oa-bsa.org Open in urlscan Pro
67.227.156.76 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://oa-bsa.org/
Effective URL:
https://oa-bsa.org/
Submission: On February 09 via api (February 9th 2024, 2:50:14 am UTC) from US — Scanned from DE

Summary HTTP 48 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 11 domains to perform 48 HTTP transactions. The main IP is 67.227.156.76, located in United States and belongs to LIQUIDWEB, US. The main domain is oa-bsa.org. The Cisco Umbrella rank of the primary domain is 460138.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 13th 2023. Valid for: a year.

This is the only time oa-bsa.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 20	67.227.156.76 67.227.156.76	32244 (LIQUIDWEB) (LIQUIDWEB)
8	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a02:26f0:350... 2a02:26f0:3500:16::215:1484	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	99.84.88.120 99.84.88.120	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:10:... 2606:4700:10::ac43:2794	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	18.66.192.117 18.66.192.117	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	146.75.122.109 146.75.122.109	54113 (FASTLY) (FASTLY)
2	99.84.88.12 99.84.88.12	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	18.66.192.46 18.66.192.46	16509 (AMAZON-02) (AMAZON-02)
1	54.229.70.208 54.229.70.208	16509 (AMAZON-02) (AMAZON-02)
48	14

20 67.227.156.76 (United States) 1 redirects

ASN32244 (LIQUIDWEB, US)
PTR: lweb4.oa-bsa.org

oa-bsa.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:3500:16::215:1484 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.88.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-120.muc50.r.cloudfront.net

js.createsend1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-117.muc50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.122.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

extend.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.88.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-12.muc50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-46.muc50.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.70.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-70-208.eu-west-1.compute.amazonaws.com

metrics.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	oa-bsa.org 1 redirects oa-bsa.org — Cisco Umbrella Rank: 460138	4 MB
8	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	231 KB
6	typekit.net use.typekit.net — Cisco Umbrella Rank: 475 p.typekit.net — Cisco Umbrella Rank: 589	71 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 695 script.hotjar.com — Cisco Umbrella Rank: 1019	61 KB
3	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 3721	28 KB
2	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2593 metrics.hotjar.io — Cisco Umbrella Rank: 7907	328 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 171	69 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	156 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	185 B
1	vimeocdn.com extend.vimeocdn.com — Cisco Umbrella Rank: 9651	6 KB
1	createsend1.com js.createsend1.com — Cisco Umbrella Rank: 27330	5 KB
48	11

	Domain	Requested by
20	oa-bsa.org	1 redirects oa-bsa.org
8	cdnjs.cloudflare.com	oa-bsa.org cdnjs.cloudflare.com
5	use.typekit.net	oa-bsa.org use.typekit.net
3	static.addtoany.com	oa-bsa.org static.addtoany.com
2	script.hotjar.com	static.hotjar.com script.hotjar.com
2	connect.facebook.net	oa-bsa.org connect.facebook.net
2	www.googletagmanager.com	oa-bsa.org www.googletagmanager.com
1	metrics.hotjar.io	static.hotjar.com
1	vc.hotjar.io	script.hotjar.com
1	www.facebook.com	oa-bsa.org
1	extend.vimeocdn.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	js.createsend1.com	oa-bsa.org
1	p.typekit.net	use.typekit.net
48	14

This site contains links to these domains. Also see Links.

Domain
noac.oa-bsa.org
tradingpost.oa-bsa.org
www.facebook.com
www.instagram.com
www.youtube.com
open.spotify.com
www.snapchat.com
committee.oa-bsa.org
lodgemaster.oa-bsa.org
www.scouting.org
www.flickr.com
vimeo.com
www.google.com

Subject Issuer	Validity	Valid
*.oa-bsa.org Sectigo RSA Domain Validation Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-01` - `2025-03-03`	a year	crt.sh
*.createsend1.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-10`	a year	crt.sh
static.addtoany.com E1	`2023-12-27` - `2024-03-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-18` - `2024-02-16`	3 months	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-11-22` - `2024-12-23`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-02-07` - `2025-03-08`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://oa-bsa.org/
Frame ID: E4681632566A78E8C2F26E87170C1BAC
Requests: 47 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.25.html
Frame ID: 75F97176A6A6AF2DD70FA62915297293
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Order of the Arrow - Boy Scouts of America

Page URL History Show full URLs

http://oa-bsa.org/ HTTP 301
https://oa-bsa.org/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

48
Requests

100 %
HTTPS

50 %
IPv6

11
Domains

14
Subdomains

14
IPs

3
Countries

4358 kB
Transfer

5493 kB
Size

5
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://noac.oa-bsa.org/
Title: NOAC 2024

Search URL Search Domain Scan URL

URL: https://tradingpost.oa-bsa.org/
Title: Trading Post

Search URL Search Domain Scan URL

URL: https://www.facebook.com/oabsa/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/oabsa/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/oabsa

Search URL Search Domain Scan URL

URL: https://open.spotify.com/show/57YZ4Fu74WkSHE5qyVkQS2

Search URL Search Domain Scan URL

URL: https://www.snapchat.com/add/oa-bsa

Search URL Search Domain Scan URL

URL: http://committee.oa-bsa.org/
Title: National Committee Portal

Search URL Search Domain Scan URL

URL: https://lodgemaster.oa-bsa.org/
Title: OA LodgeMaster

Search URL Search Domain Scan URL

URL: https://www.scouting.org/
Title: Boy Scouts of America

Search URL Search Domain Scan URL

URL: https://www.facebook.com/oabsa

Search URL Search Domain Scan URL

URL: https://www.flickr.com/photos/oabsa

Search URL Search Domain Scan URL

URL: https://vimeo.com/oabsa

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/place/1325+W+Walnut+Hill+Ln,+Irving,+TX+75038/@32.8859802,-96.9723648,17z/data=!3m1!4b1!4m5!3m4!1s0x864c29d6139029cf:0xa9e1bfcc778ce6e6!8m2!3d32.8859802!4d-96.9701761
Title: Order of the Arrow, S325 1325 West Walnut Hill Lane P.O. Box 152079 Irving, TX 75015-2079

Search URL Search Domain Scan URL

URL: https://www.scouting.org/legal/terms-and-conditions/
Title: Terms

Search URL Search Domain Scan URL

URL: https://www.scouting.org/legal/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://oa-bsa.org/ HTTP 301
https://oa-bsa.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
oa-bsa.org/
Redirect Chain

http://oa-bsa.org/
https://oa-bsa.org/

33 KB
11 KB

391ms
133ms

Document
text/html

67.227.156.76
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://oa-bsa.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

67.227.156.76 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

lweb4.oa-bsa.org

Software

Apache /

Resource Hash

b84bca124733d746ecffae48c9bcd3d4f576c5d80c3de3de4cdd989fa88da114

Security Headers

Name	Value
Content-Security-Policy	default-src https: http://history.oa-bsa.org data: 'unsafe-inline' 'unsafe-eval' placehold.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' .oa-bsa.org www.google-analytics.com www.googletagmanager.com .hotjar.com .hotjar.io .vimeo.com .vimeocdn.com use.typekit.com www.google.com use.typekit.net code.jquery.com stackpath.bootstrapcdn.com www.gstatic.com cdn.knightlab.com cdnjs.cloudflare.com static.addtoany.com api.instagram.com ajax.googleapis.com maps.googleapis.com connect.facebook.net platform.twitter.com cdn.jsdelivr.net .createsend1.com; style-src 'self' 'unsafe-inline' .oa-bsa.org fonts.googleapis.com cdn.knightlab.com stackpath.bootstrapcdn.com use.typekit.net p.typekit.net cdnjs.cloudflare.com; connect-src 'self' http://api.oa-bsa.org api.oa-bsa.org www.google-analytics.com .hotjar.com .hotjar.io wss://.hotjar.com use.typekit.com www.google.com use.typekit.net performance.typekit.net www.gstatic.com cdnjs.cloudflare.com static.addtoany.com www.instagram.com api.instagram.com ajax.googleapis.com maps.googleapis.com createsend.com .doubleclick.net; frame-ancestors 'self' .oa-bsa.org;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=1800, public
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 8960
Content-Security-Policy: default-src https: http://history.oa-bsa.org data: 'unsafe-inline' 'unsafe-eval' placehold.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.oa-bsa.org www.google-analytics.com www.googletagmanager.com *.hotjar.com *.hotjar.io *.vimeo.com *.vimeocdn.com use.typekit.com www.google.com use.typekit.net code.jquery.com stackpath.bootstrapcdn.com www.gstatic.com cdn.knightlab.com cdnjs.cloudflare.com static.addtoany.com api.instagram.com ajax.googleapis.com maps.googleapis.com connect.facebook.net platform.twitter.com cdn.jsdelivr.net *.createsend1.com; style-src 'self' 'unsafe-inline' *.oa-bsa.org fonts.googleapis.com cdn.knightlab.com stackpath.bootstrapcdn.com use.typekit.net p.typekit.net cdnjs.cloudflare.com; connect-src 'self' http://api.oa-bsa.org api.oa-bsa.org www.google-analytics.com *.hotjar.com *.hotjar.io wss://*.hotjar.com use.typekit.com www.google.com use.typekit.net performance.typekit.net www.gstatic.com cdnjs.cloudflare.com static.addtoany.com www.instagram.com api.instagram.com ajax.googleapis.com maps.googleapis.com createsend.com *.doubleclick.net; frame-ancestors 'self' *.oa-bsa.org;
Content-Type: text/html; charset=UTF-8
Content-language: en
Date: Fri, 09 Feb 2024 02:40:06 GMT
ETag: "1707446405-gzip"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Keep-Alive: timeout=5, max=100
Last-Modified: Fri, 09 Feb 2024 02:40:05 GMT
Referrer-Policy: strict-origin
Server: Apache
Strict-Transport-Security: max-age=31536000;
Vary: Cookie,Accept-Encoding
X-Content-Type-Options: nosniff
X-Drupal-Cache: HIT
X-Drupal-Dynamic-Cache: MISS
X-Frame-Options: SAMEORIGIN
X-Generator: Drupal 10 (https://www.drupal.org)
X-Xss-Protection: 1; mode=block

Redirect headers

Connection: Keep-Alive
Content-Length: 227
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 09 Feb 2024 02:50:07 GMT
Keep-Alive: timeout=5, max=100
Location: https://oa-bsa.org/
Server: Apache

GET
H/1.1 200
OK css_o5QyLua8BgCNp0zRRCNJqUDpC0_i5EqeWjov1a1QPT4.css
oa-bsa.org/sites/default/files/css/ 6 KB
3 KB 215ms
122ms Stylesheet
text/css 67.227.156.76
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://oa-bsa.org/sites/default/files/css/css_o5QyLua8BgCNp0zRRCNJqUDpC0_i5EqeWjov1a1QPT4.css?delta=0&language=en&theme=oabsa&include=eJxljUsOwyAMRC9EwpEiEwyiMhmETdLcvlIV9bsZzXuzGIrRQNvp6Spz6tjM6anG1QdSdqCg5LMgkExqp5QtXzIAptapTbr20kzdwSGh1-W1-D_jMpCFF6Pss9VvpPzLM93o7hDS0JWMF65UxEdONMTc-6ehYef-YQwQK83thQ_1z5wr4hB-AOevYQ8

Requested by

Host: oa-bsa.org
URL: https://oa-bsa.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

67.227.156.76 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

lweb4.oa-bsa.org

Software

Apache /

Resource Hash

b2ca0b9ae1caf5cfda7f8ae49115a714ec9357739d3b8d2a384269ff57712447

Security Headers

Name	Value
Content-Security-Policy	default-src https: http://history.oa-bsa.org data: 'unsafe-inline' 'unsafe-eval' placehold.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' .oa-bsa.org www.google-analytics.com www.googletagmanager.com .hotjar.com .hotjar.io .vimeo.com .vimeocdn.com use.typekit.com www.google.com use.typekit.net code.jquery.com stackpath.bootstrapcdn.com www.gstatic.com cdn.knightlab.com cdnjs.cloudflare.com static.addtoany.com api.instagram.com ajax.googleapis.com maps.googleapis.com connect.facebook.net platform.twitter.com cdn.jsdelivr.net .createsend1.com; style-src 'self' 'unsafe-inline' .oa-bsa.org fonts.googleapis.com cdn.knightlab.com stackpath.bootstrapcdn.com use.typekit.net p.typekit.net cdnjs.cloudflare.com; connect-src 'self' http://api.oa-bsa.org api.oa-bsa.org www.google-analytics.com .hotjar.com .hotjar.io wss://.hotjar.com use.typekit.com www.google.com use.typekit.net performance.typekit.net www.gstatic.com cdnjs.cloudflare.com static.addtoany.com www.instagram.com api.instagram.com ajax.googleapis.com maps.googleapis.com createsend.com .doubleclick.net; frame-ancestors 'self' .oa-bsa.org;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oa-bsa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Fri, 09 Feb 2024 02:50:08 GMT
Content-Security-Policy: default-src https: http://history.oa-bsa.org data: 'unsafe-inline' 'unsafe-eval' placehold.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.oa-bsa.org www.google-analytics.com www.googletagmanager.com *.hotjar.com *.hotjar.io *.vimeo.com *.vimeocdn.com use.typekit.com www.google.com use.typekit.net code.jquery.com stackpath.bootstrapcdn.com www.gstatic.com cdn.knightlab.com cdnjs.cloudflare.com static.addtoany.com api.instagram.com ajax.googleapis.com maps.googleapis.com connect.facebook.net platform.twitter.com cdn.jsdelivr.net *.createsend1.com; style-src 'self' 'unsafe-inline' *.oa-bsa.org fonts.googleapis.com cdn.knightlab.com stackpath.bootstrapcdn.com use.typekit.net p.typekit.net cdnjs.cloudflare.com; connect-src 'self' http://api.oa-bsa.org api.oa-bsa.org www.google-analytics.com *.hotjar.com *.hotjar.io wss://*.hotjar.com use.typekit.com www.google.com use.typekit.net performance.typekit.net www.gstatic.com cdnjs.cloudflare.com static.addtoany.com www.instagram.com api.instagram.com ajax.googleapis.com maps.googleapis.com createsend.com *.doubleclick.net; frame-ancestors 'self' *.oa-bsa.org;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip
Connection: Keep-Alive
Content-Length: 1868
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 29 Jan 2024 17:37:59 GMT
Server: Apache
Vary: Accept-encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=5184000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Tue, 09 Apr 2024 02:50:08 GMT

