www.winonaorc.org Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://winonaorc.org/
Effective URL:
https://www.winonaorc.org/
Submission: On January 08 via manual (January 8th 2024, 10:40:54 pm UTC) from US — Scanned from NL

Summary HTTP 134 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 25 IPs in 3 countries across 16 domains to perform 134 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.winonaorc.org.
TLS certificate: Issued by GTS CA 1P5 on December 14th 2023. Valid for: 3 months.

This is the only time www.winonaorc.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 9	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 48	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.92.193.128 52.92.193.128	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
6	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
9	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2600:1f14:5db... 2600:1f14:5db:eb00:2d80:95cc:4e53:ea1d	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2006	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2016	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
2	54.187.207.172 54.187.207.172	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1 2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
2	35.167.14.230 35.167.14.230	16509 (AMAZON-02) (AMAZON-02)
2	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
134	25

9 2a06:98c1:3120::3 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

winonaorc.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.winonaorc.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.winonaorc.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.193.128 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f14:5db:eb00:2d80:95cc:4e53:ea1d (Boardman, United States)

ASN16509 (AMAZON-02, US)

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.187.207.172 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-187-207-172.us-west-2.compute.amazonaws.com

crm.bloomerang.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.167.14.230 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-167-14-230.us-west-2.compute.amazonaws.com

api.bloomerang.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn77.api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	winonaorc.org 3 redirects winonaorc.org www.winonaorc.org	3 MB
18	youtube.com www.youtube.com — Cisco Umbrella Rank: 79	2 MB
13	gstatic.com fonts.gstatic.com www.gstatic.com	209 KB
9	userway.org cdn.userway.org — Cisco Umbrella Rank: 7457 api.userway.org — Cisco Umbrella Rank: 6974 cdn77.api.userway.org — Cisco Umbrella Rank: 10657	62 KB
8	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 306	80 KB
7	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 static.doubleclick.net — Cisco Umbrella Rank: 371 stats.g.doubleclick.net — Cisco Umbrella Rank: 184	2 KB
4	bloomerang.co crm.bloomerang.co — Cisco Umbrella Rank: 187785 api.bloomerang.co — Cisco Umbrella Rank: 230958	21 KB
3	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 104	239 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101 region1.google-analytics.com — Cisco Umbrella Rank: 1695	21 KB
2	aspnetcdn.com ajax.aspnetcdn.com — Cisco Umbrella Rank: 5670	11 KB
2	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 98	2 KB
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 193	10 KB
2	google.com www.google.com — Cisco Umbrella Rank: 6 play.google.com Failed	39 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	140 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 240	89 KB
1	amazonaws.com s3-us-west-2.amazonaws.com	3 KB
134	16

	Domain	Requested by
55	www.winonaorc.org	1 redirects www.winonaorc.org
18	www.youtube.com	www.winonaorc.org www.youtube.com
9	fonts.gstatic.com	www.winonaorc.org www.youtube.com
8	jnn-pa.googleapis.com	www.youtube.com
6	cdn.userway.org	www.winonaorc.org cdn.userway.org
4	www.gstatic.com	www.youtube.com www.gstatic.com
4	googleads.g.doubleclick.net	2 redirects www.youtube.com
3	i.ytimg.com	www.youtube.com www.winonaorc.org
2	cdn77.api.userway.org	cdn.userway.org
2	api.bloomerang.co	www.winonaorc.org
2	ajax.aspnetcdn.com	crm.bloomerang.co
2	www.facebook.com	1 redirects connect.facebook.net
2	crm.bloomerang.co	s3-us-west-2.amazonaws.com crm.bloomerang.co
2	yt3.ggpht.com	www.youtube.com
2	www.google.com	www.youtube.com
2	static.doubleclick.net	www.youtube.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.winonaorc.org www.google-analytics.com
2	connect.facebook.net	www.winonaorc.org connect.facebook.net
2	winonaorc.org	2 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	api.userway.org	cdn.userway.org
1	s3-us-west-2.amazonaws.com	www.winonaorc.org
0	play.google.com Failed	www.youtube.com
134	25

This site contains links to these domains. Also see Links.

