFhD%2BoAMyqNBNSANXKZGpIZE0%2BUivnpj4DoUXC0OJu9mA7P4PLV88brcNv%2B6y3s%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d04e03d49afe907-MXP

GET
H3 200 08b57253-2e0d-4c12-9c57-107f6c67bc49.woff2
www.planusa.org//app/themes/planusa/dist/fonts/5664093/ 28 KB
29 KB 72ms
72ms Font
font/woff2 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.planusa.org//app/themes/planusa/dist/fonts/5664093/08b57253-2e0d-4c12-9c57-107f6c67bc49.woff2
Requested by: Host: www.planusa.org
URL: https://www.planusa.org//app/themes/planusa/dist/styles/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b889c3ba20d61a1dbf81230dcb46989cb433fe33926fbc2da19db0be3279581f

Request headers

Referer: https://www.planusa.org//app/themes/planusa/dist/styles/main.css
Origin: https://www.planusa.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:34 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 269
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28856
last-modified: Thu, 06 Jan 2022 15:41:17 GMT
server: cloudflare
etag: "70b8-5d4ebb378e140"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FNVZNBUtLD6xl3O8pgC2KWug49EFxz5swanwpf8DjnABEQeS1S7iiY3tyesuMMiFw2QYjv2OOVQhjjF%2B2MZjUv%2B%2FSzLFqXo5w1eHgKRPzg9Oycw%2BJvdWqd9jN9GfK6QEb7N9u7eXGhxsZe84q3Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d04e03d49b1e907-MXP

GET
H3 200 f9c5199e-a996-4c08-9042-1eb845bb7495.woff2
www.planusa.org//app/themes/planusa/dist/fonts/5664085/ 28 KB
29 KB 75ms
75ms Font
font/woff2 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.planusa.org//app/themes/planusa/dist/fonts/5664085/f9c5199e-a996-4c08-9042-1eb845bb7495.woff2
Requested by: Host: www.planusa.org
URL: https://www.planusa.org//app/themes/planusa/dist/styles/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 272c08ccba5f883006400f7d490a1393f8114e239b97043e0d2d018a257ca368

Request headers

Referer: https://www.planusa.org//app/themes/planusa/dist/styles/main.css
Origin: https://www.planusa.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:34 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 269
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28636
last-modified: Thu, 06 Jan 2022 15:41:17 GMT
server: cloudflare
etag: "6fdc-5d4ebb378e140"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BLlN8fAGtCTRq%2BEFVOkKWY91w3kVZtr3YLcccDeD5Vq%2FKaSZrQR1Lg9rQ8gsCbFgV4ou6N4mWXIZSwmblyqaupHJKE6kHi%2FEfyGjSXm8xKDI%2BOq3nENtWDeFyK%2FBXYOlibq9W20PGzIuVMH%2Bzbs%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d04e03d49b2e907-MXP

GET
H/1.1 200
OK 0202106-BGD-53-1.jpg
planusa-org-staging.s3.amazonaws.com/public/uploads/2022/01/ 772 KB
773 KB 499ms
149ms Image
image/jpeg 52.216.207.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://planusa-org-staging.s3.amazonaws.com/public/uploads/2022/01/0202106-BGD-53-1.jpg
Requested by: Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.207.171 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 74268272e52e8c1c81d9966394f240d1c28379ac8864b74e70a0bbf4452bc2c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:36 GMT
Last-Modified: Wed, 19 Jan 2022 17:30:27 GMT
Server: AmazonS3
x-amz-request-id: SXD3S91J484C8VMM
ETag: "511a572980e3f5b29372971bbd6b734e"
Content-Type: image/jpeg
x-amz-version-id: ixOIJ8ibSjJMyHqEdRT4movG67fnXxvG
Accept-Ranges: bytes
Content-Length: 790886
x-amz-id-2: FaOYYphgXhXGd6drg4xCQuWR0YPRkgiOMkv/s9DdVHIsoBo7FQFm08vu0kJQ1ktaKwDMK4bac9s=

GET
H/1.1 200
OK MicrosoftTeams-image-2.jpg
planusa-org-staging.s3.amazonaws.com/public/uploads/2022/01/ 462 KB
462 KB 475ms
126ms Image
image/jpeg 52.216.207.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://planusa-org-staging.s3.amazonaws.com/public/uploads/2022/01/MicrosoftTeams-image-2.jpg
Requested by: Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.207.171 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: c00fa402ce3c17d2691562e19c2ad202f9b74d67f9a273a0837db4b7e4a5fa13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:36 GMT
Last-Modified: Wed, 19 Jan 2022 16:41:00 GMT
Server: AmazonS3
x-amz-request-id: SXD18JEV99CFX01V
ETag: "66190923ebd650225eb6b0faf7b07e27"
Content-Type: image/jpeg
x-amz-version-id: 4S8H80J096c1qaN8JePHSmwfj06ZfqFC
Accept-Ranges: bytes
Content-Length: 472667
x-amz-id-2: CdcT7r0TpsqPdwkoNZrfi1fGiXJWbTHyDkexPqvc8C6HPvauam9UZZrTzVP7iKV553cVwHYLEzA=

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 165 KB
61 KB 38ms
23ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P02S4VE0VS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCM2NF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fd65fb0735b703dfbf0aa574013d96df17fa1e6f9b0490224187dfb129e3c7c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:35 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62540
x-xss-protection: 0
expires: Thu, 20 Jan 2022 02:29:35 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCM2NF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5309
date: Thu, 20 Jan 2022 01:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 20 Jan 2022 03:01:06 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 36 KB
11 KB 52ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCM2NF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:34 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 01:53:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0288A030CB124BBABBB52B9FCEA8BC19 Ref B: FRAEDGE1213 Ref C: 2022-01-20T02:29:35Z
etag: "0cb09ee8e7d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10468

GET
H3

200

activityi;dc_pre=CPyGtK-kv_UCFcw14AodAQ0LOw;src=9879419;type=allpages;cat=allpa0;ord=7879693603391;gtm=2wg1c0;auiddc=1825221735.1642645775;u7=%2Fblog%2Ftop-10-blog-posts-of-2021%2F;ps=1;~oref=https... Show response
9879419.fls.doubleclick.net/ Frame 662E
Redirect Chain

https://9879419.fls.doubleclick.net/activityi;src=9879419;type=allpages;cat=allpa0;ord=7879693603391;gtm=2wg1c0;auiddc=1825221735.1642645775;u7=%2Fblog%2Ftop-10-blog-posts-of-2021%2F;ps=1;~oref=htt...
https://9879419.fls.doubleclick.net/activityi;dc_pre=CPyGtK-kv_UCFcw14AodAQ0LOw;src=9879419;type=allpages;cat=allpa0;ord=7879693603391;gtm=2wg1c0;auiddc=1825221735.1642645775;u7=%2Fblog%2Ftop-10-bl...

571 B
441 B

51ms
30ms

Document
text/html

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9879419.fls.doubleclick.net/activityi;dc_pre=CPyGtK-kv_UCFcw14AodAQ0LOw;src=9879419;type=allpages;cat=allpa0;ord=7879693603391;gtm=2wg1c0;auiddc=1825221735.1642645775;u7=%2Fblog%2Ftop-10-blog-posts-of-2021%2F;ps=1;~oref=https%3A%2F%2Fwww.planusa.org%2Fblog%2Ftop-10-blog-posts-of-2021%2F%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCM2NF

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

5dd97c4cf618116a04c7ca06deb2dc63f15dd980e4ceb6de7ac25e51db77e74d

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jan 2022 02:29:35 GMT
expires: Thu, 20 Jan 2022 02:29:35 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 416
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jan 2022 02:29:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9879419.fls.doubleclick.net/activityi;dc_pre=CPyGtK-kv_UCFcw14AodAQ0LOw;src=9879419;type=allpages;cat=allpa0;ord=7879693603391;gtm=2wg1c0;auiddc=1825221735.1642645775;u7=%2Fblog%2Ftop-10-blog-posts-of-2021%2F;ps=1;~oref=https%3A%2F%2Fwww.planusa.org%2Fblog%2Ftop-10-blog-posts-of-2021%2F%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 22ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

16c13044cedc5c7482ad7db51913c164ffabc787ec5b6b0246acfec84cd6d01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26187
x-xss-protection: 0
pragma: public
x-fb-debug: 2VWeoZNbQajhBUX6iPTBlgd8qfXX0oikLDv4T4e4aB9txBdSKK/C80U+BDq+yeO6HbRGdC9ldmtxQhpM71mvYw==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Thu, 20 Jan 2022 02:29:35 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 btp.js Show response
www.rtb123.com/tags/F252B1AF-720F-7E91-A7FC-2C1CC8587E1A/ 6 KB
2 KB 348ms
112ms Script
application/javascript 67.225.220.126
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rtb123.com/tags/F252B1AF-720F-7E91-A7FC-2C1CC8587E1A/btp.js
Requested by: Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.225.220.126 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.rtb123.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6ff81a1d1383d77bf6e6c307a02105b2b7f0dedcade233d203e6f8975266043d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Thu, 20 Jan 2022 02:29:35 GMT
content-encoding: gzip
last-modified: Tue, 30 Mar 2021 16:45:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "07b5a78425d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2072

GET
H2 200 / Show response
2e07d875b89549cf92917817c484f293.js.ubembed.com/ 8 KB
2 KB 63ms
21ms Script
application/json 151.101.65.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://2e07d875b89549cf92917817c484f293.js.ubembed.com/
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCM2NF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a187aae0b7f37cbca641fd2a627c8b6cf926828f7bdb6460d33e3f5ddf6a4e3b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:35 GMT
content-encoding: br
x-backend-region: eu_west_1
age: 516
etag: 3e9e5442845c7891f3ef36de2739ce13-v0.179.1
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
x-amz-cf-pop: MXP64-C2
accept-ranges: none
x-amz-apigw-id: MOQJyGfMDoEF27A=

GET
H2 200 sdk.js Show response
analytics.tiktok.com/i18n/pixel/ 120 KB
35 KB 211ms
146ms Script
application/javascript 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BV3UQRTD82FVM3BE8BI0
Requested by: Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 02b1d98819b55a56dc97a22a2c9e6e2a2a67c765e62afcd8f4945f6f96e0cfe1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id: 96d89f6.481f1237
date: Thu, 20 Jan 2022 02:29:35 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a72-247-190-61.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
upstream-caught: 1642645775339687
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 107,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=128, origin; dur=2, inner; dur=0
content-length: 35032
pragma: no-cache
server: nginx
x-tt-logid: 2022012002293501011313523325F0DEB2
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 2,72.247.190.61
x-tt-trace-host: 01560c7709e24fd19d65c59ef8100461f5ff5f7247e519d197d1c7eaba1aae4d02feaaa42e4ba5dc352b1869edf845c82dac22aa9c801b701187e5a79ef2b70406695d4573ffbc69ff0d9f97e0a608d535f0635f621408c3930e575076a45e79505720dd83e428f6924be7ef7f927a27d1
expires: Thu, 20 Jan 2022 02:29:35 GMT