GET
H2 200 bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/ 118 KB
16 KB 32ms
16ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: oa-bsa.org
URL: https://oa-bsa.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://oa-bsa.org/
Origin: https://oa-bsa.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:50:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 43052
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16149
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04010-1d970"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ibcL63LbQwUYVRu%2BJu2KtPRp%2BZFs4Ef7ErJ28%2B%2FA2Iswe2bkd3eHGWAy87UCGdP7Rk0Gb5TZJtbIxn%2FUx4Eg%2BFlBMa5c2MSZr5MsGF2mtkmRtZqbsmodFn%2BS1F%2Fa%2BUv%2F3qiaY3q%2FieArQ4zYlruADS96"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8528cd99ec07bba3-FRA
expires: Wed, 29 Jan 2025 02:50:08 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/ 58 KB
11 KB 30ms
14ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css

Requested by

Host: oa-bsa.org
URL: https://oa-bsa.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://oa-bsa.org/
Origin: https://oa-bsa.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:50:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4825314
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10491
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-e7d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7XYMrDidfN%2B5PUFSOg8Az7DrKTxJMfy64Q0WlN%2FJwCwOJ%2FsvrShOS0YAjlAzJ9WLcgKpu%2F4zXEaGhlTteV3F5Gg1Zfxt8qUipd926LsLvSIGvIFsr6NfYTstrlO8CVNWvik2o1fxKpuAr54N%2BzEDUdxM"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8528cd99ec06bba3-FRA
expires: Wed, 29 Jan 2025 02:50:08 GMT

GET
H2 200 cau7wbn.css
use.typekit.net/ 6 KB
1 KB 70ms
16ms Stylesheet
text/css 2a02:26f0:3500:16::215:1484
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/cau7wbn.css

Requested by

Host: oa-bsa.org
URL: https://oa-bsa.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

1372bbef768c768a005e4a15eea76616bb9be9a1b573590c71907c8d6a3d911c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oa-bsa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Fri, 09 Feb 2024 02:50:08 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 899

GET
H/1.1 200
OK css_j_PuPBaQbhib3zyrSyFXNjpPsAHOHGJYfY4DeD-zHsA.css
oa-bsa.org/sites/default/files/css/ 50 KB
11 KB 338ms
122ms Stylesheet
text/css 67.227.156.76
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://oa-bsa.org/sites/default/files/css/css_j_PuPBaQbhib3zyrSyFXNjpPsAHOHGJYfY4DeD-zHsA.css?delta=4&language=en&theme=oabsa&include=eJxljUsOwyAMRC9EwpEiEwyiMhmETdLcvlIV9bsZzXuzGIrRQNvp6Spz6tjM6anG1QdSdqCg5LMgkExqp5QtXzIAptapTbr20kzdwSGh1-W1-D_jMpCFF6Pss9VvpPzLM93o7hDS0JWMF65UxEdONMTc-6ehYef-YQwQK83thQ_1z5wr4hB-AOevYQ8

Requested by

Host: oa-bsa.org
URL: https://oa-bsa.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

67.227.156.76 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

lweb4.oa-bsa.org

Software

Apache /

Resource Hash

bf4522fa322e5348244313f6dfb15f661435faeb84cb9bfed27442da3544fc6e

Security Headers

Name	Value
Content-Security-Policy	default-src https: http://history.oa-bsa.org data: 'unsafe-inline' 'unsafe-eval' placehold.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' .oa-bsa.org www.google-analytics.com www.googletagmanager.com .hotjar.com .hotjar.io .vimeo.com .vimeocdn.com use.typekit.com www.google.com use.typekit.net code.jquery.com stackpath.bootstrapcdn.com www.gstatic.com cdn.knightlab.com cdnjs.cloudflare.com static.addtoany.com api.instagram.com ajax.googleapis.com maps.googleapis.com connect.facebook.net platform.twitter.com cdn.jsdelivr.net .createsend1.com; style-src 'self' 'unsafe-inline' .oa-bsa.org fonts.googleapis.com cdn.knightlab.com stackpath.bootstrapcdn.com use.typekit.net p.typekit.net cdnjs.cloudflare.com; connect-src 'self' http://api.oa-bsa.org api.oa-bsa.org www.google-analytics.com .hotjar.com .hotjar.io wss://.hotjar.com use.typekit.com www.google.com use.typekit.net performance.typekit.net www.gstatic.com cdnjs.cloudflare.com static.addtoany.com www.instagram.com api.instagram.com ajax.googleapis.com maps.googleapis.com createsend.com .doubleclick.net; frame-ancestors 'self' .oa-bsa.org;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oa-bsa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Fri, 09 Feb 2024 02:50:08 GMT
Content-Security-Policy: default-src https: http://history.oa-bsa.org data: 'unsafe-inline' 'unsafe-eval' placehold.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.oa-bsa.org www.google-analytics.com www.googletagmanager.com *.hotjar.com *.hotjar.io *.vimeo.com *.vimeocdn.com use.typekit.com www.google.com use.typekit.net code.jquery.com stackpath.bootstrapcdn.com www.gstatic.com cdn.knightlab.com cdnjs.cloudflare.com static.addtoany.com api.instagram.com ajax.googleapis.com maps.googleapis.com connect.facebook.net platform.twitter.com cdn.jsdelivr.net *.createsend1.com; style-src 'self' 'unsafe-inline' *.oa-bsa.org fonts.googleapis.com cdn.knightlab.com stackpath.bootstrapcdn.com use.typekit.net p.typekit.net cdnjs.cloudflare.com; connect-src 'self' http://api.oa-bsa.org api.oa-bsa.org www.google-analytics.com *.hotjar.com *.hotjar.io wss://*.hotjar.com use.typekit.com www.google.com use.typekit.net performance.typekit.net www.gstatic.com cdnjs.cloudflare.com static.addtoany.com www.instagram.com api.instagram.com ajax.googleapis.com maps.googleapis.com createsend.com *.doubleclick.net; frame-ancestors 'self' *.oa-bsa.org;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip
Connection: Keep-Alive
Content-Length: 9600
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 29 Jan 2024 17:37:59 GMT
Server: Apache
Vary: Accept-encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=5184000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: Tue, 09 Apr 2024 02:50:08 GMT

GET
H/1.1 200
OK oafont.css
oa-bsa.org/assets/ 2 KB
2 KB 345ms
117ms Stylesheet
text/css 67.227.156.76
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://oa-bsa.org/assets/oafont.css

Requested by

Host: oa-bsa.org
URL: https://oa-bsa.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

67.227.156.76 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

lweb4.oa-bsa.org

Software

Apache /

Resource Hash

1fa07c7b3d5be82fe8b59736e15142177b55f87ed60da62f1e83316d79c360af

Security Headers

Name	Value
Content-Security-Policy	default-src https: http://history.oa-bsa.org data: 'unsafe-inline' 'unsafe-eval' placehold.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' .oa-bsa.org www.google-analytics.com www.googletagmanager.com .hotjar.com .hotjar.io .vimeo.com .vimeocdn.com use.typekit.com www.google.com use.typekit.net code.jquery.com stackpath.bootstrapcdn.com www.gstatic.com cdn.knightlab.com cdnjs.cloudflare.com static.addtoany.com api.instagram.com ajax.googleapis.com maps.googleapis.com connect.facebook.net platform.twitter.com cdn.jsdelivr.net .createsend1.com; style-src 'self' 'unsafe-inline' .oa-bsa.org fonts.googleapis.com cdn.knightlab.com stackpath.bootstrapcdn.com use.typekit.net p.typekit.net cdnjs.cloudflare.com; connect-src 'self' http://api.oa-bsa.org api.oa-bsa.org www.google-analytics.com .hotjar.com .hotjar.io wss://.hotjar.com use.typekit.com www.google.com use.typekit.net performance.typekit.net www.gstatic.com cdnjs.cloudflare.com static.addtoany.com www.instagram.com api.instagram.com ajax.googleapis.com maps.googleapis.com createsend.com .doubleclick.net; frame-ancestors 'self' .oa-bsa.org;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oa-bsa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Fri, 09 Feb 2024 02:50:08 GMT
Content-Security-Policy: default-src https: http://history.oa-bsa.org data: 'unsafe-inline' 'unsafe-eval' placehold.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.oa-bsa.org www.google-analytics.com www.googletagmanager.com *.hotjar.com *.hotjar.io *.vimeo.com *.vimeocdn.com use.typekit.com www.google.com use.typekit.net code.jquery.com stackpath.bootstrapcdn.com www.gstatic.com cdn.knightlab.com cdnjs.cloudflare.com static.addtoany.com api.instagram.com ajax.googleapis.com maps.googleapis.com connect.facebook.net platform.twitter.com cdn.jsdelivr.net *.createsend1.com; style-src 'self' 'unsafe-inline' *.oa-bsa.org fonts.googleapis.com cdn.knightlab.com stackpath.bootstrapcdn.com use.typekit.net p.typekit.net cdnjs.cloudflare.com; connect-src 'self' http://api.oa-bsa.org api.oa-bsa.org www.google-analytics.com *.hotjar.com *.hotjar.io wss://*.hotjar.com use.typekit.com www.google.com use.typekit.net performance.typekit.net www.gstatic.com cdnjs.cloudflare.com static.addtoany.com www.instagram.com api.instagram.com ajax.googleapis.com maps.googleapis.com createsend.com *.doubleclick.net; frame-ancestors 'self' *.oa-bsa.org;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip
Connection: Keep-Alive
Content-Length: 780
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 07 Dec 2020 23:16:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=5184000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Tue, 09 Apr 2024 02:50:08 GMT

GET
H/1.1 200
OK oasignature_reversed.svg
oa-bsa.org/themes/oabsa-theme/images/ 44 KB
16 KB 350ms
121ms Image
image/svg+xml 67.227.156.76
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oa-bsa.org/themes/oabsa-theme/images/oasignature_reversed.svg

Requested by

Host: oa-bsa.org
URL: https://oa-bsa.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

67.227.156.76 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

lweb4.oa-bsa.org

Software

Apache /

Resource Hash

652969abb039a1406bc8bd97185624ddc3c0c6e1901c1cfb328b4cdbdd2260f6

Security Headers

Name	Value
Content-Security-Policy	default-src https: http://history.oa-bsa.org data: 'unsafe-inline' 'unsafe-eval' placehold.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' .oa-bsa.org www.google-analytics.com www.googletagmanager.com .hotjar.com .hotjar.io .vimeo.com .vimeocdn.com use.typekit.com www.google.com use.typekit.net code.jquery.com stackpath.bootstrapcdn.com www.gstatic.com cdn.knightlab.com cdnjs.cloudflare.com static.addtoany.com api.instagram.com ajax.googleapis.com maps.googleapis.com connect.facebook.net platform.twitter.com cdn.jsdelivr.net .createsend1.com; style-src 'self' 'unsafe-inline' .oa-bsa.org fonts.googleapis.com cdn.knightlab.com stackpath.bootstrapcdn.com use.typekit.net p.typekit.net cdnjs.cloudflare.com; connect-src 'self' http://api.oa-bsa.org api.oa-bsa.org www.google-analytics.com .hotjar.com .hotjar.io wss://.hotjar.com use.typekit.com www.google.com use.typekit.net performance.typekit.net www.gstatic.com cdnjs.cloudflare.com static.addtoany.com www.instagram.com api.instagram.com ajax.googleapis.com maps.googleapis.com createsend.com .doubleclick.net; frame-ancestors 'self' .oa-bsa.org;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oa-bsa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Fri, 09 Feb 2024 02:50:08 GMT
Content-Security-Policy: default-src https: http://history.oa-bsa.org data: 'unsafe-inline' 'unsafe-eval' placehold.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.oa-bsa.org www.google-analytics.com www.googletagmanager.com *.hotjar.com *.hotjar.io *.vimeo.com *.vimeocdn.com use.typekit.com www.google.com use.typekit.net code.jquery.com stackpath.bootstrapcdn.com www.gstatic.com cdn.knightlab.com cdnjs.cloudflare.com static.addtoany.com api.instagram.com ajax.googleapis.com maps.googleapis.com connect.facebook.net platform.twitter.com cdn.jsdelivr.net *.createsend1.com; style-src 'self' 'unsafe-inline' *.oa-bsa.org fonts.googleapis.com cdn.knightlab.com stackpath.bootstrapcdn.com use.typekit.net p.typekit.net cdnjs.cloudflare.com; connect-src 'self' http://api.oa-bsa.org api.oa-bsa.org www.google-analytics.com *.hotjar.com *.hotjar.io wss://*.hotjar.com use.typekit.com www.google.com use.typekit.net performance.typekit.net www.gstatic.com cdnjs.cloudflare.com static.addtoany.com www.instagram.com api.instagram.com ajax.googleapis.com maps.googleapis.com createsend.com *.doubleclick.net; frame-ancestors 'self' *.oa-bsa.org;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip
Connection: Keep-Alive
Content-Length: 14468
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Thu, 26 Nov 2020 22:00:03 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Sat, 08 Feb 2025 02:50:08 GMT