Domain
www.carf.org
www.goodsearch.org
www.hco.org
www.leavealegacymn.org
www.winonacommunityfoundation.org
goo.gl
login.microsoftonline.com
www.facebook.com
www.linkedin.com

Subject Issuer	Validity	Valid
winonaorc.org GTS CA 1P5	`2023-12-14` - `2024-03-13`	3 months	crt.sh
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-08-03`	10 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-18` - `2024-01-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
1667503734.rsc.cdn77.org R3	`2023-12-19` - `2024-03-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
api.userway.org Amazon RSA 2048 M03	`2023-09-02` - `2024-09-30`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.bloomerang.co Go Daddy Secure Certificate Authority - G2	`2023-09-13` - `2024-09-29`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2023-05-05` - `2024-04-28`	a year	crt.sh
1784939676.rsc.cdn77.org R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.winonaorc.org/
Frame ID: D5E6D54A8FEC035C5D10312F13B8032C
Requests: 82 HTTP requests in this frame

Frame: https://www.youtube.com/embed/TNPEkIYFY_U?autoplay=0&rel=0&enablejsapi=1&wmode=opaque
Frame ID: FE116057E73255A101D2148F08D9AAA6
Requests: 44 HTTP requests in this frame

Frame: https://www.winonaorc.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Frame ID: 7BA87C141DBDAB7CA2C10426E45C0868
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Dfbfd70bf2474%2526domain%253Dwww.winonaorc.org%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.winonaorc.org%25252Ff131f8a7a676e5c%2526relation%253Dparent.parent%26container_width%3D340%26height%3D330%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FWinonaORC%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dtrue%26tabs%3Dtimeline%26width%3D500
Frame ID: D37FB8886F7C4A836D24BFDD6CC3707A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Winona ORC - Disability Employment Services

Page URL History Show full URLs

http://winonaorc.org/ HTTP 301
https://winonaorc.org/ HTTP 301
https://www.winonaorc.org/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

134
Requests

94 %
HTTPS

83 %
IPv6

16
Domains

25
Subdomains

25
IPs

3
Countries

5659 kB
Transfer

13442 kB
Size

19
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: http://www.carf.org/

Search URL Search Domain Scan URL

URL: http://www.goodsearch.org/?charityid=898909

Search URL Search Domain Scan URL

URL: http://www.hco.org/

Search URL Search Domain Scan URL

URL: http://www.leavealegacymn.org/

Search URL Search Domain Scan URL

URL: http://www.winonacommunityfoundation.org/

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/PBm9l
Title: 1053 East Mark Street Winona, MN 55987

Search URL Search Domain Scan URL

URL: https://login.microsoftonline.com/
Title: Webmail

Search URL Search Domain Scan URL

URL: https://www.facebook.com/WinonaORC
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/winona-orc-industries
Title: LinkedIn

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://winonaorc.org/ HTTP 301
https://winonaorc.org/ HTTP 301
https://www.winonaorc.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 84

https://www.winonaorc.org/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.winonaorc.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

Request Chain 85

https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfbfd70bf2474%26domain%3Dwww.winonaorc.org%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.winonaorc.org%252Ff131f8a7a676e5c%26relation%3Dparent.parent&container_width=340&height=330&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FWinonaORC%2F&locale=en_US&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=500 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Dfbfd70bf2474%2526domain%253Dwww.winonaorc.org%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.winonaorc.org%25252Ff131f8a7a676e5c%2526relation%253Dparent.parent%26container_width%3D340%26height%3D330%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FWinonaORC%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dtrue%26tabs%3Dtimeline%26width%3D500

Request Chain 108

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

134 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.winonaorc.org/
Redirect Chain

http://winonaorc.org/
https://winonaorc.org/
https://www.winonaorc.org/

1 MB
164 KB

473ms
429ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winonaorc.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43e39ac0d3f2fbc8369750381952b19e7024cdc19b9fd87b3af6383561133949

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8427f1b5efec6699-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 08 Jan 2024 22:40:47 GMT
expires: Mon, 08 Jan 2024 22:40:47 GMT
last-modified: Mon, 08 Jan 2024 16:33:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HmaqMdaAmfURgQ83TJy8qVvhfY0nyUAHCd%2BHKASDL7LOBJrWdxrMpjBt3y4vChi3O5T4Q8pAwfypNpyG4kMJfykANS4%2BbklZDjwCYRJ%2BK7CLbhuq7hjNJHIxDy1J5iuymsJO3HGIJURVVMjgEkX1Ag%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8427f1aff8206699-AMS
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 08 Jan 2024 22:40:46 GMT
expires: Mon, 08 Jan 2024 22:40:46 GMT
location: https://www.winonaorc.org/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3hXQ51MZRItsp7wc7PrsgtP4nHGxjHUxNBHQ0Ox7xULM8%2FGWd4AXhwLxyhLWMJvQCZzdUxFdu4aC93Nt0ajKGHistoU0Lg8m3Nf9VPorLcGwOhmvUwc95Mdl0HXPo6%2BgmaJ1rWlmH0iNMIFJ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
x-pingback: https://www.winonaorc.org/xmlrpc.php
x-redirect-by: WordPress