GET
H2 200 sdk.js Show response
analytics.tiktok.com/i18n/pixel/ 120 KB
35 KB 231ms
167ms Script
application/javascript 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BV40RRID4EIVEV2ITOB0
Requested by: Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c69b2064a720570d3f0fee1f024367c3393d1303989b1c629a611f12cab9c6d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id: 9846c14.481f1239
date: Thu, 20 Jan 2022 02:29:35 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-221-225-70.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
upstream-caught: 1642645775340741
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 107,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=123, origin; dur=6, inner; dur=1
content-length: 35024
pragma: no-cache
server: nginx
x-tt-logid: 2022012002293501011300620900F10359
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.221.225.70
x-tt-trace-host: 01560c7709e24fd19d65c59ef8100461f5f130d2210f28d404b9f58c10e6d4b2047e54724329c915c74da3e548b39ef4031ef7ec19261bbea1d72d708a49614181b6b66c929354fdfbdabed2f792e3f8fcd2cf6f71c9e1a1dbd96961ba98208938cb12fe0b1e84f346db2e52f96776703f
expires: Thu, 20 Jan 2022 02:29:35 GMT

GET
H2 200 activityi;register_conversion=1;src=9879419;type=allpages;cat=allpa0;ord=7879693603391;gtm=2wg1c0;auiddc=1825221735.1642645775;u7=%2Fblog%2Ftop-10-blog-posts-of-2021%2F;ps=1;~oref=https%3A%2F%2Fwww...
9879419.fls.doubleclick.net/ 0
0 37ms
17ms Image
text/html 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9879419.fls.doubleclick.net/activityi;register_conversion=1;src=9879419;type=allpages;cat=allpa0;ord=7879693603391;gtm=2wg1c0;auiddc=1825221735.1642645775;u7=%2Fblog%2Ftop-10-blog-posts-of-2021%2F;ps=1;~oref=https%3A%2F%2Fwww.planusa.org%2Fblog%2Ftop-10-blog-posts-of-2021%2F%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField?
Requested by: Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 jquery.min.js Show response
www.planusa.org/wp/wp-includes/js/jquery/ 87 KB
32 KB 28ms
28ms Script
application/javascript 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.planusa.org/wp/wp-includes/js/jquery/jquery.min.js
Requested by: Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:35 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 270
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 10 Nov 2021 17:15:10 GMT
server: cloudflare
etag: W/"15db1-5d0725e454380-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ox0cRkk6GQZ2nMvlg4OFhoMU%2BO8SoQ9oDTR6LeJq%2Bow0ibq4%2FQYbRGq05raXoaJpv6BjJ0oMlBsuiTMTKyD9A05Bky6G0wtdVfwnkYd3N5RwuFc440T5xl%2F1cP6KI5G7vm%2BElH4UzCSmayGfIcw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6d04e03f3a40e907-MXP

GET
H3 200 jquery-migrate.min.js Show response
www.planusa.org/wp/wp-includes/js/jquery/ 11 KB
5 KB 27ms
26ms Script
application/javascript 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.planusa.org/wp/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:35 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 270
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 10 Nov 2021 17:15:10 GMT
server: cloudflare
etag: W/"2bd8-5d0725e454380-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lje65MrbNHG%2BUqxi%2B6lsJHtArNFID88S01uG7RqhIAhSJ7PMi4CZKwYlBqnNJxErnVbJibIDJDjPIiYMGRsfGet4QOKkBPTSa209FBLmiibPoAJC%2FNCVoWTvO2gmK4CQdaU0uhKVb5PJ6tJhxjo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6d04e03f3a42e907-MXP

GET
H3 200 plan-contact-form.js Show response
www.planusa.org//app/plugins/plan-contact-forms/ 2 KB
1 KB 32ms
31ms Script
application/javascript 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.planusa.org//app/plugins/plan-contact-forms/plan-contact-form.js
Requested by: Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dd5b33af440ffa40f58cdafd7da626e38baa7dcbf5a0ef72c163d0938114bd9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:35 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 270
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Jan 2022 15:39:14 GMT
server: cloudflare
etag: W/"8cf-5d4ebac240c80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BXCv3brQ1I0NdHnvrdR5AFoeDI9EUNUsriLTVkB0jFRRT2DoYgpXJy0pmptdulATHkHr9334Y8M7a%2BTEMVIHwGVnJzaTWxwxcVXi9ovqHm5urKH3%2FxFHxwwfWpDVyiMoSZxzRAb2rsTViSfmsoU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6d04e03f3a43e907-MXP

GET
H3 200 regenerator-runtime.min.js Show response
www.planusa.org/wp/wp-includes/js/dist/vendor/ 6 KB
3 KB 34ms
33ms Script
application/javascript 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.planusa.org/wp/wp-includes/js/dist/vendor/regenerator-runtime.min.js
Requested by: Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:35 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 270
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 10 Nov 2021 17:15:10 GMT
server: cloudflare
etag: W/"1906-5d0725e454380-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9jy%2FeoFc2xJ4W%2FUu%2F8JuvvXf9T7TruXNEoEMTBqMK7nas3irfg8xIB8uQs84lcIhqdvcCKoAdzKprg6%2BoiKNI9v9stJ4n4CNG3ycFGknjkW%2FyuI%2BxN8YN8dmU1ZMoNkMpvpuJZ9OIlK4vmPxO%2BA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6d04e03f3a44e907-MXP

GET
H3 200 wp-polyfill.min.js Show response
www.planusa.org/wp/wp-includes/js/dist/vendor/ 16 KB
7 KB 33ms
32ms Script
application/javascript 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.planusa.org/wp/wp-includes/js/dist/vendor/wp-polyfill.min.js
Requested by: Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:35 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 270
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 10 Nov 2021 17:15:10 GMT
server: cloudflare
etag: W/"4056-5d0725e454380-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G2YlMUDLpaF9KcLUZmV6%2F9fAajYbVZlyfMYzOMlNZf%2F8t2Iu5Ji5%2Brw81zSCguAab2HlS4PLNZvyj%2F2R3k1uaUZmLYDpdqHyPNDxX65b0RlZx%2BArAAc928uqXbYc48s1V9JwExr87h90TOJe5aI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6d04e03f3a46e907-MXP

GET
H3 200 hooks.min.js Show response
www.planusa.org/wp/wp-includes/js/dist/ 5 KB
2 KB 25ms
23ms Script
application/javascript 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.planusa.org/wp/wp-includes/js/dist/hooks.min.js
Requested by: Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:35 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 270
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 10 Nov 2021 17:15:10 GMT
server: cloudflare
etag: W/"1540-5d0725e454380-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=97CIh2A3QpVGsBtLo6mKvmWJfiBjOR7hj%2BEV9Off4q0Nt55wtPPUj4cEt%2B0O8rRMJJlk%2F9P%2BLZGxKZvfZuxqOIamY6BJBLDdu463fvMtlcxk0qEJVJxiijmEmDRpqOsOX7dQhXXdTrJ2DXCtRGU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6d04e03f3a47e907-MXP

GET
H3 200 i18n.min.js Show response
www.planusa.org/wp/wp-includes/js/dist/ 10 KB
4 KB 26ms
25ms Script
application/javascript 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.planusa.org/wp/wp-includes/js/dist/i18n.min.js
Requested by: Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dceda745a0fb58233a95eff6d10796026df6792cb960cdf675eb7b8a6750a2d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:35 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 270
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 10 Nov 2021 17:15:10 GMT
server: cloudflare
etag: W/"268a-5d0725e454380-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EVz2FtufAyR4inKKRyvDBLZjtFeWGMitNYzxwSgjXeoOX0Gfijos6kRSyoKf0BvFtiIsiGEp9mkjM2ti8Ckk0TlhShn2KzwhFA3FcRQwSUQgtrWnMSV4hwhsagSa6U9Onc3755TnJ0lNqE567hM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6d04e03f3a48e907-MXP

GET
H3 200 lodash.min.js Show response
www.planusa.org/wp/wp-includes/js/dist/vendor/ 71 KB
27 KB 33ms
31ms Script
application/javascript 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.planusa.org/wp/wp-includes/js/dist/vendor/lodash.min.js
Requested by: Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9705dfc47c0763380d851ab1801be6f76019f6b67e40e9b873f8b4a0603f7a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:35 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 270
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 10 Nov 2021 17:15:10 GMT
server: cloudflare
etag: W/"11d37-5d0725e454380-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rc1mAE9Bm0nfETNQ7CvOUDu4xpVuCil1diLXV3rjZHEjKoaxxSoARl2XiWtoqRQsq0lIh0dVRWefUtc6k8cYmzEilK4ldtD%2BaP8YDCBwonkjtO6lRJZzppg2PjtVOz8pkpyQJR4RAswY%2Fq%2Fev7Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6d04e03f3a49e907-MXP

GET
H3 200 url.min.js Show response
www.planusa.org/wp/wp-includes/js/dist/ 5 KB
2 KB 31ms
30ms Script
application/javascript 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.planusa.org/wp/wp-includes/js/dist/url.min.js
Requested by: Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 661ef2a25c5ddbb64b8819ebe4a078fa23e8eae9676f567e4138448ae685893f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:35 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 270
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 10 Nov 2021 17:15:10 GMT
server: cloudflare
etag: W/"138a-5d0725e454380-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CuMHmZkrBPJ3rPdN3KGLoHRPza8GfT9ZIqlR2YBrgXN0r2voc4wg9eVK3zv6O6uPZjSrExBnZebarbKDEomt%2B2AjJO0pVtWuLp5DmkdSe2Ss20ld%2FSwASiBlQSD8pIjJdnsETI6v4TfXnkO9Ov0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6d04e03f3a4ae907-MXP

GET
H3 200 api-fetch.min.js Show response
www.planusa.org/wp/wp-includes/js/dist/ 6 KB
3 KB 29ms
27ms Script
application/javascript 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.planusa.org/wp/wp-includes/js/dist/api-fetch.min.js
Requested by: Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dc89846fca2c8051e0c805735e48d3b31f23359dbd47f6b9c47b6ae41969236

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:35 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 270
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 10 Nov 2021 17:15:10 GMT
server: cloudflare
etag: W/"167c-5d0725e454380-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B7tKIgyZv1TVXRK8Lq7sz3zuUsWnvtN3cjmTHbYpLfvCj5orQPu4f8Jh8CCIt548XgBqXgt8H5GAraTY%2Fsf1n6sSRu%2B5inXs4vDBXdB9r6tXtg88P2gr%2BBjUg0qplwTPEujDk3hZAQSQkMUx5k0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6d04e03f3a4be907-MXP