GET
H/1.1 200
OK Untitled-1%20%282%29.png
oa-bsa.org/sites/default/files/web-tile/ 399 KB
400 KB 353ms
122ms Image
image/png 67.227.156.76
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oa-bsa.org/sites/default/files/web-tile/Untitled-1%20%282%29.png

Requested by

Host: oa-bsa.org
URL: https://oa-bsa.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

67.227.156.76 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

lweb4.oa-bsa.org

Software

Apache /

Resource Hash

b93d292c602a82568fbbf548947b8eeea8c11f9d6fa9be1b964e691517090e7d

Security Headers

Name	Value
Content-Security-Policy	default-src https: http://history.oa-bsa.org data: 'unsafe-inline' 'unsafe-eval' placehold.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' .oa-bsa.org www.google-analytics.com www.googletagmanager.com .hotjar.com .hotjar.io .vimeo.com .vimeocdn.com use.typekit.com www.google.com use.typekit.net code.jquery.com stackpath.bootstrapcdn.com www.gstatic.com cdn.knightlab.com cdnjs.cloudflare.com static.addtoany.com api.instagram.com ajax.googleapis.com maps.googleapis.com connect.facebook.net platform.twitter.com cdn.jsdelivr.net .createsend1.com; style-src 'self' 'unsafe-inline' .oa-bsa.org fonts.googleapis.com cdn.knightlab.com stackpath.bootstrapcdn.com use.typekit.net p.typekit.net cdnjs.cloudflare.com; connect-src 'self' http://api.oa-bsa.org api.oa-bsa.org www.google-analytics.com .hotjar.com .hotjar.io wss://.hotjar.com use.typekit.com www.google.com use.typekit.net performance.typekit.net www.gstatic.com cdnjs.cloudflare.com static.addtoany.com www.instagram.com api.instagram.com ajax.googleapis.com maps.googleapis.com createsend.com .doubleclick.net; frame-ancestors 'self' .oa-bsa.org;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oa-bsa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Fri, 09 Feb 2024 02:50:08 GMT
Content-Security-Policy: default-src https: http://history.oa-bsa.org data: 'unsafe-inline' 'unsafe-eval' placehold.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.oa-bsa.org www.google-analytics.com www.googletagmanager.com *.hotjar.com *.hotjar.io *.vimeo.com *.vimeocdn.com use.typekit.com www.google.com use.typekit.net code.jquery.com stackpath.bootstrapcdn.com www.gstatic.com cdn.knightlab.com cdnjs.cloudflare.com static.addtoany.com api.instagram.com ajax.googleapis.com maps.googleapis.com connect.facebook.net platform.twitter.com cdn.jsdelivr.net *.createsend1.com; style-src 'self' 'unsafe-inline' *.oa-bsa.org fonts.googleapis.com cdn.knightlab.com stackpath.bootstrapcdn.com use.typekit.net p.typekit.net cdnjs.cloudflare.com; connect-src 'self' http://api.oa-bsa.org api.oa-bsa.org www.google-analytics.com *.hotjar.com *.hotjar.io wss://*.hotjar.com use.typekit.com www.google.com use.typekit.net performance.typekit.net www.gstatic.com cdnjs.cloudflare.com static.addtoany.com www.instagram.com api.instagram.com ajax.googleapis.com maps.googleapis.com createsend.com *.doubleclick.net; frame-ancestors 'self' *.oa-bsa.org;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;
Connection: Keep-Alive
Content-Length: 408147
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 02 Jan 2024 22:53:14 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=5184000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Tue, 09 Apr 2024 02:50:08 GMT

GET
H/1.1 200
OK IMG_9344.png
oa-bsa.org/sites/default/files/web-tile/ 352 KB
354 KB 342ms
121ms Image
image/png 67.227.156.76
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oa-bsa.org/sites/default/files/web-tile/IMG_9344.png

Requested by

Host: oa-bsa.org
URL: https://oa-bsa.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

67.227.156.76 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

lweb4.oa-bsa.org

Software

Apache /

Resource Hash

463f8653b10cc6f374fd92501ea02453e4cc777e3226221ced5fa94d391fd01c

Security Headers

Name	Value
Content-Security-Policy	default-src https: http://history.oa-bsa.org data: 'unsafe-inline' 'unsafe-eval' placehold.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' .oa-bsa.org www.google-analytics.com www.googletagmanager.com .hotjar.com .hotjar.io .vimeo.com .vimeocdn.com use.typekit.com www.google.com use.typekit.net code.jquery.com stackpath.bootstrapcdn.com www.gstatic.com cdn.knightlab.com cdnjs.cloudflare.com static.addtoany.com api.instagram.com ajax.googleapis.com maps.googleapis.com connect.facebook.net platform.twitter.com cdn.jsdelivr.net .createsend1.com; style-src 'self' 'unsafe-inline' .oa-bsa.org fonts.googleapis.com cdn.knightlab.com stackpath.bootstrapcdn.com use.typekit.net p.typekit.net cdnjs.cloudflare.com; connect-src 'self' http://api.oa-bsa.org api.oa-bsa.org www.google-analytics.com .hotjar.com .hotjar.io wss://.hotjar.com use.typekit.com www.google.com use.typekit.net performance.typekit.net www.gstatic.com cdnjs.cloudflare.com static.addtoany.com www.instagram.com api.instagram.com ajax.googleapis.com maps.googleapis.com createsend.com .doubleclick.net; frame-ancestors 'self' .oa-bsa.org;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oa-bsa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Fri, 09 Feb 2024 02:50:08 GMT
Content-Security-Policy: default-src https: http://history.oa-bsa.org data: 'unsafe-inline' 'unsafe-eval' placehold.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.oa-bsa.org www.google-analytics.com www.googletagmanager.com *.hotjar.com *.hotjar.io *.vimeo.com *.vimeocdn.com use.typekit.com www.google.com use.typekit.net code.jquery.com stackpath.bootstrapcdn.com www.gstatic.com cdn.knightlab.com cdnjs.cloudflare.com static.addtoany.com api.instagram.com ajax.googleapis.com maps.googleapis.com connect.facebook.net platform.twitter.com cdn.jsdelivr.net *.createsend1.com; style-src 'self' 'unsafe-inline' *.oa-bsa.org fonts.googleapis.com cdn.knightlab.com stackpath.bootstrapcdn.com use.typekit.net p.typekit.net cdnjs.cloudflare.com; connect-src 'self' http://api.oa-bsa.org api.oa-bsa.org www.google-analytics.com *.hotjar.com *.hotjar.io wss://*.hotjar.com use.typekit.com www.google.com use.typekit.net performance.typekit.net www.gstatic.com cdnjs.cloudflare.com static.addtoany.com www.instagram.com api.instagram.com ajax.googleapis.com maps.googleapis.com createsend.com *.doubleclick.net; frame-ancestors 'self' *.oa-bsa.org;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;
Connection: Keep-Alive
Content-Length: 360401
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Wed, 03 Jan 2024 00:10:18 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=5184000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Tue, 09 Apr 2024 02:50:08 GMT

GET
H/1.1 200
OK Untitled-2%20%2811%29.png
oa-bsa.org/sites/default/files/web-tile/ 443 KB
444 KB 136ms
119ms Image
image/png 67.227.156.76
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oa-bsa.org/sites/default/files/web-tile/Untitled-2%20%2811%29.png

Requested by

Host: oa-bsa.org
URL: https://oa-bsa.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

67.227.156.76 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

lweb4.oa-bsa.org

Software

Apache /

Resource Hash

4731b8a634b63a5ca0c723609f150710c2689b602b17499dd90499303bd94ee5

Security Headers

Name	Value
Content-Security-Policy	default-src https: http://history.oa-bsa.org data: 'unsafe-inline' 'unsafe-eval' placehold.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' .oa-bsa.org www.google-analytics.com www.googletagmanager.com .hotjar.com .hotjar.io .vimeo.com .vimeocdn.com use.typekit.com www.google.com use.typekit.net code.jquery.com stackpath.bootstrapcdn.com www.gstatic.com cdn.knightlab.com cdnjs.cloudflare.com static.addtoany.com api.instagram.com ajax.googleapis.com maps.googleapis.com connect.facebook.net platform.twitter.com cdn.jsdelivr.net .createsend1.com; style-src 'self' 'unsafe-inline' .oa-bsa.org fonts.googleapis.com cdn.knightlab.com stackpath.bootstrapcdn.com use.typekit.net p.typekit.net cdnjs.cloudflare.com; connect-src 'self' http://api.oa-bsa.org api.oa-bsa.org www.google-analytics.com .hotjar.com .hotjar.io wss://.hotjar.com use.typekit.com www.google.com use.typekit.net performance.typekit.net www.gstatic.com cdnjs.cloudflare.com static.addtoany.com www.instagram.com api.instagram.com ajax.googleapis.com maps.googleapis.com createsend.com .doubleclick.net; frame-ancestors 'self' .oa-bsa.org;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oa-bsa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Fri, 09 Feb 2024 02:50:08 GMT
Content-Security-Policy: default-src https: http://history.oa-bsa.org data: 'unsafe-inline' 'unsafe-eval' placehold.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.oa-bsa.org www.google-analytics.com www.googletagmanager.com *.hotjar.com *.hotjar.io *.vimeo.com *.vimeocdn.com use.typekit.com www.google.com use.typekit.net code.jquery.com stackpath.bootstrapcdn.com www.gstatic.com cdn.knightlab.com cdnjs.cloudflare.com static.addtoany.com api.instagram.com ajax.googleapis.com maps.googleapis.com connect.facebook.net platform.twitter.com cdn.jsdelivr.net *.createsend1.com; style-src 'self' 'unsafe-inline' *.oa-bsa.org fonts.googleapis.com cdn.knightlab.com stackpath.bootstrapcdn.com use.typekit.net p.typekit.net cdnjs.cloudflare.com; connect-src 'self' http://api.oa-bsa.org api.oa-bsa.org www.google-analytics.com *.hotjar.com *.hotjar.io wss://*.hotjar.com use.typekit.com www.google.com use.typekit.net performance.typekit.net www.gstatic.com cdnjs.cloudflare.com static.addtoany.com www.instagram.com api.instagram.com ajax.googleapis.com maps.googleapis.com createsend.com *.doubleclick.net; frame-ancestors 'self' *.oa-bsa.org;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;
Connection: Keep-Alive
Content-Length: 453178
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 02 Jan 2024 23:28:21 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=5184000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Tue, 09 Apr 2024 02:50:08 GMT

GET
H/1.1 200
OK Introducing%20Your%202024%20National%20Officers%21-2%20%281%29.png
oa-bsa.org/sites/default/files/web-tile/ 351 KB
353 KB 118ms
118ms Image
image/png 67.227.156.76
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oa-bsa.org/sites/default/files/web-tile/Introducing%20Your%202024%20National%20Officers%21-2%20%281%29.png

Requested by

Host: oa-bsa.org
URL: https://oa-bsa.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