GET
H2 200 cleantalk-public.min.css
www.winonaorc.org/wp-content/plugins/cleantalk-spam-protect/css/ 1 KB
965 B 351ms
350ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winonaorc.org/wp-content/plugins/cleantalk-spam-protect/css/cleantalk-public.min.css?ver=6.24
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2d01a28284207ea1bc9976244daa182379ac4c1cc50c22e0d3302bbf9b922f8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:47 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 27 Dec 2023 18:01:41 GMT
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
upstream: Apache
content-type: text/css; charset=utf-8
nginx-cache: MISS
upstream-expires: Tue, 07 Jan 2025 22:40:47 GMT
cache-control: max-age=31536000, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BZGJIfSycVbj6Cn4224MC5guvI1bk2VD%2BW2bN6TKsI%2BANPLw9uonQNmlBVXQ3F2ZufRGy4M5s%2BvOZ2JVo9qfzYc7IMUIrDvy1HnknXSD9o6SzQfkn0aEx8dW6uEmahfcB%2B28smzfgs7kgT3p6vSYnw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8427f1b8ab7b6699-AMS
upstream-cache-control: max-age=31536000, public
expires: Tue, 07 Jan 2025 22:40:47 GMT

GET
H2 200 comment-form.min.css
www.winonaorc.org/wp-content/plugins/fusion-core/css/ 1002 B
644 B 354ms
353ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winonaorc.org/wp-content/plugins/fusion-core/css/comment-form.min.css?ver=5.11.3
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d1e8ba43288eb8319b19f3dc2f0b6574c9ca75bd86446ea3e03d33c8e11d97e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:47 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 06 Dec 2023 16:34:38 GMT
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
upstream: Apache
content-type: text/css; charset=utf-8
nginx-cache: MISS
upstream-expires: Tue, 07 Jan 2025 22:40:47 GMT
cache-control: max-age=31536000, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mRdZ6ZgiIcLqDwVDPWgjmmBW4lNpR7EfErtgaBieKzhSSLeTL0gNkaiemuP5cX4eNZTB5Cgqryiu9sxXSxXu4lMRR8htQeFhiCCCQ9DcKC4iqINlwHR4RVRQbLpFrY0MI6kfnwB2cppAB7BH9coWYg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8427f1b8ab7e6699-AMS
upstream-cache-control: max-age=31536000, public
expires: Tue, 07 Jan 2025 22:40:47 GMT

GET
H2 200 privacy.min.css
www.winonaorc.org/wp-content/plugins/fusion-core/css/ 190 B
401 B 382ms
381ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winonaorc.org/wp-content/plugins/fusion-core/css/privacy.min.css?ver=5.11.3
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbfe6a3f843b860791246f5fecc87feeeed4dd67c22e4da268d1f15a19c3f9ae

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:47 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 06 Dec 2023 16:34:38 GMT
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
upstream: Apache
content-type: text/css; charset=utf-8
nginx-cache: MISS
upstream-expires: Tue, 07 Jan 2025 22:40:47 GMT
cache-control: max-age=31536000, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nXjSdIk2ClG6F1rtBAmQjEz2QeBWHEBaUwtBH1gvqy1n%2BJvII%2FZYB%2Fbp8GxhXNzXb4vbwk2gMVyMIL%2BmGrN45ajkHY1iGEau9BdOWZS59111MWmsUowjpvuGLSmCR%2F4J3PiyBqtLXDsQ4PbeFB94Vg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8427f1b8ab816699-AMS
upstream-cache-control: max-age=31536000, public
expires: Tue, 07 Jan 2025 22:40:47 GMT

GET
H2 200 faqs.min.css
www.winonaorc.org/wp-content/plugins/fusion-core/css/ 1 KB
602 B 352ms
351ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winonaorc.org/wp-content/plugins/fusion-core/css/faqs.min.css?ver=5.11.3
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f4ad22c0555a3cdace905f9db3c19684531234f535d8c68f47de0559aee8153