GET
H3 200 index.js Show response
www.planusa.org//app/plugins/contact-form-7/includes/js/ 11 KB
4 KB 29ms
28ms Script
application/javascript 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.planusa.org//app/plugins/contact-form-7/includes/js/index.js
Requested by: Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccff49c86ee1937dd371734a05307e1abc057b3c255587ed918e47b1cf728d93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:35 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 270
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Jan 2022 15:39:14 GMT
server: cloudflare
etag: W/"2ac2-5d4ebac240c80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8I9bEfP1YFe2Ih4cWW7v2tj%2B9qaPKCoV63Hvh4vqKaaU8z2DssyU7sMWI9wts23YOYrt0VVBuT5PAe8%2FgehBvyEfYBq9HyAzWNWDzQH08putRvqplr1mfe3bhM5afnVbOHlP9MQ7NR24qenNg6s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6d04e03f3a4ce907-MXP

GET
H3 200 mtiFontTrackingCode.js Show response
www.planusa.org//app/themes/planusa/dist/scripts/ 2 KB
1 KB 31ms
30ms Script
application/javascript 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.planusa.org//app/themes/planusa/dist/scripts/mtiFontTrackingCode.js
Requested by: Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cef54b115861c341cbaf1ac0baa3bfc74d72e4154ea41815b88d81284a31b47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:35 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 270
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Jan 2022 15:41:17 GMT
server: cloudflare
etag: W/"6b5-5d4ebb378e140-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rzFXcoUfgNAuuo2l%2BNe1IpZb6rMGK1Y8yTaAHn%2BRtsJylH1VE%2BeM8UmS8N3XMuEPRZ9%2BKfUA75WGu%2FCnmqRsmmJRjra6wv6eVdd5hcW4ByGJYS2sMN461lnlNyqLltCnRqxxt%2B%2FFA1jNqdkbTfk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6d04e03f3a4de907-MXP

GET
H3 200 main.js Show response
www.planusa.org//app/themes/planusa/dist/scripts/ 2 MB
510 KB 41ms
40ms Script
application/javascript 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.planusa.org//app/themes/planusa/dist/scripts/main.js
Requested by: Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f60b7b366414177e5dd1097793aa4da5271bdd44388758781a33e9c25c87a48f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:35 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 270
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Jan 2022 15:41:17 GMT
server: cloudflare
etag: W/"1ce538-5d4ebb378e140-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bt2XRbhtoYG04IawIz07QL%2ByjgJZeT0VT6p3ilm%2Fk3SIPz09n%2BZef%2FC7kc2bf5LBo8ivV8AM7cT%2BaTIo%2FBnsaPtSPixoyaUIm70ugtQR2632jvyV5es3mNkWk%2BdLnOr9RCUaoRhSmwBxfL3i6sI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6d04e03f3a4ee907-MXP

GET
H3

200

aos.js Show response
cdn.jsdelivr.net/gh/michalsnik/aos@2.1.1/dist/
Redirect Chain

https://cdn.rawgit.com/michalsnik/aos/2.1.1/dist/aos.js
https://cdn.jsdelivr.net/gh/michalsnik/aos@2.1.1/dist/aos.js

12 KB
5 KB

49ms
27ms

Script
application/javascript

2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/michalsnik/aos@2.1.1/dist/aos.js

Requested by

Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField

Protocol

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fc3dc353e44ae364d1dc0ebf2b40e1118ca7b7c45c43b02844b6d57fe458bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7450926
x-jsd-version: 2.1.1
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19165-FRA, cache-mxp6961-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"309e-cpJskiPcspL2Qdrb/E/HvSfUzYw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6d04e0402fa7d600-MXP

Redirect headers

date: Thu, 20 Jan 2022 02:29:35 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 756
age: 71369
access-control-expose-headers: *
x-cache: MISS, HIT
cdn-cachedat: 01/20/2022 03:29:35
cdn-pullzone: 201235
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 94
server: BunnyCDN-DE1-756
x-served-by: cache-fra19177-FRA, cache-pwk4941-PWK
access-control-allow-origin: *
cdn-proxyver: 1.02
cdn-requestpullcode: 301
location: https://cdn.jsdelivr.net/gh/michalsnik/aos@2.1.1/dist/aos.js
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
cdn-cache: EXPIRED
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=2592000
cdn-requestid: 4829b116b5f163675d75cb837ad4b92b
timing-allow-origin: *
cdn-requestcountrycode: GB
cdn-status: 301
cdn-requestpullsuccess: True

GET
H2 200 loader.js Show response
static.olark.com/jsclient/ 9 KB
3 KB 43ms
14ms Script
application/javascript 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olark.com/jsclient/loader.js
Requested by: Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6772) /
Resource Hash: afd2d099307fc78c161dc1574920c7268ad8c0e8b6a896f58dae6b61d48c5a9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:35 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 19:22:52 GMT
server: ECS (frb/6772)
age: 7652
etag: W/"61ba408c-2227"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 3120
via: 1.1 google
expires: Thu, 20 Jan 2022 05:29:35 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 137 KB
45 KB 36ms
21ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-5V4F57R&t=gtm4&cid=1575607743.1642645775

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ffc637f1526ddd711276344f97fe80ecbd74e0c3dac6e1c9dea86dfd5cf5cb02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:35 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46457
x-xss-protection: 0
expires: Thu, 20 Jan 2022 02:29:35 GMT

GET
H3 200 1673850439538622 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 35ms
17ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1673850439538622?v=2.9.49&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

05e7a6adde929e7d731550f9d3d957b6754e7a2bf2fb475794a6e5f74f6f61e9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 88962
x-xss-protection: 0
pragma: public
x-fb-debug: nsqNNYbhNeFwvVKROtGex4H6DFfPU+5XQ3ECdQGMckjEAZOujtJw5BmD+fMWB6moRDMOjXxrGzb9Cgu3/PcGYw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 20 Jan 2022 02:29:35 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 25ms
25ms Ping
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-P02S4VE0VS&gtm=2oe1c0&_p=52083696&sr=1600x1200&ul=en-us&cid=1575607743.1642645775&_s=1&dl=https%3A%2F%2Fwww.planusa.org%2Fblog%2Ftop-10-blog-posts-of-2021%2F%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField&dt=Top%20stories%20of%202021%20Plan%20USA%20supporters%20loved%20most%20%7C%20Plan%20USA&sid=1642645775&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P02S4VE0VS&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.planusa.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 02:29:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.planusa.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1.css
fast.fonts.net/lt/ 0
604 B 70ms
36ms Stylesheet
text/css 2606:4700::6811:e04e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/lt/1.css?apiType=css&c=ea6359fa-853e-4937-aed5-a11449a9b2d1&fontids=5658415,5663763,5664085,5664089,5664093,5664098,5664111,5664150
Requested by: Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e04e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:35 GMT
cf-cache-status: HIT
age: 40009
cf-ray: 6d04e04039a95a25-MXP
content-length: 0
x-amz-id-2: V4xHz4Hf7voguO868VCBNxfXYbvKfV/wCLLLcOtPdOL1z1OdvGrUmMIVbhYGWM/glFWoTU6GzuU=
last-modified: Tue, 23 Mar 2021 12:59:56 GMT
server: cloudflare
etag: "d41d8cd98f00b204e9800998ecf8427e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: DS0BYZFHZJ9DD6KD
cache-control: public, max-age=0, s-maxage=604800
accept-ranges: bytes
content-type: text/css; charset=utf-8
x-amz-meta-mtime: 1361983047

GET
H2 200 28082325.js Show response
bat.bing.com/p/action/ 684 B
737 B 163ms
163ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/28082325.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f405d0985e656ec2876e3122b7c27a17b047660f9b303245a928c973acb12b4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 02:29:34 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C02CFC282F564493ADDAC6FEF2311318 Ref B: FRAEDGE1213 Ref C: 2022-01-20T02:29:35Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store,no-cache
content-length: 586

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.179.1/ 173 KB
47 KB 32ms
11ms Script
application/javascript 108.157.4.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.179.1/bundle.js
Requested by: Host: 2e07d875b89549cf92917817c484f293.js.ubembed.com
URL: https://2e07d875b89549cf92917817c484f293.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b1ccb8141195307117c737c7f49f99de131fb55290a5f4c1431cc74ca93119dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 19:44:05 GMT
content-encoding: gzip
last-modified: Fri, 30 Jul 2021 19:19:04 GMT
server: AmazonS3
age: 1233931
etag: W/"4d21402425377bf4a0f3a4f7ab8db2ad"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: e55i_9qP94PoQ1ess-1A_DiOxV5lJyToXXfV36xJ_lGcqUGFKScq6A==

GET
H2 200 dc_pre=CPyGtK-kv_UCFcw14AodAQ0LOw;src=9879419;type=allpages;cat=allpa0;ord=7879693603391;gtm=2wg1c0;auiddc=*;u7=%2Fblog%2Ftop-10-blog-posts-of-2021%2F;ps=1;~oref=https%3A%2F%2Fwww.planusa.org%2Fblo...
adservice.google.com/ddm/fls/z/ Frame 662E 42 B
494 B 100ms
78ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPyGtK-kv_UCFcw14AodAQ0LOw;src=9879419;type=allpages;cat=allpa0;ord=7879693603391;gtm=2wg1c0;auiddc=*;u7=%2Fblog%2Ftop-10-blog-posts-of-2021%2F;ps=1;~oref=https%3A%2F%2Fwww.planusa.org%2Fblog%2Ftop-10-blog-posts-of-2021%2F%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField

Requested by

Host: 9879419.fls.doubleclick.net
URL: https://9879419.fls.doubleclick.net/activityi;dc_pre=CPyGtK-kv_UCFcw14AodAQ0LOw;src=9879419;type=allpages;cat=allpa0;ord=7879693603391;gtm=2wg1c0;auiddc=1825221735.1642645775;u7=%2Fblog%2Ftop-10-blog-posts-of-2021%2F;ps=1;~oref=https%3A%2F%2Fwww.planusa.org%2Fblog%2Ftop-10-blog-posts-of-2021%2F%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9879419.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 02:29:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 23ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1673850439538622&ev=PageView&dl=https%3A%2F%2Fwww.planusa.org%2Fblog%2Ftop-10-blog-posts-of-2021%2F%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField&rl=&if=false&ts=1642645775451&sw=1600&sh=1200&v=2.9.49&r=stable&ec=0&o=30&fbp=fb.1.1642645775450.1310870666&it=1642645775269&coo=false&exp=p1&rqm=GET