67.227.156.76 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

lweb4.oa-bsa.org

Software

Apache /

Resource Hash

42dd34242ab5a0236fc47b19e0d8e556137769c3283f2c788cabf203d4d9e61c

Security Headers

Name	Value
Content-Security-Policy	default-src https: http://history.oa-bsa.org data: 'unsafe-inline' 'unsafe-eval' placehold.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' .oa-bsa.org www.google-analytics.com www.googletagmanager.com .hotjar.com .hotjar.io .vimeo.com .vimeocdn.com use.typekit.com www.google.com use.typekit.net code.jquery.com stackpath.bootstrapcdn.com www.gstatic.com cdn.knightlab.com cdnjs.cloudflare.com static.addtoany.com api.instagram.com ajax.googleapis.com maps.googleapis.com connect.facebook.net platform.twitter.com cdn.jsdelivr.net .createsend1.com; style-src 'self' 'unsafe-inline' .oa-bsa.org fonts.googleapis.com cdn.knightlab.com stackpath.bootstrapcdn.com use.typekit.net p.typekit.net cdnjs.cloudflare.com; connect-src 'self' http://api.oa-bsa.org api.oa-bsa.org www.google-analytics.com .hotjar.com .hotjar.io wss://.hotjar.com use.typekit.com www.google.com use.typekit.net performance.typekit.net www.gstatic.com cdnjs.cloudflare.com static.addtoany.com www.instagram.com api.instagram.com ajax.googleapis.com maps.googleapis.com createsend.com .doubleclick.net; frame-ancestors 'self' .oa-bsa.org;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oa-bsa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Fri, 09 Feb 2024 02:50:08 GMT
Content-Security-Policy: default-src https: http://history.oa-bsa.org data: 'unsafe-inline' 'unsafe-eval' placehold.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.oa-bsa.org www.google-analytics.com www.googletagmanager.com *.hotjar.com *.hotjar.io *.vimeo.com *.vimeocdn.com use.typekit.com www.google.com use.typekit.net code.jquery.com stackpath.bootstrapcdn.com www.gstatic.com cdn.knightlab.com cdnjs.cloudflare.com static.addtoany.com api.instagram.com ajax.googleapis.com maps.googleapis.com connect.facebook.net platform.twitter.com cdn.jsdelivr.net *.createsend1.com; style-src 'self' 'unsafe-inline' *.oa-bsa.org fonts.googleapis.com cdn.knightlab.com stackpath.bootstrapcdn.com use.typekit.net p.typekit.net cdnjs.cloudflare.com; connect-src 'self' http://api.oa-bsa.org api.oa-bsa.org www.google-analytics.com *.hotjar.com *.hotjar.io wss://*.hotjar.com use.typekit.com www.google.com use.typekit.net performance.typekit.net www.gstatic.com cdnjs.cloudflare.com static.addtoany.com www.instagram.com api.instagram.com ajax.googleapis.com maps.googleapis.com createsend.com *.doubleclick.net; frame-ancestors 'self' *.oa-bsa.org;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;
Connection: Keep-Alive
Content-Length: 359592
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Sun, 04 Feb 2024 04:20:04 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=5184000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Expires: Tue, 09 Apr 2024 02:50:08 GMT

GET
H/1.1 200
OK image%20%283%29.png
oa-bsa.org/sites/default/files/web-tile/ 480 KB
482 KB 120ms
120ms Image
image/png 67.227.156.76
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oa-bsa.org/sites/default/files/web-tile/image%20%283%29.png

Requested by

Host: oa-bsa.org
URL: https://oa-bsa.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

67.227.156.76 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

lweb4.oa-bsa.org

Software

Apache /

Resource Hash

2d0425cb7c65edc43732b5148489bc6da94895a3f747db13f88ae22e970b254c

Security Headers

Name	Value
Content-Security-Policy	default-src https: http://history.oa-bsa.org data: 'unsafe-inline' 'unsafe-eval' placehold.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' .oa-bsa.org www.google-analytics.com www.googletagmanager.com .hotjar.com .hotjar.io .vimeo.com .vimeocdn.com use.typekit.com www.google.com use.typekit.net code.jquery.com stackpath.bootstrapcdn.com www.gstatic.com cdn.knightlab.com cdnjs.cloudflare.com static.addtoany.com api.instagram.com ajax.googleapis.com maps.googleapis.com connect.facebook.net platform.twitter.com cdn.jsdelivr.net .createsend1.com; style-src 'self' 'unsafe-inline' .oa-bsa.org fonts.googleapis.com cdn.knightlab.com stackpath.bootstrapcdn.com use.typekit.net p.typekit.net cdnjs.cloudflare.com; connect-src 'self' http://api.oa-bsa.org api.oa-bsa.org www.google-analytics.com .hotjar.com .hotjar.io wss://.hotjar.com use.typekit.com www.google.com use.typekit.net performance.typekit.net www.gstatic.com cdnjs.cloudflare.com static.addtoany.com www.instagram.com api.instagram.com ajax.googleapis.com maps.googleapis.com createsend.com .doubleclick.net; frame-ancestors 'self' .oa-bsa.org;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oa-bsa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Fri, 09 Feb 2024 02:50:09 GMT
Content-Security-Policy: default-src https: http://history.oa-bsa.org data: 'unsafe-inline' 'unsafe-eval' placehold.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.oa-bsa.org www.google-analytics.com www.googletagmanager.com *.hotjar.com *.hotjar.io *.vimeo.com *.vimeocdn.com use.typekit.com www.google.com use.typekit.net code.jquery.com stackpath.bootstrapcdn.com www.gstatic.com cdn.knightlab.com cdnjs.cloudflare.com static.addtoany.com api.instagram.com ajax.googleapis.com maps.googleapis.com connect.facebook.net platform.twitter.com cdn.jsdelivr.net *.createsend1.com; style-src 'self' 'unsafe-inline' *.oa-bsa.org fonts.googleapis.com cdn.knightlab.com stackpath.bootstrapcdn.com use.typekit.net p.typekit.net cdnjs.cloudflare.com; connect-src 'self' http://api.oa-bsa.org api.oa-bsa.org www.google-analytics.com *.hotjar.com *.hotjar.io wss://*.hotjar.com use.typekit.com www.google.com use.typekit.net performance.typekit.net www.gstatic.com cdnjs.cloudflare.com static.addtoany.com www.instagram.com api.instagram.com ajax.googleapis.com maps.googleapis.com createsend.com *.doubleclick.net; frame-ancestors 'self' *.oa-bsa.org;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;
Connection: Keep-Alive
Content-Length: 491633
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 22 Dec 2023 23:59:47 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=5184000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Tue, 09 Apr 2024 02:50:09 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 65ms
13ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=cau7wbn&ht=tk&f=2005.2006.2009.2010.2028.2029.2032.2033&a=9075313&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/cau7wbn.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:50:08 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 copypastesubscribeformlogic.js Show response
js.createsend1.com/javascript/ 12 KB
5 KB 63ms
13ms Script
text/javascript 99.84.88.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.createsend1.com/javascript/copypastesubscribeformlogic.js

Requested by

Host: oa-bsa.org
URL: https://oa-bsa.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.120 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-120.muc50.r.cloudfront.net

Software

csw /

Resource Hash

4233d20e2ed04cc0407f293250823004c3f04ff1062da57d5e63c6c896fe8e2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oa-bsa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:57:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 fc6dca2df1221c0bec817610bc20e504.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 3170
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 09 Feb 2024 01:57:16 GMT
server: csw
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3598
x-amz-cf-id: ZeJRMaWOflkjLqSRgHeh4_pPgA4rZ7XH4PCoWxFM_QXMYUZaUd5uXg==
expires: Fri, 09 Feb 2024 02:57:16 GMT

GET
H/1.1 200
OK js_eFu6y3_0WY_iU2VZOUKtUQ_B_imj4JXnNJT4XmYbfig.js Show response
oa-bsa.org/sites/default/files/js/ 117 KB
42 KB 119ms
118ms Script
text/javascript 67.227.156.76
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://oa-bsa.org/sites/default/files/js/js_eFu6y3_0WY_iU2VZOUKtUQ_B_imj4JXnNJT4XmYbfig.js?scope=footer&delta=0&language=en&theme=oabsa&include=eJxljUsOwyAMRC9EwpEiEwyiMhmETdLcvlIV9bsZzXuzGIrRQNvp6Spz6tjM6anG1QdSdqCg5LMgkExqp5QtXzIAptapTbr20kzdwSGh1-W1-D_jMpCFF6Pss9VvpPzLM93o7hDS0JWMF65UxEdONMTc-6ehYef-YQwQK83thQ_1z5wr4hB-AOevYQ8

Requested by

Host: oa-bsa.org
URL: https://oa-bsa.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

67.227.156.76 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

lweb4.oa-bsa.org

Software

Apache /

Resource Hash

8bfa734b8ed57b82fbd2393ca63abc0eacd1d926fa6aa19999068d0a0e2650d1

Security Headers

Name	Value
Content-Security-Policy	default-src https: http://history.oa-bsa.org data: 'unsafe-inline' 'unsafe-eval' placehold.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' .oa-bsa.org www.google-analytics.com www.googletagmanager.com .hotjar.com .hotjar.io .vimeo.com .vimeocdn.com use.typekit.com www.google.com use.typekit.net code.jquery.com stackpath.bootstrapcdn.com www.gstatic.com cdn.knightlab.com cdnjs.cloudflare.com static.addtoany.com api.instagram.com ajax.googleapis.com maps.googleapis.com connect.facebook.net platform.twitter.com cdn.jsdelivr.net .createsend1.com; style-src 'self' 'unsafe-inline' .oa-bsa.org fonts.googleapis.com cdn.knightlab.com stackpath.bootstrapcdn.com use.typekit.net p.typekit.net cdnjs.cloudflare.com; connect-src 'self' http://api.oa-bsa.org api.oa-bsa.org www.google-analytics.com .hotjar.com .hotjar.io wss://.hotjar.com use.typekit.com www.google.com use.typekit.net performance.typekit.net www.gstatic.com cdnjs.cloudflare.com static.addtoany.com www.instagram.com api.instagram.com ajax.googleapis.com maps.googleapis.com createsend.com .doubleclick.net; frame-ancestors 'self' .oa-bsa.org;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oa-bsa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Fri, 09 Feb 2024 02:50:08 GMT
Content-Security-Policy: default-src https: http://history.oa-bsa.org data: 'unsafe-inline' 'unsafe-eval' placehold.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.oa-bsa.org www.google-analytics.com www.googletagmanager.com *.hotjar.com *.hotjar.io *.vimeo.com *.vimeocdn.com use.typekit.com www.google.com use.typekit.net code.jquery.com stackpath.bootstrapcdn.com www.gstatic.com cdn.knightlab.com cdnjs.cloudflare.com static.addtoany.com api.instagram.com ajax.googleapis.com maps.googleapis.com connect.facebook.net platform.twitter.com cdn.jsdelivr.net *.createsend1.com; style-src 'self' 'unsafe-inline' *.oa-bsa.org fonts.googleapis.com cdn.knightlab.com stackpath.bootstrapcdn.com use.typekit.net p.typekit.net cdnjs.cloudflare.com; connect-src 'self' http://api.oa-bsa.org api.oa-bsa.org www.google-analytics.com *.hotjar.com *.hotjar.io wss://*.hotjar.com use.typekit.com www.google.com use.typekit.net performance.typekit.net www.gstatic.com cdnjs.cloudflare.com static.addtoany.com www.instagram.com api.instagram.com ajax.googleapis.com maps.googleapis.com createsend.com *.doubleclick.net; frame-ancestors 'self' *.oa-bsa.org;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip
Connection: Keep-Alive
Content-Length: 41743
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 29 Jan 2024 17:37:59 GMT
Server: Apache
Vary: Accept-encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Cache-Control: max-age=5184000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Tue, 09 Apr 2024 02:50:08 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 51ms
32ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: oa-bsa.org
URL: https://oa-bsa.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a3d8c061a2a585985a71d5b1a45c424c5bc79b310c86b4731b5bececf5ea5df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oa-bsa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:50:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20737
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"257f9651f9cfd949f6dde30f51352116"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WWzEIEEJSs5lcwdVwEXTlccaSnNlyVGjqGi6feC3oAQBXI5i%2FYQLVlnUHjTfrDXp9yQZ%2BQcHAyASR9XRyPWV2c5Yl%2FVen%2FomKPwnnSbjB4FwJo%2BANnBmWJ%2BKhc1zHvKzjPmpq%2B5ylBAGO6CET28fYNGF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-ray: 8528cd9a8b6b71e2-FRA

GET
H/1.1 200
OK js_Akb8lGP78ykVPmBS0Kb2S_kTe6g2Lfj6xdSayP2Tqyg.js Show response
oa-bsa.org/sites/default/files/js/ 230 B
2 KB 120ms
120ms Script
text/javascript 67.227.156.76
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://oa-bsa.org/sites/default/files/js/js_Akb8lGP78ykVPmBS0Kb2S_kTe6g2Lfj6xdSayP2Tqyg.js?scope=footer&delta=2&language=en&theme=oabsa&include=eJxljUsOwyAMRC9EwpEiEwyiMhmETdLcvlIV9bsZzXuzGIrRQNvp6Spz6tjM6anG1QdSdqCg5LMgkExqp5QtXzIAptapTbr20kzdwSGh1-W1-D_jMpCFF6Pss9VvpPzLM93o7hDS0JWMF65UxEdONMTc-6ehYef-YQwQK83thQ_1z5wr4hB-AOevYQ8

Requested by

Host: oa-bsa.org
URL: https://oa-bsa.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