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:47 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 06 Dec 2023 16:34:38 GMT
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
upstream: Apache
content-type: text/css; charset=utf-8
nginx-cache: MISS
upstream-expires: Tue, 07 Jan 2025 22:40:47 GMT
cache-control: max-age=31536000, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PGRmNIopSIerUIeA00TnU%2BAb73LhTcaojlPyazJx1rQUV3iv9HQhHm7IEc2jtVcOqpUdSNX3O9xNX8Sh7gzF5Qp2nRRvP%2BKWIKG0FSS20WXrWKAvSjcz2uj5hMq3rHTYqCar1VuMI0Sv7bhfyf%2Bxcw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8427f1b8ab856699-AMS
upstream-cache-control: max-age=31536000, public
expires: Tue, 07 Jan 2025 22:40:47 GMT

GET
H2 200 portfolio.min.css
www.winonaorc.org/wp-content/plugins/fusion-core/css/ 7 KB
2 KB 383ms
383ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winonaorc.org/wp-content/plugins/fusion-core/css/portfolio.min.css?ver=5.11.3
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c16f1dd35ecb4ed981b2b5b6cd9daf8d43175c971b4896da626dcfdc344fe412

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:47 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 06 Dec 2023 16:34:38 GMT
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
upstream: Apache
content-type: text/css; charset=utf-8
nginx-cache: MISS
upstream-expires: Tue, 07 Jan 2025 22:40:47 GMT
cache-control: max-age=31536000, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O55UJCAX648OaePx0pb940iC%2FOCDZ73RScY0aE8droqAKc5HZE462i3itFryrFh70tRsDVNWwX1v3xtv6DGpVpgS3A1y0Yu0dvkATJwWSPifiUrXJOM9ea3jM58%2Bi6Cvzrc0NNP9l3%2B5LbfX4y2SxA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8427f1b8ab866699-AMS
upstream-cache-control: max-age=31536000, public
expires: Tue, 07 Jan 2025 22:40:47 GMT

GET
H2 200 style.min.css
www.winonaorc.org/wp-content/themes/Avada/assets/css/ 67 KB
14 KB 474ms
473ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winonaorc.org/wp-content/themes/Avada/assets/css/style.min.css?ver=7.11.3
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76a398d5161af915d8d99b6f283d02ce65819e9b46faf78262ceb70d8df444f1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:47 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 06 Dec 2023 14:46:07 GMT
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
upstream: Apache
content-type: text/css; charset=utf-8
nginx-cache: MISS
upstream-expires: Tue, 07 Jan 2025 22:40:47 GMT
cache-control: max-age=31536000, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Svepc%2BhyQr3ao9DZn4NxVrZWjPOuvEEyaVfTQYrk24hTmgTWCjp48SL58npYznKYNl8NKQdYyp3oe8uytfky7fo0MxTphqG0LY44dN%2FNVRRbBRVNBbDDIIMpE6CnIWjge0lpZBZrH3fPE6w%2F1LZHcg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8427f1b8ab876699-AMS
upstream-cache-control: max-age=31536000, public
expires: Tue, 07 Jan 2025 22:40:47 GMT

GET
H3 200 style.css
www.winonaorc.org/wp-content/themes/Avada-Child-Theme/ 186 B
761 B 382ms
381ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winonaorc.org/wp-content/themes/Avada-Child-Theme/style.css?ver=6.4.2
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dc50d424a96415697f26f2c39b67c70b10e8a95fd108b4d981aafe222392cf2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 15 Aug 2019 17:14:21 GMT
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
upstream: Apache
content-type: text/css; charset=utf-8
nginx-cache: MISS
upstream-expires: Tue, 07 Jan 2025 22:40:47 GMT
cache-control: max-age=31536000, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w6K7KKPkxfbvwE5Aek7N1qQsm7za25FNFPdqK5gthpERnxkfX4RIAee4FNN4pOZdARd%2FFAOKBo4b%2F7RE990gRPBZPg0Az0tTCiyA4a2u4%2Fcz4WeEXQiJSDgC%2F9FHKHNhDf0thAza4%2FeVwPTf0voiEw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8427f1ba1f18b89d-AMS
upstream-cache-control: max-age=31536000, public
expires: Tue, 07 Jan 2025 22:40:47 GMT