Requested by

Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:35 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Thu, 20 Jan 2022 02:29:35 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=52083696&t=pageview&_s=1&dl=https%3A%2F%2Fwww.planusa.org%2Fblog%2Ftop-10-blog-posts-of-2021%2F%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField&ul=en-us&de=UTF-8&dt=Top%20stories%20of%202021%20Plan%20USA%20supporters%20loved%20most%20%7C%20Plan%20USA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAAEADQAAAAC~&jid=1211878469&gjid=1315526800&cid=1575607743.1642645775&tid=UA-634112-1&_gid=652525568.1642645775&_r=1&gtm=2wg1c0NCM2NF&z=911977151

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.planusa.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 02:29:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.planusa.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 app.js Show response
static.olark.com/jsclient/ Frame 2FD7 55 KB
18 KB 6ms
6ms Script
application/javascript 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olark.com/jsclient/app.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6762) /
Resource Hash: 506e190d894a15318bb3f0c60d700a21432f0e57275b9c3d8c44ef45f31b6674

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:35 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 19:23:06 GMT
server: ECS (frb/6762)
age: 7898
etag: W/"61ba409a-dae7"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 18597
via: 1.1 google
expires: Thu, 20 Jan 2022 05:29:35 GMT

GET
H3 200 show Show response
www.planusa.org/cart/ 34 B
557 B 804ms
803ms Fetch
application/json 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.planusa.org/cart/show
Requested by: Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0824e35cfc0209edf067d13c8776eefdb291ec4381ba18ffc7754bec8ed22197

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:36 GMT
via: 1.1 vegur
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6d04e040cac9e907-MXP
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sMKQ4q7SeP3dcxZJUpeda9p6i9zca7pCwAZ%2B%2Bn0iWAh1xRLg9aXhVuapYsvSs9oNiM%2Fvck%2B2UjRToTe6ecYoD4MF%2BAXRJHdfivHVOky3fMB1Vz%2F1SuJKQ%2FC2zZm0usV9mNS4ka5YJ9toedyffWk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 0
bat.bing.com/action/ 0
149 B 29ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=28082325&tm=gtm002&Ver=2&mid=4ce50dd7-7f6b-4f30-831f-01c9d097dbe6&sid=cee66700799811ec9bb9030c5122e5a1&vid=cee66f70799811ecbb3497b104f6944f&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Top%20stories%20of%202021%20Plan%20USA%20supporters%20loved%20most%20%7C%20Plan%20USA&p=https%3A%2F%2Fwww.planusa.org%2Fblog%2Ftop-10-blog-posts-of-2021%2F%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField&r=&lt=2575&evt=pageLoad&msclkid=N&sv=1&rn=22101
Requested by: Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 02:29:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1008D0A74D704ECE938B0E202563ECCA Ref B: FRAEDGE1213 Ref C: 2022-01-20T02:29:35Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 38 KB
15 KB 49ms
27ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCM2NF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

0ce5d039d3e58fc10808f0695156d2bd99daae7791d26cc5dfc569154b5e0b22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14846
x-xss-protection: 0
server: cafe
etag: 1633785920527017951
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 20 Jan 2022 02:29:35 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 32ms
10ms Script
application/x-javascript 108.157.1.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.1.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 19 Jan 2022 16:07:50 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 81159
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-P2
X-Amz-Cf-Id: 7VkkdXQ9CKps8VLRuAV0IvXBIWdfSK5cfj4mMzeRZAzExcScithEug==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 59ms
20ms XHR
text/plain 2a00:1450:400c:c0a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-634112-1&cid=1575607743.1642645775&jid=1211878469&gjid=1315526800&_gid=652525568.1642645775&_u=aHDAAEACQAAAAC~&z=258795538

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.planusa.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 20 Jan 2022 02:29:35 GMT
content-type: text/plain
access-control-allow-origin: https://www.planusa.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=52083696&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.planusa.org%2Fblog%2Ftop-10-blog-posts-of-2021%2F%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField&ul=en-us&de=UTF-8&dt=Top%20stories%20of%202021%20Plan%20USA%20supporters%20loved%20most%20%7C%20Plan%20USA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Google%20Optimize&ea=yqsK9vY5Qu-VypNcHgng5Q&_u=aHDAAEADQAAAAC~&jid=&gjid=&cid=1575607743.1642645775&tid=UA-634112-1&_gid=652525568.1642645775&gtm=2wg1c0NCM2NF&z=798679334

Requested by

Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jan 2022 21:10:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19166
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 146ms
146ms Script
application/javascript 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BV3UQRTD82FVM3BE8BI0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id: 9bb8a6d.481f12e1
date: Thu, 20 Jan 2022 02:29:35 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a72-247-190-102.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
upstream-caught: 1642645775663634
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 90,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=2, inner; dur=1
pragma: no-cache
server: nginx
x-tt-logid: 2022012002293501011300615120F792EE
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 2,72.247.190.102
x-tt-trace-host: 01560c7709e24fd19d65c59ef8100461f5ff5f7247e519d197d1c7eaba1aae4d0203be84a5bf99a5d3363cb363de9494a656496c267e005b03506a3cfde9627f9e2d5f75989ef971d37d976fbcf108808f0063c86fe98a9c390c2052315f3f1127ad8460bc4e5f58dd67d9e6630d300281
expires: Thu, 20 Jan 2022 02:29:35 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 58 KB
20 KB 131ms
131ms Script
application/javascript 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=BV3UQRTD82FVM3BE8BI0&hostname=www.planusa.org
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BV3UQRTD82FVM3BE8BI0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 765878db2008fd3751bb16c1189a6fbc4e72631a7b63e11729c2a75c386a63e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id: 29365cd2.481f12f9
date: Thu, 20 Jan 2022 02:29:35 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-221-225-86.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
upstream-caught: 1642645775700924
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 91,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=82, origin; dur=9, inner; dur=1
pragma: no-cache
server: nginx
x-tt-logid: 2022012002293501011300622114F53E56
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 9,23.221.225.86
x-tt-trace-host: 01560c7709e24fd19d65c59ef8100461f5f130d2210f28d404b9f58c10e6d4b2047b9be4df08a69852ad3abbbf83a664c0c38b402c6b035ada8c8895fadd4ab4a12bee0b0f1222469384233d5d9178ccfe5150df03242db099de50c4e91c79d8baef6e72d5ec1fbf9b153bea3ee9a836b6
expires: Thu, 20 Jan 2022 02:29:35 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 717 B
1 KB 116ms
116ms Script
application/javascript 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=BV40RRID4EIVEV2ITOB0&hostname=www.planusa.org
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BV3UQRTD82FVM3BE8BI0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d401f2661f8fa38103e44cc57c2cf846a2f36d3e5aecdc537d0b4caa0ba54a74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id: 4b46ea42.481f130e
date: Thu, 20 Jan 2022 02:29:35 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a72-247-190-52.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
upstream-caught: 1642645775716969
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 90,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=2, inner; dur=1
content-length: 321
pragma: no-cache
server: nginx
x-tt-logid: 202201200229350101130061600BF7A8D1
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 2,72.247.190.52
x-tt-trace-host: 01560c7709e24fd19d65c59ef8100461f5ff5f7247e519d197d1c7eaba1aae4d02c00f8cb5373c760404a2f71f01fb514fe32a2e8a1a25d13a031a61d66f4a1f23acc2b9c7b4ddad0c3360e07e1120729771e043f37dd3a9a6d06e3e6769a9bf0e4fbc6c80815033b0e394c8997674a22a
expires: Thu, 20 Jan 2022 02:29:35 GMT

GET
H2 200 2290-981-10-8705.js Show response
static.olark.com/a/assets/v0/site/ Frame 2FD7 29 KB
29 KB 7ms
6ms Script
application/javascript 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olark.com/a/assets/v0/site/2290-981-10-8705.js?cb=1642645775671
Requested by: Host: static.olark.com
URL: https://static.olark.com/jsclient/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67AA) /
Resource Hash: aa2158402694428e731f92f3cc9f9a467dc2745c68bba3c57c31a571f804c2f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:35 GMT
via: 1.1 google
last-modified: Tue, 18 Jan 2022 16:50:42 GMT
server: ECS (frb/67AA)
age: 121134
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 29933

GET
H2 200 clarity.js Show response
h.clarity.ms/s/0.6.31/ 52 KB
23 KB 304ms
99ms Script
application/javascript 52.224.31.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://h.clarity.ms/s/0.6.31/clarity.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/28082325.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:35 GMT
content-encoding: br
etag: "1d7ffcbff747e00"
last-modified: Sun, 02 Jan 2022 11:29:26 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=362031EC7C3B47BCA85A203DFA137A7A&RedC=c.clarity.ms&MXFR=044FD0A5E77E6D9F35FAC197E37E63EB
https://c.clarity.ms/c.gif?CtsSyncId=362031EC7C3B47BCA85A203DFA137A7A&MUID=2B247F05AF496A0B08DB6E37AE9B6B72

42 B
367 B

29ms
28ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=362031EC7C3B47BCA85A203DFA137A7A&MUID=2B247F05AF496A0B08DB6E37AE9B6B72
Requested by: Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 02:29:34 GMT
last-modified: Wed, 12 Jan 2022 02:05:35 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "9ea1ae3587d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 20 Jan 2022 02:29:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 400CD76868EC4BB4854F4A97F7952611 Ref B: FRAEDGE1213 Ref C: 2022-01-20T02:29:35Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=362031EC7C3B47BCA85A203DFA137A7A&MUID=2B247F05AF496A0B08DB6E37AE9B6B72
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 65ms
36ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-634112-1&cid=1575607743.1642645775&jid=1211878469&_u=aHDAAEACQAAAAC~&z=1852492126

Requested by

Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 02:29:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 69ms
41ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-634112-1&cid=1575607743.1642645775&jid=1211878469&_u=aHDAAEACQAAAAC~&z=1852492126

Requested by

Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 02:29:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-608274385

Requested by

Host: www.rtb123.com
URL: https://www.rtb123.com/tags/F252B1AF-720F-7E91-A7FC-2C1CC8587E1A/btp.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

308b306104af9314fbf15b32e8c45c8e73455b88285b97a6a9d1b0ac11544043

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39732
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 00:28:58 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 20 Jan 2022 02:29:35 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-608274385&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCM2NF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ed6cf0d5c1eaabc74cc8dafb3cfe75c289ee7c7322935f414ede415017b41598

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39744
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 00:28:58 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 20 Jan 2022 02:29:35 GMT