67.227.156.76 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

lweb4.oa-bsa.org

Software

Apache /

Resource Hash

3362b7abc923874bb97e64390200b1719e2d20f786b321803a72b1818961a1fd

Security Headers

Name	Value
Content-Security-Policy	default-src https: http://history.oa-bsa.org data: 'unsafe-inline' 'unsafe-eval' placehold.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' .oa-bsa.org www.google-analytics.com www.googletagmanager.com .hotjar.com .hotjar.io .vimeo.com .vimeocdn.com use.typekit.com www.google.com use.typekit.net code.jquery.com stackpath.bootstrapcdn.com www.gstatic.com cdn.knightlab.com cdnjs.cloudflare.com static.addtoany.com api.instagram.com ajax.googleapis.com maps.googleapis.com connect.facebook.net platform.twitter.com cdn.jsdelivr.net .createsend1.com; style-src 'self' 'unsafe-inline' .oa-bsa.org fonts.googleapis.com cdn.knightlab.com stackpath.bootstrapcdn.com use.typekit.net p.typekit.net cdnjs.cloudflare.com; connect-src 'self' http://api.oa-bsa.org api.oa-bsa.org www.google-analytics.com .hotjar.com .hotjar.io wss://.hotjar.com use.typekit.com www.google.com use.typekit.net performance.typekit.net www.gstatic.com cdnjs.cloudflare.com static.addtoany.com www.instagram.com api.instagram.com ajax.googleapis.com maps.googleapis.com createsend.com .doubleclick.net; frame-ancestors 'self' .oa-bsa.org;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oa-bsa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Fri, 09 Feb 2024 02:50:09 GMT
Content-Security-Policy: default-src https: http://history.oa-bsa.org data: 'unsafe-inline' 'unsafe-eval' placehold.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.oa-bsa.org www.google-analytics.com www.googletagmanager.com *.hotjar.com *.hotjar.io *.vimeo.com *.vimeocdn.com use.typekit.com www.google.com use.typekit.net code.jquery.com stackpath.bootstrapcdn.com www.gstatic.com cdn.knightlab.com cdnjs.cloudflare.com static.addtoany.com api.instagram.com ajax.googleapis.com maps.googleapis.com connect.facebook.net platform.twitter.com cdn.jsdelivr.net *.createsend1.com; style-src 'self' 'unsafe-inline' *.oa-bsa.org fonts.googleapis.com cdn.knightlab.com stackpath.bootstrapcdn.com use.typekit.net p.typekit.net cdnjs.cloudflare.com; connect-src 'self' http://api.oa-bsa.org api.oa-bsa.org www.google-analytics.com *.hotjar.com *.hotjar.io wss://*.hotjar.com use.typekit.com www.google.com use.typekit.net performance.typekit.net www.gstatic.com cdnjs.cloudflare.com static.addtoany.com www.instagram.com api.instagram.com ajax.googleapis.com maps.googleapis.com createsend.com *.doubleclick.net; frame-ancestors 'self' *.oa-bsa.org;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip
Connection: Keep-Alive
Content-Length: 202
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 29 Jan 2024 17:37:59 GMT
Server: Apache
Vary: Accept-encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Cache-Control: max-age=5184000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: Tue, 09 Apr 2024 02:50:09 GMT

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 21 KB
7 KB 14ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js

Requested by

Host: oa-bsa.org
URL: https://oa-bsa.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://oa-bsa.org/
Origin: https://oa-bsa.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:50:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2531235
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6646
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-520c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EF0drPegfXcJ%2FMgTNwxWtMdNi32Hp6jaWYq8bFiRjeeGjfm1Ig2gnMuAZJA9JqJraDGeHNE6gxarZDPKoyT%2BJHZCkAW64Ve9rqBs39FGuy4PdeHSgQL8%2Fnr28l1%2FPGNepkAStyrVRxYd0MxHOk6pTD6l"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8528cd9a6c53bba3-FRA
expires: Wed, 29 Jan 2025 02:50:08 GMT

GET
H2 200 bootstrap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/ 36 KB
9 KB 15ms
15ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: oa-bsa.org
URL: https://oa-bsa.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://oa-bsa.org/
Origin: https://oa-bsa.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:50:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5376525
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8722
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04010-90b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hTLL6FwWasoB0QG6GLfJBbEeOqAbxDVwNGRtC9tg6UQV%2BfmBGqSPjq7hmKUstV9WUw7hcZzqsW1nNgoTAr1o1bmEjojLf6c4s1xKOpJSTtirckgE5ldxoqRbnYGzXDMtbSEyNkdxDCfUYnizF7xUfxvC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8528cd9a6c54bba3-FRA
expires: Wed, 29 Jan 2025 02:50:08 GMT

GET
H/1.1 200
OK js_0_SX5__25x6QxW4XC-JHbmLkNgvPmxLKSqqz-W76TZs.js Show response
oa-bsa.org/sites/default/files/js/ 20 KB
7 KB 120ms
120ms Script
text/javascript 67.227.156.76
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://oa-bsa.org/sites/default/files/js/js_0_SX5__25x6QxW4XC-JHbmLkNgvPmxLKSqqz-W76TZs.js?scope=footer&delta=5&language=en&theme=oabsa&include=eJxljUsOwyAMRC9EwpEiEwyiMhmETdLcvlIV9bsZzXuzGIrRQNvp6Spz6tjM6anG1QdSdqCg5LMgkExqp5QtXzIAptapTbr20kzdwSGh1-W1-D_jMpCFF6Pss9VvpPzLM93o7hDS0JWMF65UxEdONMTc-6ehYef-YQwQK83thQ_1z5wr4hB-AOevYQ8

Requested by

Host: oa-bsa.org
URL: https://oa-bsa.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

67.227.156.76 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

lweb4.oa-bsa.org

Software

Apache /

Resource Hash

0f08cbf3d6fca8cb7b39e7cbdd2cffec5c8a9fc216aa29672105fa547028299a

Security Headers

Name	Value
Content-Security-Policy	default-src https: http://history.oa-bsa.org data: 'unsafe-inline' 'unsafe-eval' placehold.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' .oa-bsa.org www.google-analytics.com www.googletagmanager.com .hotjar.com .hotjar.io .vimeo.com .vimeocdn.com use.typekit.com www.google.com use.typekit.net code.jquery.com stackpath.bootstrapcdn.com www.gstatic.com cdn.knightlab.com cdnjs.cloudflare.com static.addtoany.com api.instagram.com ajax.googleapis.com maps.googleapis.com connect.facebook.net platform.twitter.com cdn.jsdelivr.net .createsend1.com; style-src 'self' 'unsafe-inline' .oa-bsa.org fonts.googleapis.com cdn.knightlab.com stackpath.bootstrapcdn.com use.typekit.net p.typekit.net cdnjs.cloudflare.com; connect-src 'self' http://api.oa-bsa.org api.oa-bsa.org www.google-analytics.com .hotjar.com .hotjar.io wss://.hotjar.com use.typekit.com www.google.com use.typekit.net performance.typekit.net www.gstatic.com cdnjs.cloudflare.com static.addtoany.com www.instagram.com api.instagram.com ajax.googleapis.com maps.googleapis.com createsend.com .doubleclick.net; frame-ancestors 'self' .oa-bsa.org;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oa-bsa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Fri, 09 Feb 2024 02:50:09 GMT
Content-Security-Policy: default-src https: http://history.oa-bsa.org data: 'unsafe-inline' 'unsafe-eval' placehold.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.oa-bsa.org www.google-analytics.com www.googletagmanager.com *.hotjar.com *.hotjar.io *.vimeo.com *.vimeocdn.com use.typekit.com www.google.com use.typekit.net code.jquery.com stackpath.bootstrapcdn.com www.gstatic.com cdn.knightlab.com cdnjs.cloudflare.com static.addtoany.com api.instagram.com ajax.googleapis.com maps.googleapis.com connect.facebook.net platform.twitter.com cdn.jsdelivr.net *.createsend1.com; style-src 'self' 'unsafe-inline' *.oa-bsa.org fonts.googleapis.com cdn.knightlab.com stackpath.bootstrapcdn.com use.typekit.net p.typekit.net cdnjs.cloudflare.com; connect-src 'self' http://api.oa-bsa.org api.oa-bsa.org www.google-analytics.com *.hotjar.com *.hotjar.io wss://*.hotjar.com use.typekit.com www.google.com use.typekit.net performance.typekit.net www.gstatic.com cdnjs.cloudflare.com static.addtoany.com www.instagram.com api.instagram.com ajax.googleapis.com maps.googleapis.com createsend.com *.doubleclick.net; frame-ancestors 'self' *.oa-bsa.org;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip
Connection: Keep-Alive
Content-Length: 4987
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 29 Jan 2024 17:37:59 GMT
Server: Apache
Vary: Accept-encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Cache-Control: max-age=5184000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Expires: Tue, 09 Apr 2024 02:50:09 GMT

GET
H/1.1 200
OK gtm.js Show response
oa-bsa.org/modules/contrib/google_tag/js/ 895 B
2 KB 118ms
118ms Script
application/javascript 67.227.156.76
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://oa-bsa.org/modules/contrib/google_tag/js/gtm.js?s81aaz

Requested by

Host: oa-bsa.org
URL: https://oa-bsa.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

67.227.156.76 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

lweb4.oa-bsa.org

Software

Apache /

Resource Hash

5fc7ab8eca4149765c42bf4d24e3d0bcd4bf564ebe0c47c73a7957ad1ff31737

Security Headers

Name	Value
Content-Security-Policy	default-src https: http://history.oa-bsa.org data: 'unsafe-inline' 'unsafe-eval' placehold.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' .oa-bsa.org www.google-analytics.com www.googletagmanager.com .hotjar.com .hotjar.io .vimeo.com .vimeocdn.com use.typekit.com www.google.com use.typekit.net code.jquery.com stackpath.bootstrapcdn.com www.gstatic.com cdn.knightlab.com cdnjs.cloudflare.com static.addtoany.com api.instagram.com ajax.googleapis.com maps.googleapis.com connect.facebook.net platform.twitter.com cdn.jsdelivr.net .createsend1.com; style-src 'self' 'unsafe-inline' .oa-bsa.org fonts.googleapis.com cdn.knightlab.com stackpath.bootstrapcdn.com use.typekit.net p.typekit.net cdnjs.cloudflare.com; connect-src 'self' http://api.oa-bsa.org api.oa-bsa.org www.google-analytics.com .hotjar.com .hotjar.io wss://.hotjar.com use.typekit.com www.google.com use.typekit.net performance.typekit.net www.gstatic.com cdnjs.cloudflare.com static.addtoany.com www.instagram.com api.instagram.com ajax.googleapis.com maps.googleapis.com createsend.com .doubleclick.net; frame-ancestors 'self' .oa-bsa.org;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oa-bsa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Fri, 09 Feb 2024 02:50:09 GMT
Content-Security-Policy: default-src https: http://history.oa-bsa.org data: 'unsafe-inline' 'unsafe-eval' placehold.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.oa-bsa.org www.google-analytics.com www.googletagmanager.com *.hotjar.com *.hotjar.io *.vimeo.com *.vimeocdn.com use.typekit.com www.google.com use.typekit.net code.jquery.com stackpath.bootstrapcdn.com www.gstatic.com cdn.knightlab.com cdnjs.cloudflare.com static.addtoany.com api.instagram.com ajax.googleapis.com maps.googleapis.com connect.facebook.net platform.twitter.com cdn.jsdelivr.net *.createsend1.com; style-src 'self' 'unsafe-inline' *.oa-bsa.org fonts.googleapis.com cdn.knightlab.com stackpath.bootstrapcdn.com use.typekit.net p.typekit.net cdnjs.cloudflare.com; connect-src 'self' http://api.oa-bsa.org api.oa-bsa.org www.google-analytics.com *.hotjar.com *.hotjar.io wss://*.hotjar.com use.typekit.com www.google.com use.typekit.net performance.typekit.net www.gstatic.com cdnjs.cloudflare.com static.addtoany.com www.instagram.com api.instagram.com ajax.googleapis.com maps.googleapis.com createsend.com *.doubleclick.net; frame-ancestors 'self' *.oa-bsa.org;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip
Connection: Keep-Alive
Content-Length: 443
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 23 May 2023 22:01:45 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=5184000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Expires: Tue, 09 Apr 2024 02:50:09 GMT

GET
H/1.1 200
OK gtag.js Show response
oa-bsa.org/modules/contrib/google_tag/js/ 944 B
2 KB 120ms
119ms Script
application/javascript 67.227.156.76
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://oa-bsa.org/modules/contrib/google_tag/js/gtag.js?s81aaz

Requested by

Host: oa-bsa.org
URL: https://oa-bsa.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