GET
H3 200 tabs-lg-min.min.css
www.winonaorc.org/wp-content/plugins/fusion-builder/assets/css/media/ 2 KB
1 KB 357ms
357ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winonaorc.org/wp-content/plugins/fusion-builder/assets/css/media/tabs-lg-min.min.css?ver=7.11.3
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df1effd60a530a600aa7f9c5929d7ead47d22d8f8f83ef9c862c754a073febd4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 06 Dec 2023 16:34:34 GMT
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
upstream: Apache
content-type: text/css; charset=utf-8
nginx-cache: MISS
upstream-expires: Tue, 07 Jan 2025 22:40:47 GMT
cache-control: max-age=31536000, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YvyrnlQpz5geWEIQNH5VE1P5Q6SHC5kZRyah2qrXR198ngVcGh3NlAeeOMOxtW4%2FgcVnrwTnuu4%2BdhVc7QsNNWbj3XkMhl5tVoT9gu6wZ6siz3x%2Fi8i9FeZpIF%2FAVPU0u7XlPnkdI49k3RUO6YIr7g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8427f1ba1f1cb89d-AMS
upstream-cache-control: max-age=31536000, public
expires: Tue, 07 Jan 2025 22:40:47 GMT

GET
H3 200 min-shbp.min.css
www.winonaorc.org/wp-content/themes/Avada/assets/css/media/ 48 B
689 B 355ms
354ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winonaorc.org/wp-content/themes/Avada/assets/css/media/min-shbp.min.css?ver=7.11.3
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 384fa64d32900e7432daca62423b70db95397356960e534150de25374e792236

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 06 Dec 2023 14:46:07 GMT
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
upstream: Apache
content-type: text/css; charset=utf-8
nginx-cache: MISS
upstream-expires: Tue, 07 Jan 2025 22:40:47 GMT
cache-control: max-age=31536000, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ngGoQWhImtapTRyS30UTCWteKpRAzWx0KjjOkSPQdsx4D6XF2sPs337wG95bSFj4h24W7qfGJj73YOQKnpBH0curyJ7hmhviV1sWk4Za9iMlr7RYXxVK0pCLxnLfGvm96qHHH4HYeQbq5uhtUL5xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8427f1ba1f20b89d-AMS
upstream-cache-control: max-age=31536000, public
expires: Tue, 07 Jan 2025 22:40:47 GMT

GET
H3 200 min-shbp-header-legacy.min.css
www.winonaorc.org/wp-content/themes/Avada/assets/css/media/ 4 KB
1 KB 355ms
355ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winonaorc.org/wp-content/themes/Avada/assets/css/media/min-shbp-header-legacy.min.css?ver=7.11.3
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: decddadd9d299db1b6532cc40a6962ab172b7828744e195ff17022ea2dddd014

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 06 Dec 2023 14:46:07 GMT
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
upstream: Apache
content-type: text/css; charset=utf-8
nginx-cache: MISS
upstream-expires: Tue, 07 Jan 2025 22:40:47 GMT
cache-control: max-age=31536000, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fE%2FLguuWtEnc4yUU0iv7yFFI1BrtsS5g8rrvb1NuFfzc7K5cqh8dZeWCRNGiPA22vjuDRgv4xcWqHJod8GR5SyCoaBe4V3YUo8PvSW12PLVtsfDWO%2FzuTN%2B1pCT74UAGPEIWr%2FeC61D%2FWq7pHjXImQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8427f1ba1f22b89d-AMS
upstream-cache-control: max-age=31536000, public
expires: Tue, 07 Jan 2025 22:40:47 GMT

GET
H3 200 min-sh-cbp.min.css
www.winonaorc.org/wp-content/themes/Avada/assets/css/media/ 1 KB
947 B 348ms
348ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winonaorc.org/wp-content/themes/Avada/assets/css/media/min-sh-cbp.min.css?ver=7.11.3
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76dc7837c8ab5206c96741447dd101a493c0a019f05d9c1f4e3b4e6c7faf7153

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 06 Dec 2023 14:46:07 GMT
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
upstream: Apache
content-type: text/css; charset=utf-8
nginx-cache: MISS
upstream-expires: Tue, 07 Jan 2025 22:40:47 GMT
cache-control: max-age=31536000, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3gA9fwHAcEOaB%2Fm8AQg8pYcqnwwKU0qSQW9bhXpus91ug8FVj%2FJuZMJDD3v4gFIJHjVO5DTn0kf%2BWnbIRhG6O5UYvQow08csdoh81iI3UuZcenknqnb9yUkUoq97LLYWyI%2FABTRoXsTovt8ElMBD%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8427f1ba1f26b89d-AMS
upstream-cache-control: max-age=31536000, public
expires: Tue, 07 Jan 2025 22:40:47 GMT