GET
H2 200 cybba_latest.min.js Show response
d2rp1k1dldbai6.cloudfront.net/ 75 KB
20 KB 30ms
9ms Script
application/javascript 2600:9000:2156:a200:d:87ae:bb80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2rp1k1dldbai6.cloudfront.net/cybba_latest.min.js
Requested by: Host: www.rtb123.com
URL: https://www.rtb123.com/tags/F252B1AF-720F-7E91-A7FC-2C1CC8587E1A/btp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:a200:d:87ae:bb80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0faa231d2e1618d382b7e2eeed4244ebad6f9c78df86e153b90e6e20d218bfce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 22:51:10 GMT
content-encoding: gzip
last-modified: Tue, 21 Sep 2021 13:53:05 GMT
server: AmazonS3
age: 85327
etag: W/"9e33abcb83f5793fa610130e97588252"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: KMaeXNu-91GatHFggzfl_mqe568tfIi5VKf_9ebQpRlCBYryL3dzUg==

GET
H2 200 loader.min.js Show response
files1.cybba.solutions/planusa.org/ 76 KB
24 KB 31ms
11ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://files1.cybba.solutions/planusa.org/loader.min.js
Requested by: Host: www.rtb123.com
URL: https://www.rtb123.com/tags/F252B1AF-720F-7E91-A7FC-2C1CC8587E1A/btp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 018e10d24baee1ca267c9c1bfc2a2dece02f242bc95f43ebac90c280a4ceee31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:35 GMT
content-encoding: br
cdn-edgestorageid: 756
cdn-cachedat: 01/12/2022 11:53:04
cdn-pullzone: 116099
cdn-requestpullsuccess: True
server: BunnyCDN-DE1-756
last-modified: Wed, 28 Jul 2021 20:12:40 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"6101ba38-13013"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: a080e070-2552-4896-b206-e42f1464eeab
cache-control: public, max-age=1800
cdn-requestid: fe50e71c3e31deb2379b3cbf22b2977a
cdn-requestcountrycode: GB
cdn-status: 200
expires: Wed, 12 Jan 2022 11:23:04 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=20952558&t=2
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D20952558%26t%3D2

43 B
1 KB

21ms
20ms

Image
image/gif

185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D20952558%26t%3D2

Requested by

Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField

Protocol

HTTP/1.1

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 02:29:35 GMT
X-Proxy-Origin: 217.138.194.163; 217.138.194.163; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 958e16ab-ce5d-45ff-9d04-10aa1fd356ff
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 02:29:35 GMT
X-Proxy-Origin: 217.138.194.163; 217.138.194.163; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d66ed258-83c4-4ac4-b600-49fde41c4cf0
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D20952558%26t%3D2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1222827&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1222827%26t%3D2

43 B
1 KB

21ms
21ms

Image
image/gif

185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1222827%26t%3D2

Requested by

Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField

Protocol

HTTP/1.1

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 02:29:35 GMT
X-Proxy-Origin: 217.138.194.163; 217.138.194.163; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 4d2dac91-da9d-44b2-ba12-7ddd7a2c6718
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 02:29:35 GMT
X-Proxy-Origin: 217.138.194.163; 217.138.194.163; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 07887967-c676-434f-8eec-708ad4db51fd
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1222827%26t%3D2
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1072188440/ 3 KB
1 KB 71ms
29ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1072188440/?random=1642645775682&cv=9&fst=1642645775682&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1c0&sendb=1&ig=1&data=dynx_pagetype%3Dother%3Bdynx_totalvalue%3D0&frm=0&url=https%3A%2F%2Fwww.planusa.org%2Fblog%2Ftop-10-blog-posts-of-2021%2F%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField&tiba=Top%20stories%20of%202021%20Plan%20USA%20supporters%20loved%20most%20%7C%20Plan%20USA&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04b88b9dc84067d936d565d88473e4612303d3023d59c2ca150b136ba88ad277

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 02:29:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1144
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 c Show response
knrpc.olark.com/nrpc/ Frame 2FD7 894 B
1 KB 146ms
124ms XHR
text/javascript 34.96.127.16
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://knrpc.olark.com/nrpc/c?c=create&s=2290-981-10-8705&v=J9JIeDSAhGFdHWpQ588Ba0P4jkobZR7F&i=vYuKUwlZbFowntws588Ba0PFaRb67ako&g=ALL&q=precache06679168838891882&j=o0&version=loader-precache&xhttp=1&u=https%3A%2F%2Fwww.planusa.org%2Fblog%2Ftop-10-blog-posts-of-2021%2F%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField&r=&ca=false&ru=false
Requested by: Host: static.olark.com
URL: https://static.olark.com/jsclient/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.127.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 16.127.96.34.bc.googleusercontent.com
Software: TwistedWeb/21.2.0 /
Resource Hash: c319470ca1ba816989b48367b5c6ec57ea13fcfd625e49147f5f92c666a89078

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 02:29:35 GMT
via: 1.1 google
last-modified: Thu, 20 Jan 2022 02:29:35 UTC
server: TwistedWeb/21.2.0
x-rpc: nrpc-http-6556d69b75-js56v
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
content-disposition: inline; filename="rpc.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 application2.js Show response
static.olark.com/jsclient-bucket5/ Frame 2FD7 1 MB
309 KB 11ms
11ms Script
application/javascript 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olark.com/jsclient-bucket5/application2.js?v=1639596023950
Requested by: Host: static.olark.com
URL: https://static.olark.com/jsclient/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668C) /
Resource Hash: a9cf578656c6c3d88130bc3b64768066d27712b0f54a5a0d834c4fc1902e69ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:35 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 19:23:00 GMT
server: ECS (frb/668C)
age: 7478
etag: W/"61ba4094-11e9d5"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 315904
via: 1.1 google
expires: Thu, 20 Jan 2022 05:29:35 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/608274385/ 3 KB
2 KB 49ms
22ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/608274385/?random=1642645775717&cv=9&fst=1642645775717&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1c0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.planusa.org%2Fblog%2Ftop-10-blog-posts-of-2021%2F%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField&tiba=Top%20stories%20of%202021%20Plan%20USA%20supporters%20loved%20most%20%7C%20Plan%20USA&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6fe03bd80a5ec7b07403816680ab85822f55f4682799ae8fbb4b0fac385ff611

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 02:29:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1136
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK user Show response
app.cybba.solutions/ 143 B
453 B 301ms
99ms Script
text/javascript 138.197.61.175
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cybba.solutions/user?callback=_vtsdk.User.callbackUser&shopId=1477&email=null&_ts=90407408

Requested by

Host: files1.cybba.solutions
URL: https://files1.cybba.solutions/planusa.org/loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

138.197.61.175 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx, nginx /

Resource Hash

600c460d44327df1577aa8f7af39a15be833170d402b07d5da38fcaf6be05db7

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:35 GMT
Server: nginx, nginx
X-Frame-Options: deny
Connection: close
Content-Type: text/javascript;
Cache-Control: no-cache
Strict-Transport-Security: max-age=3600
X-Robots-Tag: noindex
Content-Length: 143
Expires: Thu, 20 Jan 2022 02:29:34 GMT

GET
H/1.1 200
OK / Show response
pro.ip-api.com/json/ 282 B
438 B 58ms
10ms XHR
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json/?key=X8nNh9l0HcVYntp
Requested by: Host: files1.cybba.solutions
URL: https://files1.cybba.solutions/planusa.org/loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: c5a36455dcb27b63d3d7c11a0a99174cde76752ba3a02dbda446f52e9030a783

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 20 Jan 2022 02:29:35 GMT
Content-Length: 282
Content-Type: application/json; charset=utf-8

GET
H3 200 /
www.google.com/pagead/1p-user-list/608274385/ 42 B
64 B 41ms
24ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/608274385/?random=1642645775717&cv=9&fst=1642644000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1c0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.planusa.org%2Fblog%2Ftop-10-blog-posts-of-2021%2F%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField&tiba=Top%20stories%20of%202021%20Plan%20USA%20supporters%20loved%20most%20%7C%20Plan%20USA&async=1&fmt=3&is_vtc=1&random=955173919&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 02:29:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/608274385/ 42 B
64 B 63ms
46ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/608274385/?random=1642645775717&cv=9&fst=1642644000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1c0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.planusa.org%2Fblog%2Ftop-10-blog-posts-of-2021%2F%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField&tiba=Top%20stories%20of%202021%20Plan%20USA%20supporters%20loved%20most%20%7C%20Plan%20USA&async=1&fmt=3&is_vtc=1&random=955173919&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 02:29:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1072188440/ 42 B
64 B 42ms
25ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1072188440/?random=1642645775682&cv=9&fst=1642644000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1c0&sendb=1&data=dynx_pagetype%3Dother%3Bdynx_totalvalue%3D0&frm=0&url=https%3A%2F%2Fwww.planusa.org%2Fblog%2Ftop-10-blog-posts-of-2021%2F%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField&tiba=Top%20stories%20of%202021%20Plan%20USA%20supporters%20loved%20most%20%7C%20Plan%20USA&async=1&fmt=3&is_vtc=1&random=553786854&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 02:29:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1072188440/ 42 B
64 B 46ms
30ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1072188440/?random=1642645775682&cv=9&fst=1642644000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1c0&sendb=1&data=dynx_pagetype%3Dother%3Bdynx_totalvalue%3D0&frm=0&url=https%3A%2F%2Fwww.planusa.org%2Fblog%2Ftop-10-blog-posts-of-2021%2F%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField&tiba=Top%20stories%20of%202021%20Plan%20USA%20supporters%20loved%20most%20%7C%20Plan%20USA&async=1&fmt=3&is_vtc=1&random=553786854&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 02:29:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
709 B 116ms
116ms Ping
application/octet-stream 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BV3UQRTD82FVM3BE8BI0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.planusa.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 5297ee9.481f1359
date: Thu, 20 Jan 2022 02:29:35 GMT
x-cache-remote: TCP_MISS from a72-247-190-76.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-parent-response-time: 98,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=11, inner; dur=10
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022012002293501011313522718EFC344
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 12,72.247.190.76
x-tt-trace-host: 01560c7709e24fd19d65c59ef8100461f5ff5f7247e519d197d1c7eaba1aae4d023e07c570ca835bc659dcbdf479b68b9c7773cccccad84b425ce2432890b97ef7db5385bfc1138e8fc107be5496cce71d3a551435181de3b58055a49548dbce081405828e78b3540ce2c0f2261b0d0919
expires: Thu, 20 Jan 2022 02:29:35 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
705 B 114ms
114ms Ping
application/octet-stream 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BV3UQRTD82FVM3BE8BI0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.planusa.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 48f57c2.481f135c
date: Thu, 20 Jan 2022 02:29:35 GMT
x-cache-remote: TCP_MISS from a72-247-190-92.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-parent-response-time: 96,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=9, inner; dur=8
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022012002293501011313500910F6A654
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 9,72.247.190.92
x-tt-trace-host: 01560c7709e24fd19d65c59ef8100461f5ff5f7247e519d197d1c7eaba1aae4d02e5ba342776ac4cec50b5adef8c8d0742fde12cf15172384cc76cf40e2de2dcdd6317281a92e97534b1e905b9475f3b443239516497850c5e2eef657eb5dc8c63831c1c77d21a95d54d606445bc23c045
expires: Thu, 20 Jan 2022 02:29:35 GMT