67.227.156.76 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

lweb4.oa-bsa.org

Software

Apache /

Resource Hash

315ca72ab48ac5d6ce2a22a316e0f872c3791e53af658f250d9f3dcca9badaed

Security Headers

Name	Value
Content-Security-Policy	default-src https: http://history.oa-bsa.org data: 'unsafe-inline' 'unsafe-eval' placehold.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' .oa-bsa.org www.google-analytics.com www.googletagmanager.com .hotjar.com .hotjar.io .vimeo.com .vimeocdn.com use.typekit.com www.google.com use.typekit.net code.jquery.com stackpath.bootstrapcdn.com www.gstatic.com cdn.knightlab.com cdnjs.cloudflare.com static.addtoany.com api.instagram.com ajax.googleapis.com maps.googleapis.com connect.facebook.net platform.twitter.com cdn.jsdelivr.net .createsend1.com; style-src 'self' 'unsafe-inline' .oa-bsa.org fonts.googleapis.com cdn.knightlab.com stackpath.bootstrapcdn.com use.typekit.net p.typekit.net cdnjs.cloudflare.com; connect-src 'self' http://api.oa-bsa.org api.oa-bsa.org www.google-analytics.com .hotjar.com .hotjar.io wss://.hotjar.com use.typekit.com www.google.com use.typekit.net performance.typekit.net www.gstatic.com cdnjs.cloudflare.com static.addtoany.com www.instagram.com api.instagram.com ajax.googleapis.com maps.googleapis.com createsend.com .doubleclick.net; frame-ancestors 'self' .oa-bsa.org;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oa-bsa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Fri, 09 Feb 2024 02:50:09 GMT
Content-Security-Policy: default-src https: http://history.oa-bsa.org data: 'unsafe-inline' 'unsafe-eval' placehold.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.oa-bsa.org www.google-analytics.com www.googletagmanager.com *.hotjar.com *.hotjar.io *.vimeo.com *.vimeocdn.com use.typekit.com www.google.com use.typekit.net code.jquery.com stackpath.bootstrapcdn.com www.gstatic.com cdn.knightlab.com cdnjs.cloudflare.com static.addtoany.com api.instagram.com ajax.googleapis.com maps.googleapis.com connect.facebook.net platform.twitter.com cdn.jsdelivr.net *.createsend1.com; style-src 'self' 'unsafe-inline' *.oa-bsa.org fonts.googleapis.com cdn.knightlab.com stackpath.bootstrapcdn.com use.typekit.net p.typekit.net cdnjs.cloudflare.com; connect-src 'self' http://api.oa-bsa.org api.oa-bsa.org www.google-analytics.com *.hotjar.com *.hotjar.io wss://*.hotjar.com use.typekit.com www.google.com use.typekit.net performance.typekit.net www.gstatic.com cdnjs.cloudflare.com static.addtoany.com www.instagram.com api.instagram.com ajax.googleapis.com maps.googleapis.com createsend.com *.doubleclick.net; frame-ancestors 'self' *.oa-bsa.org;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip
Connection: Keep-Alive
Content-Length: 455
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 23 May 2023 22:01:45 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=5184000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Tue, 09 Apr 2024 02:50:09 GMT

GET
H/1.1 200
OK js_mUDtgEmOFJhe5UqAjAzAwoWaUZ1V6fPbLYHZPd2RnkE.js Show response
oa-bsa.org/sites/default/files/js/ 52 KB
16 KB 120ms
120ms Script
text/javascript 67.227.156.76
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://oa-bsa.org/sites/default/files/js/js_mUDtgEmOFJhe5UqAjAzAwoWaUZ1V6fPbLYHZPd2RnkE.js?scope=footer&delta=8&language=en&theme=oabsa&include=eJxljUsOwyAMRC9EwpEiEwyiMhmETdLcvlIV9bsZzXuzGIrRQNvp6Spz6tjM6anG1QdSdqCg5LMgkExqp5QtXzIAptapTbr20kzdwSGh1-W1-D_jMpCFF6Pss9VvpPzLM93o7hDS0JWMF65UxEdONMTc-6ehYef-YQwQK83thQ_1z5wr4hB-AOevYQ8

Requested by

Host: oa-bsa.org
URL: https://oa-bsa.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

67.227.156.76 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

lweb4.oa-bsa.org

Software

Apache /

Resource Hash

93cfb7824fb8e9738ce0a3a419ec2f162544bbeb9b604f6ba408c967b7c2d2b4

Security Headers

Name	Value
Content-Security-Policy	default-src https: http://history.oa-bsa.org data: 'unsafe-inline' 'unsafe-eval' placehold.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' .oa-bsa.org www.google-analytics.com www.googletagmanager.com .hotjar.com .hotjar.io .vimeo.com .vimeocdn.com use.typekit.com www.google.com use.typekit.net code.jquery.com stackpath.bootstrapcdn.com www.gstatic.com cdn.knightlab.com cdnjs.cloudflare.com static.addtoany.com api.instagram.com ajax.googleapis.com maps.googleapis.com connect.facebook.net platform.twitter.com cdn.jsdelivr.net .createsend1.com; style-src 'self' 'unsafe-inline' .oa-bsa.org fonts.googleapis.com cdn.knightlab.com stackpath.bootstrapcdn.com use.typekit.net p.typekit.net cdnjs.cloudflare.com; connect-src 'self' http://api.oa-bsa.org api.oa-bsa.org www.google-analytics.com .hotjar.com .hotjar.io wss://.hotjar.com use.typekit.com www.google.com use.typekit.net performance.typekit.net www.gstatic.com cdnjs.cloudflare.com static.addtoany.com www.instagram.com api.instagram.com ajax.googleapis.com maps.googleapis.com createsend.com .doubleclick.net; frame-ancestors 'self' .oa-bsa.org;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oa-bsa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Fri, 09 Feb 2024 02:50:09 GMT
Content-Security-Policy: default-src https: http://history.oa-bsa.org data: 'unsafe-inline' 'unsafe-eval' placehold.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.oa-bsa.org www.google-analytics.com www.googletagmanager.com *.hotjar.com *.hotjar.io *.vimeo.com *.vimeocdn.com use.typekit.com www.google.com use.typekit.net code.jquery.com stackpath.bootstrapcdn.com www.gstatic.com cdn.knightlab.com cdnjs.cloudflare.com static.addtoany.com api.instagram.com ajax.googleapis.com maps.googleapis.com connect.facebook.net platform.twitter.com cdn.jsdelivr.net *.createsend1.com; style-src 'self' 'unsafe-inline' *.oa-bsa.org fonts.googleapis.com cdn.knightlab.com stackpath.bootstrapcdn.com use.typekit.net p.typekit.net cdnjs.cloudflare.com; connect-src 'self' http://api.oa-bsa.org api.oa-bsa.org www.google-analytics.com *.hotjar.com *.hotjar.io wss://*.hotjar.com use.typekit.com www.google.com use.typekit.net performance.typekit.net www.gstatic.com cdnjs.cloudflare.com static.addtoany.com www.instagram.com api.instagram.com ajax.googleapis.com maps.googleapis.com createsend.com *.doubleclick.net; frame-ancestors 'self' *.oa-bsa.org;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip
Connection: Keep-Alive
Content-Length: 14256
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 29 Jan 2024 17:37:59 GMT
Server: Apache
Vary: Accept-encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Cache-Control: max-age=5184000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Tue, 09 Apr 2024 02:50:09 GMT

GET
H2 200 l
use.typekit.net/af/620bf8/00000000000000000000e7fe/27/ 17 KB
17 KB 55ms
16ms Font
application/font-woff2 2a02:26f0:3500:16::215:1484
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/620bf8/00000000000000000000e7fe/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/cau7wbn.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6ca123db8c4e1ce21b2eec77f927c0563c64f04d8fc6c94aff8739eef4ebc9af

Request headers

Referer: https://use.typekit.net/cau7wbn.css
Origin: https://oa-bsa.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:50:08 GMT
server: nginx
etag: "b5e7c2e377d10b344b022d96a04daef295e61ac1"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17052

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 78 KB
79 KB 22ms
22ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Origin: https://oa-bsa.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:50:08 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4961957
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 80300
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-139ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tb053eZeN%2FKsh%2BT99ZIM%2B0%2BRyi56OaTYDgK0HkHENEZFiR6%2FU7fXVz9dOsNKAIaHGwloWPYCOiOr6tz0z2v%2F6EFYmc9RCxDhLRgEPVmKz7y8c9UpJT8cKYW6%2FD8YwzEPVKJ84tSt%2FEnsSS4eGzQ57QBC"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8528cd9c0d8bbc03-FRA
expires: Wed, 29 Jan 2025 02:50:08 GMT

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 77 KB
77 KB 35ms
35ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Origin: https://oa-bsa.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:50:08 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6207354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 78460
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-1327c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kY7jV6JG0PBOOe32wfZfbMU8rjT0Si6B911%2FprTDB12T%2B1SUrU80SkZeornV1N04QUFdIRVrP2TygyiWJGMtYOm930QiKtfU7hUoQsjUDyJHmXIEsr4IYiythr%2FiK0zYRXv%2FXaTOvLLtTXwLHipZPGQ1"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8528cd9c0d8fbc03-FRA
expires: Wed, 29 Jan 2025 02:50:08 GMT

GET
H2 200 l
use.typekit.net/af/53dec0/0000000000000000000100fe/27/ 19 KB
19 KB 56ms
18ms Font
application/font-woff2 2a02:26f0:3500:16::215:1484
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/53dec0/0000000000000000000100fe/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/cau7wbn.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 56a4cff53dd7285334742e02be3602b6de282a0efa92d6a00283a6232791fbeb

Request headers

Referer: https://use.typekit.net/cau7wbn.css
Origin: https://oa-bsa.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:50:08 GMT
server: nginx
etag: "5a32dd1351457e6d73efccb3add35a1e0966698e"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19160

GET
H3 200 glyphicons-halflings-regular.woff2
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/fonts/ 18 KB
18 KB 37ms
36ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css
Origin: https://oa-bsa.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:50:08 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2531636
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18028
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04010-466c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q2JuTZkPOsykIZS%2BLCZ%2Fx2amblxZCuKJr1Nsys2LC8u4GHraKOUl25ESmaM0gmKPaTkS%2BrJYb3cikhRk7mVes6Q3NQwCh6sOPjK0dDU9%2BT2yn9V06yxYQNWp3SBBQ5d1Xe5IqzcMk%2Bmu0X15yrd2Osyu"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8528cd9c0d91bc03-FRA
expires: Wed, 29 Jan 2025 02:50:08 GMT

GET
H2 200 l
use.typekit.net/af/e3ca36/00000000000000000000e805/27/ 17 KB
17 KB 51ms
13ms Font
application/font-woff2 2a02:26f0:3500:16::215:1484
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/e3ca36/00000000000000000000e805/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/cau7wbn.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 97f752f1bdffe4e12de8fe349f77012495c8926f74f64874a3e740960b365977

Request headers

Referer: https://use.typekit.net/cau7wbn.css
Origin: https://oa-bsa.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:50:08 GMT
server: nginx
etag: "4577a8003f294766a3a783ec5fba19dc646ecf7c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17116

GET
H3 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 13 KB
14 KB 15ms
15ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-regular-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce20ed8a323117c8a718ff1ddc6dabb997373b575a8e896f2bf02b846c082c9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Origin: https://oa-bsa.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:50:08 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6046672
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13548
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-34ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8gZlcCjAzA82AEluGDpbf2InsVDb5UsMotOfDX%2FQrJfQlhVTgvw45r86ZEhf%2BFtEf1n9l0e3JA4mkRDG1qwdAbmTs4bYZmuly6qyzXZQtHDVYZU0aBavceJGtj4losdFxWTk6aYfLfaUkPt258%2BzKpAX"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8528cd9c0d94bc03-FRA
expires: Wed, 29 Jan 2025 02:50:08 GMT

GET
H/1.1 200
OK IMG_9504.png
oa-bsa.org/sites/default/files/styles/slider/public/2024-01/ 2 MB
2 MB 335ms
120ms Image
image/png 67.227.156.76
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oa-bsa.org/sites/default/files/styles/slider/public/2024-01/IMG_9504.png?itok=9gwlAO3J

Requested by

Host: oa-bsa.org
URL: https://oa-bsa.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