GET
H3 200 jquery.min.js Show response
www.winonaorc.org/wp-includes/js/jquery/ 86 KB
31 KB 460ms
460ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winonaorc.org/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 13 Dec 2023 14:27:56 GMT
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
upstream: Apache
content-type: application/javascript; charset=utf-8
nginx-cache: MISS
upstream-expires: Tue, 07 Jan 2025 22:40:47 GMT
cache-control: max-age=31536000, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XOU0nzK1c6U5X8nCpE4dg8o15pRaO%2FXkQ5cQHHGW47RG3cPOiyJsAmBesDMdmnslKQ6iC22YBiAjI78laDuOf0JtRIlt3WLJZwHsKdwZTXwMcnWT%2BiWZV2rQ7%2BoUJ7hfABpHA1AXrNpN9pS00sqcsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8427f1ba1f28b89d-AMS
upstream-cache-control: max-age=31536000, public
expires: Tue, 07 Jan 2025 22:40:47 GMT

GET
H3 200 jquery-migrate.min.js Show response
www.winonaorc.org/wp-includes/js/jquery/ 13 KB
6 KB 381ms
379ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winonaorc.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 18 Aug 2023 14:28:04 GMT
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
upstream: Apache
content-type: application/javascript; charset=utf-8
nginx-cache: MISS
upstream-expires: Tue, 07 Jan 2025 22:40:48 GMT
cache-control: max-age=31536000, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2u%2Brvls8dpw%2FjHBtDVy8YlHT20bUmw2%2BXJ7pMAeqWxT58BU3J%2FpyPnxk9Pr973I0j0dzbTkVS%2Bb9eoz1JyZQXvU0DjcK7enR%2Fb%2F0v%2BCI9sYj%2F92P8UGKvG4iWyEPTWbtxSHSnXwZ0RmGwD%2FWqse2Wg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8427f1bd2b0cb89d-AMS
upstream-cache-control: max-age=31536000, public
expires: Tue, 07 Jan 2025 22:40:48 GMT

GET
H3 200 apbct-public-bundle.min.js Show response
www.winonaorc.org/wp-content/plugins/cleantalk-spam-protect/js/ 64 KB
17 KB 480ms
478ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winonaorc.org/wp-content/plugins/cleantalk-spam-protect/js/apbct-public-bundle.min.js?ver=6.24
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64928c9160e3e4303fd9f1181ebead34b9070e21c7370d4704a15758b837bccb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 27 Dec 2023 18:01:41 GMT
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
upstream: Apache
content-type: application/javascript; charset=utf-8
nginx-cache: MISS
upstream-expires: Tue, 07 Jan 2025 22:40:48 GMT
cache-control: max-age=31536000, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q3LoALRM%2Fcw00eQX%2BG5ppLq0C2WtDtv%2BPsDRF96UwbZbk%2BDj8jkjafVyvM5xFklJaCvcH4S%2Bcq0aDDE62jszwtzn0xOJwgzaulT4rUKtYdO%2FvTAecvU0%2FhwbomtNObtB2eyVmE9K2kDNs7fCPOtNnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8427f1bd2b0eb89d-AMS
upstream-cache-control: max-age=31536000, public
expires: Tue, 07 Jan 2025 22:40:48 GMT

GET
H3 200 wonderplugingallery.js Show response
www.winonaorc.org/wp-content/cache/min/1/wp-content/plugins/wonderplugin-gallery/engine/ 233 KB
36 KB 501ms
499ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winonaorc.org/wp-content/cache/min/1/wp-content/plugins/wonderplugin-gallery/engine/wonderplugingallery.js?ver=1689172682
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea51716bfe8c6b4e39afb3c220d20fae9fef606b567c6db5d4a0261db29e5285

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 12 Jul 2023 14:38:02 GMT
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
upstream: Apache
content-type: application/javascript; charset=utf-8
nginx-cache: MISS
upstream-expires: Tue, 07 Jan 2025 22:40:48 GMT
cache-control: max-age=31536000, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eSojEwUjFCIzl3XDDKkx72RKG6HIr%2FuZ4sPlNRdhUWpHQ4YNiQtaZzBBaac6H%2BZrls4KAZaJ6QaM8q3uwPgxlVRkEWG7yg0brYWzHLv9ygnZrXFRCQTNErD0bzLL93Dne4iI22daD9s%2FpcHkVBQw4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8427f1bd2b10b89d-AMS
upstream-cache-control: max-age=31536000, public
expires: Tue, 07 Jan 2025 22:40:48 GMT