GET
H2 200 storage.html Show response
static.olark.com/jsclient-bucket5/ Frame C8EA 180 B
255 B 7ms
6ms Document
text/html 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olark.com/jsclient-bucket5/storage.html?v=1639596023950
Requested by: Host: static.olark.com
URL: https://static.olark.com/jsclient-bucket5/application2.js?v=1639596023950
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6772) /
Resource Hash: 17e9588688a15c515b224e4c7633242f64a364e515df9f365f9f923f7bd5c1c8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/

Response headers

content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 7633
cache-control: max-age=10800
content-type: text/html; charset=utf-8
date: Thu, 20 Jan 2022 02:29:35 GMT
etag: "61ba4095-b4"
expires: Thu, 20 Jan 2022 05:29:35 GMT
last-modified: Wed, 15 Dec 2021 19:23:01 GMT
server: ECS (frb/6772)
vary: Accept-Encoding
via: 1.1 google
x-cache: HIT
content-length: 156

GET
H2 200 storage.js Show response
static.olark.com/jsclient-bucket5/ Frame C8EA 87 KB
28 KB 14ms
14ms Script
application/javascript 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olark.com/jsclient-bucket5/storage.js?v=1639596023950
Requested by: Host: static.olark.com
URL: https://static.olark.com/jsclient-bucket5/storage.html?v=1639596023950
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6712) /
Resource Hash: caa53054dc12f4194410b03956c943038cfc7963c54b95c2fcab47f2aecb6111

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.olark.com/jsclient-bucket5/storage.html?v=1639596023950
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:35 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 19:22:48 GMT
server: ECS (frb/6712)
age: 2103
etag: "61ba4088-15d17"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 28656
via: 1.1 google
expires: Thu, 20 Jan 2022 05:29:35 GMT

GET
H2 200 visits Show response
api.olark.com/2.0/sites/2290-981-10-8705/ Frame 2FD7 112 B
419 B 135ms
118ms Script
application/javascript 34.96.127.16
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.olark.com/2.0/sites/2290-981-10-8705/visits?_callback=_olark_callback_db9107ce_3959_468c_b8f5_e72156d0004c&_method=POST&_data=%7B%22conversation_id%22%3A%22vYuKUwlZbFowntws588Ba0PFaRb67ako%22%2C%22cache%22%3A%220.9093786797072048%22%7D
Requested by: Host: static.olark.com
URL: https://static.olark.com/jsclient-bucket5/application2.js?v=1639596023950
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.127.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 16.127.96.34.bc.googleusercontent.com
Software: NotARealServer/1.33.7 /
Resource Hash: 0be156ca7ebf37a8e6fb241a724d5cdd34b5ae2413a872d86e4dd69380d2d57b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:35 GMT
via: 1.1 google
server: NotARealServer/1.33.7
access-control-allow-headers: X-Access-Token, X-CSRF-Token, Content-Type, Authorization
access-control-max-age: 432000
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH
content-type: application/javascript
access-control-allow-origin: *
content-disposition: inline; filename="api.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 206 olark-chimes.ogg
static.olark.com/jsclient/sounds/ Frame 2FD7 11 KB
11 KB 7ms
7ms Media
audio/ogg 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olark.com/jsclient/sounds/olark-chimes.ogg
Requested by: Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6731) /
Resource Hash: b1fa55944d393c97b9d9c938e639e532e95ccb046440b9adfffca4e1b0a2bcae

Request headers

Referer: https://www.planusa.org/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 20 Jan 2022 02:29:35 GMT
via: 1.1 google
last-modified: Wed, 15 Dec 2021 19:22:52 GMT
server: ECS (frb/6731)
age: 7803
etag: "61ba408c-2a35"
x-cache: HIT
content-type: audio/ogg
access-control-allow-origin: *
cache-control: max-age=10800
Content-Range: bytes 0-10804/10805
accept-ranges: bytes
Content-Length: 10805
expires: Thu, 20 Jan 2022 05:29:35 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame B6B0 0
18 B 16ms
7ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.planusa.org
URL: https://www.planusa.org/blog/top-10-blog-posts-of-2021/?utm_source=mc&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.planusa.org
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.planusa.org
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Thu, 20 Jan 2022 02:29:35 GMT

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 38 KB
15 KB 35ms
17ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCM2NF

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

0ce5d039d3e58fc10808f0695156d2bd99daae7791d26cc5dfc569154b5e0b22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14846
x-xss-protection: 0
server: cafe
etag: 1633785920527017951
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 20 Jan 2022 02:29:36 GMT

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 243A 0
182 B 99ms
29ms Document
text/html 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=2mlbed5&ref=https%3A%2F%2Fwww.planusa.org%2Fblog%2Ftop-10-blog-posts-of-2021%2F%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField&upid=3gs34vr&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/

Response headers

date: Thu, 20 Jan 2022 02:29:36 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame FC7D 0
181 B 95ms
30ms Document
text/html 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=4toff13&ref=https%3A%2F%2Fwww.planusa.org%2Fblog%2Ftop-10-blog-posts-of-2021%2F%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField&upid=16dhzbf&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/

Response headers

date: Thu, 20 Jan 2022 02:29:36 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1042929713/ 3 KB
1 KB 40ms
25ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1042929713/?random=1642645776159&cv=9&fst=1642645776159&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1c0&sendb=1&ig=1&data=dynx_pagetype%3Dother&frm=0&url=https%3A%2F%2Fwww.planusa.org%2Fblog%2Ftop-10-blog-posts-of-2021%2F%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField&tiba=Top%20stories%20of%202021%20Plan%20USA%20supporters%20loved%20most%20%7C%20Plan%20USA&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9a41297d54edc6479deabdbc001e4ec29674fe0c9803250dfff8cc2e475ae19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 02:29:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1130
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
h.clarity.ms/ 0
70 B 286ms
285ms XHR
text/plain 52.224.31.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://h.clarity.ms/collect
Requested by: Host: h.clarity.ms
URL: https://h.clarity.ms/s/0.6.31/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.planusa.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://www.planusa.org
date: Thu, 20 Jan 2022 02:29:35 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H3 200 /
www.google.com/pagead/1p-user-list/1042929713/ 42 B
64 B 18ms
17ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1042929713/?random=1642645776159&cv=9&fst=1642644000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1c0&sendb=1&data=dynx_pagetype%3Dother&frm=0&url=https%3A%2F%2Fwww.planusa.org%2Fblog%2Ftop-10-blog-posts-of-2021%2F%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField&tiba=Top%20stories%20of%202021%20Plan%20USA%20supporters%20loved%20most%20%7C%20Plan%20USA&async=1&fmt=3&is_vtc=1&random=1256548478&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 02:29:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1042929713/ 42 B
64 B 18ms
18ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1042929713/?random=1642645776159&cv=9&fst=1642644000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1c0&sendb=1&data=dynx_pagetype%3Dother&frm=0&url=https%3A%2F%2Fwww.planusa.org%2Fblog%2Ftop-10-blog-posts-of-2021%2F%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField&tiba=Top%20stories%20of%202021%20Plan%20USA%20supporters%20loved%20most%20%7C%20Plan%20USA&async=1&fmt=3&is_vtc=1&random=1256548478&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 02:29:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK update Show response
app.cybba.solutions/event/1477/ 200 B
510 B 299ms
103ms Script
text/javascript 138.197.61.175
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cybba.solutions/event/1477/update?data=%7B%22userId%22%3A%227805111629957999%22%2C%22sessionId%22%3A%22213833562995713566%22%2C%22type%22%3A%22update%22%2C%22lastVisitDate%22%3A1642645775727%2C%22device%22%3A%22desktop%22%7D&callback=_vtsdk.eventApi.callbackEvent&_ts=9704305

Requested by

Host: files1.cybba.solutions
URL: https://files1.cybba.solutions/planusa.org/loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

138.197.61.175 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx, nginx /

Resource Hash

b962853583f969c08ea233a9e2e222552d677a24fee7723f81631c7c599e130c

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:36 GMT
Server: nginx, nginx
X-Frame-Options: deny
Connection: close
Content-Type: text/javascript;
Cache-Control: no-cache
Strict-Transport-Security: max-age=3600
X-Robots-Tag: noindex
Content-Length: 200
Expires: Thu, 20 Jan 2022 02:29:35 GMT

GET
H2 200 theme.css
static.olark.com/jsclient/styles/cryptic-capybara/ 165 KB
19 KB 13ms
12ms Stylesheet
text/css 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olark.com/jsclient/styles/cryptic-capybara/theme.css
Requested by: Host: static.olark.com
URL: https://static.olark.com/jsclient-bucket5/application2.js?v=1639596023950
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C1) /
Resource Hash: 252c73425a721718d649ac01db44e5d9834a4d4dd9316608cb4e3303b75eca77

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:36 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 19:22:52 GMT
server: ECS (frb/67C1)
age: 5474
etag: "61ba408c-294a5"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 19753
via: 1.1 google
expires: Thu, 20 Jan 2022 05:29:36 GMT

GET
H2 200 log.png
log.olark.com/jslog/ 2 B
75 B 118ms
117ms Image
text/plain 34.96.127.16
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.olark.com/jslog/log.png?version=-bucket5&location=https%3A%2F%2Fwww.planusa.org%2Fblog%2Ftop-10-blog-posts-of-&message=%23chatbox-size-md%20%23using_theme.cryptic_capybara%20%23using_theme%20&tabname=oktab1998573054160233&conversation_id=vYuKUwlZbFowntws588Ba0PFaRb67ako&visitor_id=J9JIeDSAhGFdHWpQ588Ba0P4jkobZR7F&site_id=2290-981-10-8705&bucket=bucket5&level=count&timestamp=1642645776402&properties=%7B%7D&recent_logs=%5B%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.127.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 16.127.96.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:36 GMT
via: 1.1 google
server: nginx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain

GET
H/1.1 200
OK plan-usa-favicon.jpg
planusa-org-staging.s3.amazonaws.com/public/uploads/2021/05/ Frame 2FD7 0
565 B 424ms
122ms Image
application/octet-stream 52.216.207.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://planusa-org-staging.s3.amazonaws.com/public/uploads/2021/05/plan-usa-favicon.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.207.171 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.planusa.org/
Origin: https://www.planusa.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:37 GMT
Last-Modified: Wed, 15 Dec 2021 16:36:11 GMT
Server: AmazonS3
x-amz-request-id: 281QBV0JWK5D8Q8C
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
x-amz-version-id: hfPaN2q0R1r5bzxKXYqr8Ob6CzT_9S2v
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Type: application/octet-stream
Content-Length: 0
x-amz-id-2: 6qpD7JACi/KvHsq62OcF8SmQUus+TnhmSa92K2uUO/avuPAKz7sgkbsvriNXecyDrW7lQ3YdsJA=