67.227.156.76 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

lweb4.oa-bsa.org

Software

Apache /

Resource Hash

518011591e2e80bdee3f512206cf2e6364b00c1795223e09b694a1f814b4d916

Security Headers

Name	Value
Content-Security-Policy	default-src https: http://history.oa-bsa.org data: 'unsafe-inline' 'unsafe-eval' placehold.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' .oa-bsa.org www.google-analytics.com www.googletagmanager.com .hotjar.com .hotjar.io .vimeo.com .vimeocdn.com use.typekit.com www.google.com use.typekit.net code.jquery.com stackpath.bootstrapcdn.com www.gstatic.com cdn.knightlab.com cdnjs.cloudflare.com static.addtoany.com api.instagram.com ajax.googleapis.com maps.googleapis.com connect.facebook.net platform.twitter.com cdn.jsdelivr.net .createsend1.com; style-src 'self' 'unsafe-inline' .oa-bsa.org fonts.googleapis.com cdn.knightlab.com stackpath.bootstrapcdn.com use.typekit.net p.typekit.net cdnjs.cloudflare.com; connect-src 'self' http://api.oa-bsa.org api.oa-bsa.org www.google-analytics.com .hotjar.com .hotjar.io wss://.hotjar.com use.typekit.com www.google.com use.typekit.net performance.typekit.net www.gstatic.com cdnjs.cloudflare.com static.addtoany.com www.instagram.com api.instagram.com ajax.googleapis.com maps.googleapis.com createsend.com .doubleclick.net; frame-ancestors 'self' .oa-bsa.org;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oa-bsa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Fri, 09 Feb 2024 02:50:08 GMT
Content-Security-Policy: default-src https: http://history.oa-bsa.org data: 'unsafe-inline' 'unsafe-eval' placehold.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.oa-bsa.org www.google-analytics.com www.googletagmanager.com *.hotjar.com *.hotjar.io *.vimeo.com *.vimeocdn.com use.typekit.com www.google.com use.typekit.net code.jquery.com stackpath.bootstrapcdn.com www.gstatic.com cdn.knightlab.com cdnjs.cloudflare.com static.addtoany.com api.instagram.com ajax.googleapis.com maps.googleapis.com connect.facebook.net platform.twitter.com cdn.jsdelivr.net *.createsend1.com; style-src 'self' 'unsafe-inline' *.oa-bsa.org fonts.googleapis.com cdn.knightlab.com stackpath.bootstrapcdn.com use.typekit.net p.typekit.net cdnjs.cloudflare.com; connect-src 'self' http://api.oa-bsa.org api.oa-bsa.org www.google-analytics.com *.hotjar.com *.hotjar.io wss://*.hotjar.com use.typekit.com www.google.com use.typekit.net performance.typekit.net www.gstatic.com cdnjs.cloudflare.com static.addtoany.com www.instagram.com api.instagram.com ajax.googleapis.com maps.googleapis.com createsend.com *.doubleclick.net; frame-ancestors 'self' *.oa-bsa.org;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;
Connection: Keep-Alive
Content-Length: 1589656
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 09 Jan 2024 01:27:11 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=5184000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: Tue, 09 Apr 2024 02:50:08 GMT

GET
H/1.1 200
OK bsa_action_folio.svg
oa-bsa.org/themes/oabsa-theme/images/ 42 KB
18 KB 121ms
121ms Image
image/svg+xml 67.227.156.76
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oa-bsa.org/themes/oabsa-theme/images/bsa_action_folio.svg

Requested by

Host: oa-bsa.org
URL: https://oa-bsa.org/sites/default/files/css/css_j_PuPBaQbhib3zyrSyFXNjpPsAHOHGJYfY4DeD-zHsA.css?delta=4&language=en&theme=oabsa&include=eJxljUsOwyAMRC9EwpEiEwyiMhmETdLcvlIV9bsZzXuzGIrRQNvp6Spz6tjM6anG1QdSdqCg5LMgkExqp5QtXzIAptapTbr20kzdwSGh1-W1-D_jMpCFF6Pss9VvpPzLM93o7hDS0JWMF65UxEdONMTc-6ehYef-YQwQK83thQ_1z5wr4hB-AOevYQ8

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

67.227.156.76 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

lweb4.oa-bsa.org

Software

Apache /

Resource Hash

224e91284bd33014f61de31e68d26695a98a28c4d0087fe0f9f9a07e0f395b80

Security Headers

Name	Value
Content-Security-Policy	default-src https: http://history.oa-bsa.org data: 'unsafe-inline' 'unsafe-eval' placehold.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' .oa-bsa.org www.google-analytics.com www.googletagmanager.com .hotjar.com .hotjar.io .vimeo.com .vimeocdn.com use.typekit.com www.google.com use.typekit.net code.jquery.com stackpath.bootstrapcdn.com www.gstatic.com cdn.knightlab.com cdnjs.cloudflare.com static.addtoany.com api.instagram.com ajax.googleapis.com maps.googleapis.com connect.facebook.net platform.twitter.com cdn.jsdelivr.net .createsend1.com; style-src 'self' 'unsafe-inline' .oa-bsa.org fonts.googleapis.com cdn.knightlab.com stackpath.bootstrapcdn.com use.typekit.net p.typekit.net cdnjs.cloudflare.com; connect-src 'self' http://api.oa-bsa.org api.oa-bsa.org www.google-analytics.com .hotjar.com .hotjar.io wss://.hotjar.com use.typekit.com www.google.com use.typekit.net performance.typekit.net www.gstatic.com cdnjs.cloudflare.com static.addtoany.com www.instagram.com api.instagram.com ajax.googleapis.com maps.googleapis.com createsend.com .doubleclick.net; frame-ancestors 'self' .oa-bsa.org;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oa-bsa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Fri, 09 Feb 2024 02:50:09 GMT
Content-Security-Policy: default-src https: http://history.oa-bsa.org data: 'unsafe-inline' 'unsafe-eval' placehold.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.oa-bsa.org www.google-analytics.com www.googletagmanager.com *.hotjar.com *.hotjar.io *.vimeo.com *.vimeocdn.com use.typekit.com www.google.com use.typekit.net code.jquery.com stackpath.bootstrapcdn.com www.gstatic.com cdn.knightlab.com cdnjs.cloudflare.com static.addtoany.com api.instagram.com ajax.googleapis.com maps.googleapis.com connect.facebook.net platform.twitter.com cdn.jsdelivr.net *.createsend1.com; style-src 'self' 'unsafe-inline' *.oa-bsa.org fonts.googleapis.com cdn.knightlab.com stackpath.bootstrapcdn.com use.typekit.net p.typekit.net cdnjs.cloudflare.com; connect-src 'self' http://api.oa-bsa.org api.oa-bsa.org www.google-analytics.com *.hotjar.com *.hotjar.io wss://*.hotjar.com use.typekit.com www.google.com use.typekit.net performance.typekit.net www.gstatic.com cdnjs.cloudflare.com static.addtoany.com www.instagram.com api.instagram.com ajax.googleapis.com maps.googleapis.com createsend.com *.doubleclick.net; frame-ancestors 'self' *.oa-bsa.org;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip
Connection: Keep-Alive
Content-Length: 16453
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Thu, 26 Nov 2020 22:00:03 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Expires: Sat, 08 Feb 2025 02:50:09 GMT

GET
H/1.1 200
OK oafont.woff2
oa-bsa.org/assets/oafont/ 12 KB
13 KB 218ms
119ms Font
application/font-woff2 67.227.156.76
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://oa-bsa.org/assets/oafont/oafont.woff2?13972348

Requested by

Host: oa-bsa.org
URL: https://oa-bsa.org/assets/oafont.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

67.227.156.76 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

lweb4.oa-bsa.org

Software

Apache /

Resource Hash

dbfed894d068b8d6951883f9efa7ab978a3dfc249fb272f9f366eb2ff83bcec0

Security Headers

Name	Value
Content-Security-Policy	default-src https: http://history.oa-bsa.org data: 'unsafe-inline' 'unsafe-eval' placehold.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' .oa-bsa.org www.google-analytics.com www.googletagmanager.com .hotjar.com .hotjar.io .vimeo.com .vimeocdn.com use.typekit.com www.google.com use.typekit.net code.jquery.com stackpath.bootstrapcdn.com www.gstatic.com cdn.knightlab.com cdnjs.cloudflare.com static.addtoany.com api.instagram.com ajax.googleapis.com maps.googleapis.com connect.facebook.net platform.twitter.com cdn.jsdelivr.net .createsend1.com; style-src 'self' 'unsafe-inline' .oa-bsa.org fonts.googleapis.com cdn.knightlab.com stackpath.bootstrapcdn.com use.typekit.net p.typekit.net cdnjs.cloudflare.com; connect-src 'self' http://api.oa-bsa.org api.oa-bsa.org www.google-analytics.com .hotjar.com .hotjar.io wss://.hotjar.com use.typekit.com www.google.com use.typekit.net performance.typekit.net www.gstatic.com cdnjs.cloudflare.com static.addtoany.com www.instagram.com api.instagram.com ajax.googleapis.com maps.googleapis.com createsend.com .doubleclick.net; frame-ancestors 'self' .oa-bsa.org;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://oa-bsa.org/
Origin: https://oa-bsa.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Fri, 09 Feb 2024 02:50:08 GMT
Content-Security-Policy: default-src https: http://history.oa-bsa.org data: 'unsafe-inline' 'unsafe-eval' placehold.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.oa-bsa.org www.google-analytics.com www.googletagmanager.com *.hotjar.com *.hotjar.io *.vimeo.com *.vimeocdn.com use.typekit.com www.google.com use.typekit.net code.jquery.com stackpath.bootstrapcdn.com www.gstatic.com cdn.knightlab.com cdnjs.cloudflare.com static.addtoany.com api.instagram.com ajax.googleapis.com maps.googleapis.com connect.facebook.net platform.twitter.com cdn.jsdelivr.net *.createsend1.com; style-src 'self' 'unsafe-inline' *.oa-bsa.org fonts.googleapis.com cdn.knightlab.com stackpath.bootstrapcdn.com use.typekit.net p.typekit.net cdnjs.cloudflare.com; connect-src 'self' http://api.oa-bsa.org api.oa-bsa.org www.google-analytics.com *.hotjar.com *.hotjar.io wss://*.hotjar.com use.typekit.com www.google.com use.typekit.net performance.typekit.net www.gstatic.com cdnjs.cloudflare.com static.addtoany.com www.instagram.com api.instagram.com ajax.googleapis.com maps.googleapis.com createsend.com *.doubleclick.net; frame-ancestors 'self' *.oa-bsa.org;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;
Connection: Keep-Alive
Content-Length: 11856
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 07 Dec 2020 23:16:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/font-woff2
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Sat, 08 Feb 2025 02:50:08 GMT

GET
H2 200 l
use.typekit.net/af/5cca6d/00000000000000000000e802/27/ 17 KB
17 KB 41ms
15ms Font
application/font-woff2 2a02:26f0:3500:16::215:1484
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5cca6d/00000000000000000000e802/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/cau7wbn.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 36c637ff413145665890a1d52867bfcc8b90767212fa0fae29e71ac09a0ae9e4

Request headers

Referer: https://use.typekit.net/cau7wbn.css
Origin: https://oa-bsa.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:50:08 GMT
server: nginx
etag: "e1f467b1f2cff0ccd8ad9b098801967df8dc108c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17588

GET
H2 200 sm.25.html Show response
static.addtoany.com/menu/ Frame 75F9 716 B
753 B 19ms
19ms Document
text/html 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.25.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

274d4116239b63097bb7c16e56e27cbb5a77be20392fb8e2317c0a0235185cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://oa-bsa.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 10463
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 8528cd9e3e3d71e2-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 09 Feb 2024 02:50:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CG8YWDv2TuJX%2FFQfs7DPt31D6iIdi%2FZ7EhOvzvPQpkjCWCw893g47xx5sMEYGdPRnJzhS6N6rLhsvalVfMov4wKd2kgyAbWOtu6Lscc%2Bo32JllFge1aDz8qdAdN4k7sMi%2Fml9AVI"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 core.Ep5bSEmr.js Show response
static.addtoany.com/menu/modules/ 70 KB
26 KB 40ms
25ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

219b652de3176257072749c876811cc963494f5fbdee3f92eb38e7392f724ce0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://oa-bsa.org/
Origin: https://oa-bsa.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:50:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2869
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"a995aaed2cd978eb5749462d1dc3635e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yEYKIHCyFQYxtyg4hE7HnwTdp1i7YGKhrqmvwT6SoxXhqXboyKezbNG4QYJeG2GW0S0SgLXj9JuTZyCaObxPyM5WrwD4wQsN8hKmrAUNHYXc%2BJjWUJLDN9ZFtpvNjG8XW6XwEo%2FJIKsA2H9hPyutUqlI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 8528cd9e588c03c4-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 195 KB
70 KB 46ms
25ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MRWGPTP

Requested by

Host: oa-bsa.org
URL: https://oa-bsa.org/modules/contrib/google_tag/js/gtm.js?s81aaz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4fc2416b4e900678b752ac55df588fabc9ba7fd13133d50050e8bfc7c4158b8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oa-bsa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:50:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71558
x-xss-protection: 0
last-modified: Fri, 09 Feb 2024 00:03:02 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Feb 2024 02:50:09 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 246 KB
85 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-62BXVHE4NX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRWGPTP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c1829e4ffb62b4d61da81248f26994af25eec611768eab23541285906f0110e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oa-bsa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:50:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87354
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 09 Feb 2024 02:50:09 GMT

GET
H2 200 hotjar-1752421.js Show response
static.hotjar.com/c/ 9 KB
4 KB 102ms
67ms Script
application/javascript 18.66.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1752421.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRWGPTP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-117.muc50.r.cloudfront.net