GET
H3 200 CD0C7582-B4F9-4878-91A9-27B096A44BF8.png
www.winonaorc.org/wp-content/uploads/ 48 KB
49 KB 538ms
538ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winonaorc.org/wp-content/uploads/CD0C7582-B4F9-4878-91A9-27B096A44BF8.png
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b53df7f50858f5ac5978f624e27c136ae0dfdc5ebd9288ad7af7e9d2a2d88d8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
cf-cache-status: MISS
last-modified: Sat, 29 Apr 2023 01:18:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644c7053-c1cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wnb9iR1ClDHrabQVqhfOic6w11NwRtUMozxEJYaCHdcbI1eBfjQ0orH6EA63Kw1wWtzQ8E30OwSM6Z9NQODOe0pF32pVncvdcZc3KOdUTIIfkMXUs0h6NsvLAPJOWrCfBQWv52mwQ3KUAJlbxGqqIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 8427f1ba2f44b89d-AMS
alt-svc: h3=":443"; ma=86400
content-length: 49615

GET
H3 200 carf-logo.png
www.winonaorc.org/wp-content/uploads/2019/06/ 107 KB
107 KB 621ms
620ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winonaorc.org/wp-content/uploads/2019/06/carf-logo.png
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 580faa05f77e8a818dc7da9fb684419cff023e0090a7d101d0b8da108b239257

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
cf-cache-status: MISS
last-modified: Thu, 15 Aug 2019 16:40:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5d558af0-1aaec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YgxTY%2FL1Xy56tVcvo1O43lXDgni6cTDvwN6RYWLrNf9fZnp5bLMm375I44NfhyFrNL3plzq1Q9GwKwBqqr8wxFpSYFxxaUkeffwj7ltghzkF%2FKaXEN%2BmU5IbEO%2FccgimPfdl8GpnxOwVw4DqBCOo%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 8427f1ba2f46b89d-AMS
alt-svc: h3=":443"; ma=86400
content-length: 109292

GET
H3 200 cropped-CD0C7582-B4F9-4878-91A9-27B096A44BF8-1-400x264.png
www.winonaorc.org/wp-content/uploads/ 10 KB
11 KB 427ms
427ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winonaorc.org/wp-content/uploads/cropped-CD0C7582-B4F9-4878-91A9-27B096A44BF8-1-400x264.png
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ace4890e3be1dfa552f2137045e75834c335c5111845063eec2e5b45d421a264

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
cf-cache-status: MISS
last-modified: Sun, 30 Apr 2023 16:24:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644e9636-285d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DmbSXQEfSyr9aTyEOJZIMR1Nm430mnQP%2BwGQnmUt12bg03ftRTcCCTPHqILOcFcDo7mDRXyl9Nir1D3dFQOtBYq9nFRV1pB3CN5Y79uabko4EC64DB6VjCoMYsT6MhgcMOWmlJm%2FqaDiWRAou81lhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 8427f1ba2f47b89d-AMS
alt-svc: h3=":443"; ma=86400
content-length: 10333

GET
H3 200 icon-communty-services.png
www.winonaorc.org/wp-content/uploads/2019/04/ 7 KB
7 KB 377ms
375ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winonaorc.org/wp-content/uploads/2019/04/icon-communty-services.png
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6422e4e63bb63a863317d5f0149c5d7bcf3f386bb1aa538c67a65add726dddfe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
cf-cache-status: MISS
last-modified: Thu, 15 Aug 2019 16:40:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5d558aeb-1a02"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=orLUgA2hd89wo92HwdJdHvEyv%2Fb717SATWxOY8k71JQW%2Fw0xRF6MSGbBHYWJdO7yQiUjYF8V%2BVRR1%2FzheHIP%2BkBxJ9mIImZZvJDBRI6qlD%2FKQ4znIMRshARsGOD7nM0GACyJMpZXn7xPjFMaJUCRWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 8427f1bd2b12b89d-AMS
alt-svc: h3=":443"; ma=86400
content-length: 6658

GET
H3 200 icon-shredding.png
www.winonaorc.org/wp-content/uploads/2019/04/ 3 KB
3 KB 334ms
331ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winonaorc.org/wp-content/uploads/2019/04/icon-shredding.png
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65ac8a94ea1135a6a727126ac61d558c2288acbcc4b30b5a3043c2a3967e9507

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
cf-cache-status: MISS
last-modified: Thu, 15 Aug 2019 16:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5d558ae9-a8e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tujw4toPP%2FXGHR6fqOnVh1uW6%2FFeEqeNC12rgiYhjGkuKNz%2BCu7vd8tV2KB56VS4OQ3K9JDs3XKa6be7wGOf8hNvm71c8KwQKd0HST8ZYJHvapJldUJB0pe8KToauPza8mzahzTiN%2FzGzRSLU3OxRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 8427f1bd2b13b89d-AMS
alt-svc: h3=":443"; ma=86400
content-length: 2702