GET
H2 200 noto-sans-v11-latin-700.woff2
static.olark.com/jsclient/fonts/ 16 KB
16 KB 31ms
7ms Font
application/octet-stream 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olark.com/jsclient/fonts/noto-sans-v11-latin-700.woff2
Requested by: Host: static.olark.com
URL: https://static.olark.com/jsclient/styles/cryptic-capybara/theme.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669E) /
Resource Hash: 8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5

Request headers

Referer: https://static.olark.com/jsclient/styles/cryptic-capybara/theme.css
Origin: https://www.planusa.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:36 GMT
via: 1.1 google
last-modified: Wed, 15 Dec 2021 19:23:06 GMT
server: ECS (frb/669E)
age: 7884
etag: "61ba409a-3f34"
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 16180
expires: Thu, 20 Jan 2022 05:29:36 GMT

GET
H2 200 noto-sans-v11-latin-regular.woff2
static.olark.com/jsclient/fonts/ 16 KB
16 KB 32ms
8ms Font
application/octet-stream 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olark.com/jsclient/fonts/noto-sans-v11-latin-regular.woff2
Requested by: Host: static.olark.com
URL: https://static.olark.com/jsclient/styles/cryptic-capybara/theme.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/675D) /
Resource Hash: 4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec

Request headers

Referer: https://static.olark.com/jsclient/styles/cryptic-capybara/theme.css
Origin: https://www.planusa.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:36 GMT
via: 1.1 google
last-modified: Wed, 15 Dec 2021 19:22:52 GMT
server: ECS (frb/675D)
age: 7864
etag: "61ba408c-3eb8"
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 16056
expires: Thu, 20 Jan 2022 05:29:36 GMT

GET
H/1.1 200
OK referer Show response
app.cybba.solutions/event/1477/ 200 B
510 B 289ms
101ms Script
text/javascript 138.197.61.175
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cybba.solutions/event/1477/referer?data=%7B%22userId%22%3A%227805111629957999%22%2C%22sessionId%22%3A%22213833562995713566%22%2C%22type%22%3A%22referer%22%2C%22domain%22%3A%22%22%2C%22url%22%3A%22%22%2C%22utm_source%22%3A%22mc%22%2C%22utm_term%22%3Anull%2C%22utm_campaign%22%3A%22Notes%22%2C%22utm_content%22%3A%22NotesFromTheField%22%2C%22utm_medium%22%3A%22email%22%2C%22device%22%3A%22desktop%22%7D&callback=_vtsdk.eventApi.callbackEvent&_ts=96097233

Requested by

Host: files1.cybba.solutions
URL: https://files1.cybba.solutions/planusa.org/loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

138.197.61.175 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx, nginx /

Resource Hash

b962853583f969c08ea233a9e2e222552d677a24fee7723f81631c7c599e130c

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:36 GMT
Server: nginx, nginx
X-Frame-Options: deny
Connection: close
Content-Type: text/javascript;
Cache-Control: no-cache
Strict-Transport-Security: max-age=3600
X-Robots-Tag: noindex
Content-Length: 200
Expires: Thu, 20 Jan 2022 02:29:35 GMT

GET
H/1.1 200
OK getuidj Show response
ib.adnxs.com/ 29 B
866 B 30ms
11ms Fetch
application/json 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: d2rp1k1dldbai6.cloudfront.net
URL: https://d2rp1k1dldbai6.cloudfront.net/cybba_latest.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0f0e54eab2d2e673f1cb146b88a58f2427c742e55614e9d60f24c9aced3507f0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 02:29:37 GMT
X-Proxy-Origin: 217.138.194.163; 217.138.194.163; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 421c48bd-1461-4589-a4d8-c6dcf1dadf77
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.planusa.org
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 29
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 collect Show response
h.clarity.ms/ 0
48 B 94ms
94ms XHR
text/plain 52.224.31.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://h.clarity.ms/collect
Requested by: Host: h.clarity.ms
URL: https://h.clarity.ms/s/0.6.31/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.planusa.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://www.planusa.org
date: Thu, 20 Jan 2022 02:29:36 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H/1.1 200
OK generic Show response
app.cybba.solutions/event/1477/ 200 B
510 B 294ms
105ms Script
text/javascript 138.197.61.175
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cybba.solutions/event/1477/generic?data=%7B%22userId%22%3A%227805111629957999%22%2C%22sessionId%22%3A%22213833562995713566%22%2C%22type%22%3A%22generic%22%2C%22generic%22%3A%7B%22event_name%22%3A%22zandruid%22%2C%22itemId%22%3A%223892153630265236405%22%7D%2C%22device%22%3A%22desktop%22%7D&callback=_vtsdk.eventApi.callbackEvent&_ts=77692761

Requested by

Host: files1.cybba.solutions
URL: https://files1.cybba.solutions/planusa.org/loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

138.197.61.175 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx, nginx /

Resource Hash

b962853583f969c08ea233a9e2e222552d677a24fee7723f81631c7c599e130c

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:37 GMT
Server: nginx, nginx
X-Frame-Options: deny
Connection: close
Content-Type: text/javascript;
Cache-Control: no-cache
Strict-Transport-Security: max-age=3600
X-Robots-Tag: noindex
Content-Length: 200
Expires: Thu, 20 Jan 2022 02:29:36 GMT

GET
H/1.1 200
OK pageview Show response
app.cybba.solutions/event/1477/ 200 B
510 B 335ms
118ms Script
text/javascript 138.197.61.175
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cybba.solutions/event/1477/pageview?data=%7B%22userId%22%3A%227805111629957999%22%2C%22sessionId%22%3A%22213833562995713566%22%2C%22type%22%3A%22pageview%22%2C%22url%22%3A%22https%3A%2F%2Fwww.planusa.org%2Fblog%2Ftop-10-blog-posts-of-2021%2F%3Futm_source%3Dmc%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField%22%2C%22generic%22%3A%7B%22itemId%22%3A%22DE%7CHesse%22%7D%2C%22device%22%3A%22desktop%22%7D&callback=_vtsdk.eventApi.callbackEvent&_ts=10896768

Requested by

Host: files1.cybba.solutions
URL: https://files1.cybba.solutions/planusa.org/loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

138.197.61.175 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx, nginx /

Resource Hash

b962853583f969c08ea233a9e2e222552d677a24fee7723f81631c7c599e130c

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:38 GMT
Server: nginx, nginx
X-Frame-Options: deny
Connection: close
Content-Type: text/javascript;
Cache-Control: no-cache
Strict-Transport-Security: max-age=3600
X-Robots-Tag: noindex
Content-Length: 200
Expires: Thu, 20 Jan 2022 02:29:37 GMT