Software

Resource Hash

3b42858ab82907b2e3b4d0c96045ab8ecdf10f70c2b6b57ba47d9335a043aa41

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oa-bsa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:50:09 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 aedc37d054398c84a361f8542a82efea.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
etag: W/2369814b3c7ca17f69061cd3531d79aa
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: pgcVv-WrQO1c0tflCmsk06P33Vg5SclGRwlBe7V3b0rA8lVBFgE3YA==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 214 KB
58 KB 31ms
6ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: oa-bsa.org
URL: https://oa-bsa.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bca51ed2fe251488a1b150edf560d43880f1486740f34d24120ede486f99676b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oa-bsa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 09 Feb 2024 02:50:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57257
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: QAlYbVMHeJaLg/klcF41d7TNrjwXDQ7b6aBKTBJSpXalOXIDOSGLNCkU6YgH87tk5JEVrCFjoydG6i561lHvMA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 26124889.js Show response
extend.vimeocdn.com/ga/ 17 KB
6 KB 35ms
7ms Script
text/javascript 146.75.122.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://extend.vimeocdn.com/ga/26124889.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRWGPTP
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 6c649cc3d4aee7683250622541a6045ad4ac3beb93df1fcdd3ec1f7f12a1ff44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oa-bsa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-cache-hits: 57321
date: Fri, 09 Feb 2024 02:50:09 GMT
content-encoding: gzip
via: 1.1 varnish
age: 1380795
x-cache: HIT
content-length: 5579
x-served-by: cache-fra-eddf8230117-FRA
last-modified: Wed, 24 Jan 2024 01:39:14 GMT
server: Apache
x-timer: S1707447009.344906,VS0,VE0
etag: "421e-60fa7215d9480-gzip"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-vimeo-dc: ge
x-bapp-server: assets-77db85df4d-dg6pg
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Jan 2034 03:16:53 GMT

GET
H2 200 325895432875585 Show response
connect.facebook.net/signals/config/ 52 KB
11 KB 76ms
75ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/325895432875585?v=2.9.145&r=stable&domain=oa-bsa.org&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8e63c083145cb4d49fd79343ccf955e6fa5bb9579cdfc40a44383c93236516f0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oa-bsa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 09 Feb 2024 02:50:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: u89lZrIWpBOJAW590AtSD+cuDBYivqtfqLwuLZMgrLqEXWct88x66cRL2YxqaezM4anPSlelBoT+O/KbEFiZew==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.fd7a1c20a85f7a95e5ff.js Show response
script.hotjar.com/ 218 KB
55 KB 48ms
15ms Script
application/javascript 99.84.88.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.fd7a1c20a85f7a95e5ff.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1752421.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-12.muc50.r.cloudfront.net

Software

Resource Hash

135cc2fb726f9d5ba840faf6e0ff280e2bd7b6b28a2736bd6092c807cfbea88c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oa-bsa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:16:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 167c735142bc0b0bedf2cca27d970088.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 570843
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55316
last-modified: Fri, 02 Feb 2024 12:16:01 GMT
etag: "253d3ab37754a78a185ec9d668fb77c9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: -uc0bykWr26IH8ei0kLmqkKTumpIYfXozDyPmxaSnaksMcjnc6HOhQ==

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 28ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=325895432875585&ev=PageView&dl=https%3A%2F%2Foa-bsa.org%2F&rl=&if=false&ts=1707447009506&sw=1600&sh=1200&v=2.9.145&r=stable&ec=0&o=4126&fbp=fb.1.1707447009506.528497403&ler=empty&cdl=API_unavailable&it=1707447009376&coo=false&exp=e1&rqm=GET

Requested by

Host: oa-bsa.org
URL: https://oa-bsa.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oa-bsa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 09 Feb 2024 02:50:09 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 204 1752421 Show response
vc.hotjar.io/sessions/ 0
258 B 95ms
45ms XHR
text/plain 18.66.192.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/1752421?s=0.25&r=0.1516335992872453
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.fd7a1c20a85f7a95e5ff.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-46.muc50.r.cloudfront.net
Software: Python/3.8 aiohttp/3.8.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oa-bsa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 02:50:09 GMT
via: 1.1 47755cdb8b36419a04f12ee3c24f7fae.cloudfront.net (CloudFront)
server: Python/3.8 aiohttp/3.8.4
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: roSvWaa2zsAxTqp8-Kp1xKykC3W7O13LHLD5JcxGDY2ypoWG0pTczQ==

GET
H2 200 browser-perf.8417c6bba72228fa2e29.js Show response
script.hotjar.com/ 5 KB
2 KB 13ms
13ms Script
application/javascript 99.84.88.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/browser-perf.8417c6bba72228fa2e29.js

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.fd7a1c20a85f7a95e5ff.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-12.muc50.r.cloudfront.net

Software

Resource Hash

70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oa-bsa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:32:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 167c735142bc0b0bedf2cca27d970088.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 1340282
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1782
last-modified: Wed, 24 Jan 2024 14:31:37 GMT
etag: "b83b61bc5871e9a23a0434e2c539f4f3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: ChSufXA8Bz0tpcQ_wtDNnMat_AFbMF-98JnmoUPhoQTbd8QOqqE0EA==

POST
H2 204 /
metrics.hotjar.io/ 0
70 B 124ms
34ms Ping
text/plain 54.229.70.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics.hotjar.io/?v=6
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1752421.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.229.70.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-70-208.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://oa-bsa.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 09 Feb 2024 02:50:12 GMT
vary: Origin

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.oa-bsa.org/	1970-01-21 03:53:27	Name: _ga_62BXVHE4NX Value: GS1.1.1707447009.1.0.1707447009.0.0.0
.oa-bsa.org/	1970-01-21 03:53:27	Name: _ga Value: GA1.1.721125891.1707447009
.oa-bsa.org/	1970-01-20 20:27:03	Name: _fbp Value: fb.1.1707447009506.528497403
.oa-bsa.org/	1970-01-21 03:03:03	Name: _hjSessionUser_1752421 Value: eyJpZCI6ImZiYzQ3MmFjLTQ2YTEtNTA5My04ZWU5LWU4MmI0YzAxZDc5NSIsImNyZWF0ZWQiOjE3MDc0NDcwMDk1MjgsImV4aXN0aW5nIjpmYWxzZX0=
.oa-bsa.org/	1970-01-20 18:17:28	Name: _hjSession_1752421 Value: eyJpZCI6IjlkMDcxZjJiLTFiMGYtNDgxMC04YWRjLTc0OTk4YzkzMGYzOCIsImMiOjE3MDc0NDcwMDk1MjgsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-62BXVHE4NX&l=dataLayer&cx=c(Line 134) Message: Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-62BXVHE4NX&gtm=45je4270v880949104z8831311340za200&_p=1707447009225&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=721125891.1707447009&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707447009&sct=1&seg=0&dl=https%3A%2F%2Foa-bsa.org%2F&dt=Order%20of%20the%20Arrow%20-%20Boy%20Scouts%20of%20America&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1764' because it violates the following Content Security Policy directive: "connect-src 'self' http://api.oa-bsa.org api.oa-bsa.org www.google-analytics.com .hotjar.com .hotjar.io wss://.hotjar.com use.typekit.com www.google.com use.typekit.net performance.typekit.net www.gstatic.com cdnjs.cloudflare.com static.addtoany.com www.instagram.com api.instagram.com ajax.googleapis.com maps.googleapis.com createsend.com .doubleclick.net".
other	warning	URL: https://connect.facebook.net/signals/config/325895432875585?v=2.9.145&r=stable&domain=oa-bsa.org&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: http://history.oa-bsa.org data: 'unsafe-inline' 'unsafe-eval' placehold.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' .oa-bsa.org www.google-analytics.com www.googletagmanager.com .hotjar.com .hotjar.io .vimeo.com .vimeocdn.com use.typekit.com www.google.com use.typekit.net code.jquery.com stackpath.bootstrapcdn.com www.gstatic.com cdn.knightlab.com cdnjs.cloudflare.com static.addtoany.com api.instagram.com ajax.googleapis.com maps.googleapis.com connect.facebook.net platform.twitter.com cdn.jsdelivr.net .createsend1.com; style-src 'self' 'unsafe-inline' .oa-bsa.org fonts.googleapis.com cdn.knightlab.com stackpath.bootstrapcdn.com use.typekit.net p.typekit.net cdnjs.cloudflare.com; connect-src 'self' http://api.oa-bsa.org api.oa-bsa.org www.google-analytics.com .hotjar.com .hotjar.io wss://.hotjar.com use.typekit.com www.google.com use.typekit.net performance.typekit.net www.gstatic.com cdnjs.cloudflare.com static.addtoany.com www.instagram.com api.instagram.com ajax.googleapis.com maps.googleapis.com createsend.com .doubleclick.net; frame-ancestors 'self' .oa-bsa.org;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
connect.facebook.net
extend.vimeocdn.com
js.createsend1.com
metrics.hotjar.io
oa-bsa.org
p.typekit.net
script.hotjar.com
static.addtoany.com
static.hotjar.com
use.typekit.net
vc.hotjar.io
www.facebook.com
www.googletagmanager.com
146.75.122.109
18.66.192.117
18.66.192.46
2606:4700:10::ac43:2794
2606:4700::6811:180e
2a00:1450:4001:811::2008
2a02:26f0:3500:16::215:1484
2a02:26f0:3500:16::215:1495
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
54.229.70.208
67.227.156.76
99.84.88.12
99.84.88.120
0f08cbf3d6fca8cb7b39e7cbdd2cffec5c8a9fc216aa29672105fa547028299a
135cc2fb726f9d5ba840faf6e0ff280e2bd7b6b28a2736bd6092c807cfbea88c
1372bbef768c768a005e4a15eea76616bb9be9a1b573590c71907c8d6a3d911c
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1fa07c7b3d5be82fe8b59736e15142177b55f87ed60da62f1e83316d79c360af
219b652de3176257072749c876811cc963494f5fbdee3f92eb38e7392f724ce0
224e91284bd33014f61de31e68d26695a98a28c4d0087fe0f9f9a07e0f395b80
274d4116239b63097bb7c16e56e27cbb5a77be20392fb8e2317c0a0235185cad
2d0425cb7c65edc43732b5148489bc6da94895a3f747db13f88ae22e970b254c
315ca72ab48ac5d6ce2a22a316e0f872c3791e53af658f250d9f3dcca9badaed
3362b7abc923874bb97e64390200b1719e2d20f786b321803a72b1818961a1fd
36c637ff413145665890a1d52867bfcc8b90767212fa0fae29e71ac09a0ae9e4
3b42858ab82907b2e3b4d0c96045ab8ecdf10f70c2b6b57ba47d9335a043aa41
4233d20e2ed04cc0407f293250823004c3f04ff1062da57d5e63c6c896fe8e2a
42dd34242ab5a0236fc47b19e0d8e556137769c3283f2c788cabf203d4d9e61c
463f8653b10cc6f374fd92501ea02453e4cc777e3226221ced5fa94d391fd01c
4731b8a634b63a5ca0c723609f150710c2689b602b17499dd90499303bd94ee5
4fc2416b4e900678b752ac55df588fabc9ba7fd13133d50050e8bfc7c4158b8e
518011591e2e80bdee3f512206cf2e6364b00c1795223e09b694a1f814b4d916
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
56a4cff53dd7285334742e02be3602b6de282a0efa92d6a00283a6232791fbeb
5fc7ab8eca4149765c42bf4d24e3d0bcd4bf564ebe0c47c73a7957ad1ff31737
652969abb039a1406bc8bd97185624ddc3c0c6e1901c1cfb328b4cdbdd2260f6
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6c649cc3d4aee7683250622541a6045ad4ac3beb93df1fcdd3ec1f7f12a1ff44
6ca123db8c4e1ce21b2eec77f927c0563c64f04d8fc6c94aff8739eef4ebc9af
70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
8a3d8c061a2a585985a71d5b1a45c424c5bc79b310c86b4731b5bececf5ea5df
8bfa734b8ed57b82fbd2393ca63abc0eacd1d926fa6aa19999068d0a0e2650d1
8e63c083145cb4d49fd79343ccf955e6fa5bb9579cdfc40a44383c93236516f0
93cfb7824fb8e9738ce0a3a419ec2f162544bbeb9b604f6ba408c967b7c2d2b4
97f752f1bdffe4e12de8fe349f77012495c8926f74f64874a3e740960b365977
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
b2ca0b9ae1caf5cfda7f8ae49115a714ec9357739d3b8d2a384269ff57712447
b84bca124733d746ecffae48c9bcd3d4f576c5d80c3de3de4cdd989fa88da114
b93d292c602a82568fbbf548947b8eeea8c11f9d6fa9be1b964e691517090e7d
bca51ed2fe251488a1b150edf560d43880f1486740f34d24120ede486f99676b
bf4522fa322e5348244313f6dfb15f661435faeb84cb9bfed27442da3544fc6e
c1829e4ffb62b4d61da81248f26994af25eec611768eab23541285906f0110e3
ce20ed8a323117c8a718ff1ddc6dabb997373b575a8e896f2bf02b846c082c9d
dbfed894d068b8d6951883f9efa7ab978a3dfc249fb272f9f366eb2ff83bcec0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

oa-bsa.org Open in urlscan Pro 67.227.156.76 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

48 Requests

100 %HTTPS

50 %IPv6

11 Domains

14 Subdomains

14 IPs

3 Countries

4358 kBTransfer

5493 kBSize

5 Cookies

16 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

oa-bsa.org Open in urlscan Pro
67.227.156.76 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

100 %
HTTPS

50 %
IPv6

11
Domains

14
Subdomains

14
IPs

3
Countries

4358 kB
Transfer

5493 kB
Size

5
Cookies

48 HTTP transactions
0 data transactions