Verdicts & Comments Add Verdict or Comment

228 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.planusa.org/	1969-12-31 23:59:59	Name: SSESS1e7120dc8ecb1446093041828d8955a5 Value: d5od3freh6het6c9o7fnh82frgcur1kp
.planusa.org/	1970-01-20 02:27:01	Name: _gcl_au Value: 1.1.1825221735.1642645775
www.planusa.org/	1970-01-20 00:27:30	Name: fpmxUTM Value: %7B%22utm_campaign%22%3A%22Notes%22%2C%22utm_content%22%3A%22NotesFromTheField%22%2C%22utm_keyword%22%3Anull%2C%22utm_medium%22%3A%22email%22%2C%22utm_source%22%3A%22mc%22%7D
.planusa.org/	1970-01-20 00:18:52	Name: _gid Value: GA1.2.652525568.1642645775
.bing.com/	1970-01-20 09:39:01	Name: MUID Value: 2B247F05AF496A0B08DB6E37AE9B6B72
.planusa.org/	1970-01-20 17:48:37	Name: _ga_P02S4VE0VS Value: GS1.1.1642645775.1.0.1642645775.0
.doubleclick.net/	1970-01-20 09:39:01	Name: IDE Value: AHWqTUm6rn1y-LomTcmykNROktjbW9lMoXbBj1pCekEYmlpYayGGqekblgp210gkLPY
.fonts.net/	1970-01-20 00:17:27	Name: __cf_bm Value: 5ouueHoQpy3bufTcBgL2hyCQAQBreUf_6_AFu69uoXs-1642645775-0-AQW4Y8VOJUA0iax9SgO508O6a54FkPqfs20YNFCic8TCrulIpDEzxpQ88J+0DfIKgRWL9+6Hqbu6spc2G9OMkRE=
.planusa.org/	1970-01-20 02:27:01	Name: _fbp Value: fb.1.1642645775450.1310870666
.planusa.org/	1970-01-20 17:48:37	Name: _ga Value: GA1.2.1575607743.1642645775
.planusa.org/	1970-01-20 00:17:25	Name: _gat_UA-634112-1 Value: 1
.facebook.com/	1970-01-20 02:27:01	Name: fr Value: 0KrJGodknCJfDl72K..Bh6MkP...1.0.Bh6MkP.
.planusa.org/	1970-01-20 00:18:52	Name: _uetsid Value: cee66700799811ec9bb9030c5122e5a1
.planusa.org/	1970-01-20 09:39:01	Name: _uetvid Value: cee66f70799811ecbb3497b104f6944f
www.planusa.org/	1969-12-31 23:59:59	Name: wcsid Value: vYuKUwlZbFowntws588Ba0PFaRb67ako
www.planusa.org/	1970-01-20 17:48:37	Name: hblid Value: J9JIeDSAhGFdHWpQ588Ba0P4jkobZR7F
www.planusa.org/	1969-12-31 23:59:59	Name: _oklv Value: 1642645775687%2CvYuKUwlZbFowntws588Ba0PFaRb67ako
.www.planusa.org/	1969-12-31 23:59:59	Name: _vt_shop Value: 1477
.adnxs.com/	1970-01-20 02:27:01	Name: uuid2 Value: 3892153630265236405
www.planusa.org/	1969-12-31 23:59:59	Name: _okdetect Value: %7B%22token%22%3A%2216426457757870%22%2C%22proto%22%3A%22about%3A%22%2C%22host%22%3A%22%22%7D
.adnxs.com/	1970-01-20 02:27:01	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2C$Ufl%.V!]tbP6j2F-XstGt!@D>G$W`:A
.c.bing.com/	1970-01-20 09:39:01	Name: SRM_B Value: 2B247F05AF496A0B08DB6E37AE9B6B72
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 09:39:01	Name: MUID Value: 2B247F05AF496A0B08DB6E37AE9B6B72
.c.clarity.ms/	1970-01-20 00:17:26	Name: ANONCHK Value: 0
www.planusa.org/	1970-01-20 17:48:37	Name: olfsk Value: olfsk19430309423038739
www.planusa.org/	1969-12-31 23:59:59	Name: _okbk Value: cd4%3Dtrue%2Cvi5%3D0%2Cvi4%3D1642645775901%2Cvi3%3Dactive%2Cvi2%3Dfalse%2Cvi1%3Dfalse%2Ccd8%3Dchat%2Ccd6%3D0%2Ccd5%3Daway%2Ccd3%3Dfalse%2Ccd2%3D0%2Ccd1%3D0%2C
www.planusa.org/	1969-12-31 23:59:59	Name: _ok Value: 2290-981-10-8705
.www.planusa.org/	1970-01-20 09:03:01	Name: _vt_user Value: 7805111629957999_213833562995713566_false_false
.planusa.org/	1970-01-20 09:03:01	Name: _clck Value: 1jmdkjg\|1\|eya\|0
.planusa.org/	1970-01-20 00:18:52	Name: _clsk Value: lujq2o\|1642645776489\|1\|1\|h.clarity.ms/collect
.planusa.org/	1970-01-20 00:18:08	Name: CYB_ID Value: 7805111629957999
.planusa.org/	1970-01-20 00:17:33	Name: c_64ei Value: ZmFsc2U=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2e07d875b89549cf92917817c484f293.js.ubembed.com
9879419.fls.doubleclick.net
adservice.google.com
analytics.tiktok.com
api.olark.com
app.cybba.solutions
assets.ubembed.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
cdn.rawgit.com
click.email.planusa.org
connect.facebook.net
d2rp1k1dldbai6.cloudfront.net
fast.fonts.net
files1.cybba.solutions
fonts.googleapis.com
googleads.g.doubleclick.net
h.clarity.ms
ib.adnxs.com
insight.adsrvr.org
js.adsrvr.org
knrpc.olark.com
log.olark.com
planusa-org-staging.s3.amazonaws.com
pro.ip-api.com
secure.adnxs.com
static.olark.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.planusa.org
www.rtb123.com
108.157.1.118
108.157.4.69
13.111.18.12
138.197.61.175
142.250.185.230
142.250.74.194
151.101.65.131
185.33.221.15
2.16.186.242
2600:9000:2156:a200:d:87ae:bb80:21
2606:4700:3037::6815:4da4
2606:4700::6810:5914
2606:4700::6811:e04e
2620:1ec:c11::200
2a00:1450:4001:803::2004
2a00:1450:4001:80e::2003
2a00:1450:4001:811::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:400c:c0a::9a
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.33.220.150
34.96.127.16
37.252.173.22
51.77.64.70
52.142.114.2
52.216.207.171
52.224.31.34
67.225.220.126
89.187.169.47
93.184.220.42
018e10d24baee1ca267c9c1bfc2a2dece02f242bc95f43ebac90c280a4ceee31
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02b1d98819b55a56dc97a22a2c9e6e2a2a67c765e62afcd8f4945f6f96e0cfe1
04b88b9dc84067d936d565d88473e4612303d3023d59c2ca150b136ba88ad277
04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
05e7a6adde929e7d731550f9d3d957b6754e7a2bf2fb475794a6e5f74f6f61e9
0824e35cfc0209edf067d13c8776eefdb291ec4381ba18ffc7754bec8ed22197
0be156ca7ebf37a8e6fb241a724d5cdd34b5ae2413a872d86e4dd69380d2d57b
0ca2a81a98d38979cbeebf9c79e0b16e16a38790d2760dc866646f3e603aeb6b
0ce5d039d3e58fc10808f0695156d2bd99daae7791d26cc5dfc569154b5e0b22
0e7cf9a9f7bb1bbb6e732a1541b1d0f26f46cfda65e2098c2b2085e8ae1ccf52
0f0e54eab2d2e673f1cb146b88a58f2427c742e55614e9d60f24c9aced3507f0
0faa231d2e1618d382b7e2eeed4244ebad6f9c78df86e153b90e6e20d218bfce
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
16c13044cedc5c7482ad7db51913c164ffabc787ec5b6b0246acfec84cd6d01b
17e9588688a15c515b224e4c7633242f64a364e515df9f365f9f923f7bd5c1c8
252c73425a721718d649ac01db44e5d9834a4d4dd9316608cb4e3303b75eca77
272c08ccba5f883006400f7d490a1393f8114e239b97043e0d2d018a257ca368
284401fd9cc6074e6211119acdfbb4abb56b1d4c0be4323ccce1d6f6da7642ea
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
308b306104af9314fbf15b32e8c45c8e73455b88285b97a6a9d1b0ac11544043
36aa72c2e9a35811b1021156761155c5093b3b01abc1f411f155d4a8d16c9497
488f0037e7d36e54fa24655cd5294b223ac6444638065d5fb8a883c78ef4042a
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4f60551109a5502a1fb601b2b16872fef5232e7f92bac1c3b779a75e819d3f16
4fc3dc353e44ae364d1dc0ebf2b40e1118ca7b7c45c43b02844b6d57fe458bda
506e190d894a15318bb3f0c60d700a21432f0e57275b9c3d8c44ef45f31b6674
5dc89846fca2c8051e0c805735e48d3b31f23359dbd47f6b9c47b6ae41969236
5dd97c4cf618116a04c7ca06deb2dc63f15dd980e4ceb6de7ac25e51db77e74d
600c460d44327df1577aa8f7af39a15be833170d402b07d5da38fcaf6be05db7
661ef2a25c5ddbb64b8819ebe4a078fa23e8eae9676f567e4138448ae685893f
6934bf0c9473cac4af9fe31a48aa89cbf12b77423974582b6b7cbeb6bd3b565c
6cef54b115861c341cbaf1ac0baa3bfc74d72e4154ea41815b88d81284a31b47
6fe03bd80a5ec7b07403816680ab85822f55f4682799ae8fbb4b0fac385ff611
6ff81a1d1383d77bf6e6c307a02105b2b7f0dedcade233d203e6f8975266043d
74268272e52e8c1c81d9966394f240d1c28379ac8864b74e70a0bbf4452bc2c6
765878db2008fd3751bb16c1189a6fbc4e72631a7b63e11729c2a75c386a63e8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
857ad2091f006457a9430c0d437a96ffe6d7d7b75a2aa898a6e169d10ad4256d
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
8dd5b33af440ffa40f58cdafd7da626e38baa7dcbf5a0ef72c163d0938114bd9
98817c9af505be714bd9dd7c2ac619597eb181959f379743c01120156d591109
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a0e64e7389bf34076b914587707d7e5f2be8bbec920c24cf5387f338504b3004
a187aae0b7f37cbca641fd2a627c8b6cf926828f7bdb6460d33e3f5ddf6a4e3b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a20cd460709095cb95769f66d91eba8bbb81e61d45cd79cce981eb3a5f2a057e
a651d51f9499db4554f70fb1357cf359709c7364b76463a57285905221bca9f4
a96ca8021c420d64c7a5cd71509940586c77d3e129acd6e52e780033da10ef5c
a9705dfc47c0763380d851ab1801be6f76019f6b67e40e9b873f8b4a0603f7a9
a9cf578656c6c3d88130bc3b64768066d27712b0f54a5a0d834c4fc1902e69ba
aa2158402694428e731f92f3cc9f9a467dc2745c68bba3c57c31a571f804c2f2
afd2d099307fc78c161dc1574920c7268ad8c0e8b6a896f58dae6b61d48c5a9d
b1ccb8141195307117c737c7f49f99de131fb55290a5f4c1431cc74ca93119dc
b1fa55944d393c97b9d9c938e639e532e95ccb046440b9adfffca4e1b0a2bcae
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad
b3990a01f0ae51cf44ecddcf8bb0ec67f1f958d90c7bd209abcbd4597132ca62
b564aaa156e5e9978268e0743f12da84710f3f9ba5d6174f89cb4393bcb1af9e
b6a0bd74072c70519c01e1e224b71681e4515e1fc79d4a4c09f63060cb2f0dbd
b889c3ba20d61a1dbf81230dcb46989cb433fe33926fbc2da19db0be3279581f
b962853583f969c08ea233a9e2e222552d677a24fee7723f81631c7c599e130c
b9a41297d54edc6479deabdbc001e4ec29674fe0c9803250dfff8cc2e475ae19
bb03f58b57894b8d2c5d6dd9290672a859818c86d797741719234b300d65131c
bcff0a0ce2e020657abcc4eb811920cb99fd387a06c3548d9ec10c42e6a0fb6e
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c00fa402ce3c17d2691562e19c2ad202f9b74d67f9a273a0837db4b7e4a5fa13
c319470ca1ba816989b48367b5c6ec57ea13fcfd625e49147f5f92c666a89078
c5a36455dcb27b63d3d7c11a0a99174cde76752ba3a02dbda446f52e9030a783
c69b2064a720570d3f0fee1f024367c3393d1303989b1c629a611f12cab9c6d2
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
caa53054dc12f4194410b03956c943038cfc7963c54b95c2fcab47f2aecb6111
ccff49c86ee1937dd371734a05307e1abc057b3c255587ed918e47b1cf728d93
d01ea7db745423cfd19bc3635e91f04dc38de06dd86ec06ce77c7fe5b81418a1
d401f2661f8fa38103e44cc57c2cf846a2f36d3e5aecdc537d0b4caa0ba54a74
db0b2e67f36402964c31f7be721fb863d003ac28f335494b6c03a5d4b35328ba
dceda745a0fb58233a95eff6d10796026df6792cb960cdf675eb7b8a6750a2d2
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
ed6cf0d5c1eaabc74cc8dafb3cfe75c289ee7c7322935f414ede415017b41598
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f405d0985e656ec2876e3122b7c27a17b047660f9b303245a928c973acb12b4c
f60b7b366414177e5dd1097793aa4da5271bdd44388758781a33e9c25c87a48f
fd65fb0735b703dfbf0aa574013d96df17fa1e6f9b0490224187dfb129e3c7c4
ffc637f1526ddd711276344f97fe80ecbd74e0c3dac6e1c9dea86dfd5cf5cb02

www.planusa.org Open in urlscan Pro 2606:4700:3037::6815:4da4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

113 Requests

96 %HTTPS

44 %IPv6

25 Domains

38 Subdomains

34 IPs

6 Countries

4421 kBTransfer

10270 kBSize

33 Cookies

17 Outgoing links

Page URL History

Redirected requests

113 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.planusa.org Open in urlscan Pro
2606:4700:3037::6815:4da4 Public Scan

Screenshot
Live screenshot

Full Image

113
Requests

96 %
HTTPS

44 %
IPv6

25
Domains

38
Subdomains

34
IPs

6
Countries

4421 kB
Transfer

10270 kB
Size

33
Cookies

113 HTTP transactions
3 data transactions