GET
H3 200 icon-laundry.png
www.winonaorc.org/wp-content/uploads/2019/04/ 10 KB
11 KB 439ms
436ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winonaorc.org/wp-content/uploads/2019/04/icon-laundry.png
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cc250776990501d210a3923741bc1911d46ad20febf501962b8d29fc36363de

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
cf-cache-status: MISS
last-modified: Thu, 15 Aug 2019 16:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5d558ae9-28a3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PkjOWnn7DpkoQ%2FtZOH%2B2vR7S6o5x4LmN1rPqRBi0EpVJ4kuJv3HBLJ1PnyaEdb1OibGOFc5zzj71HO0fDSE6ST0wj6%2F8j%2BqF7xvD36FDpuGz%2Fk1U8DtlNVCbFbVxAlBRWwE4eJ%2BRzIx4jtSgpobo3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 8427f1bd2b14b89d-AMS
alt-svc: h3=":443"; ma=86400
content-length: 10403

GET
H3 200 DSC_0260-400x265.jpg
www.winonaorc.org/wp-content/uploads/ 27 KB
27 KB 427ms
427ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winonaorc.org/wp-content/uploads/DSC_0260-400x265.jpg
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a57817fa0fb9250c04898b68e4fcce6d5040be3742c40280a7ab22df9a8a591

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
cf-cache-status: MISS
last-modified: Tue, 18 Feb 2020 20:46:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5e4c4d3c-6a1e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EizQFALr9Dhr8Bm56zZEwkUskSr02J2agF%2FAIKCbObHlGoW8hqzLTi%2BuoGxVV2p9902t1mIgOOcgD%2Bk42LiDMVxhlEZpCqXalpIbfr59%2F4iJ%2FIK19puhElJ6TNzxck26vXEmw0kxFh2biiP4PPD6cA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8427f1bcdaa6b89d-AMS
alt-svc: h3=":443"; ma=86400
content-length: 27166

GET
H/1.1 200
OK 3640320.js Show response
s3-us-west-2.amazonaws.com/bloomerang-public-cdn/winonaorc/.widget-js/ 3 KB
3 KB 573ms
222ms Script
text/javascript 52.92.193.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/bloomerang-public-cdn/winonaorc/.widget-js/3640320.js
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.193.128 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2f9893a01b354baf9e0f72815180c6b5cd979567078c4ebe7f4e8720f56c62ad

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 22:40:49 GMT
x-amz-version-id: 9hETR2emQCUKDeTpEBnfFTlB1AI4dzUs
Last-Modified: Wed, 27 Dec 2023 02:37:11 GMT
Server: AmazonS3
x-amz-request-id: K60XP2TW0R70SHM6
ETag: "1315796a5fe4f1ac748980db0cddf372"
x-amz-server-side-encryption: AES256
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 2883
x-amz-id-2: gyZiXRUuO8TGpZ1r1iUxCeC/FpZSZxWNb+9ECDl5SRg0JY5I82uWoyiqKsOSTqT0V+EQ9GUkWNc=

GET
H3 200 DSC00945-400x300.jpg
www.winonaorc.org/wp-content/uploads/ 22 KB
23 KB 489ms
487ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winonaorc.org/wp-content/uploads/DSC00945-400x300.jpg
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ff84c5fa38aac57cf155116315b572cffaf2fd82ca2cfe5277648de2a808020

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
cf-cache-status: MISS
last-modified: Tue, 28 Jan 2020 19:45:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5e308f77-593f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6GtvZEvtIQdX9w9zprJ%2FZc9d7V0Eyfdi5l9x15xB1MNV4H9AvQHkeK%2BXe7v1Bm8KdMqUL2hwVOIengmT6xsoP2wKAB3kxerCTn1aToox%2BQ%2FjvuG%2FO3fa5Q0Pi1grkkGXQG48G%2FLsscTB9ULoXjOOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8427f1bd2b15b89d-AMS
alt-svc: h3=":443"; ma=86400
content-length: 22847

GET
H3 200 Picture4-1-200x202.png
www.winonaorc.org/wp-content/uploads/ 20 KB
21 KB 488ms
486ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winonaorc.org/wp-content/uploads/Picture4-1-200x202.png
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e03e07d3a58bf6e815b58ad87cb6c69b9a958e743f55d37d02f900051a24518

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
cf-cache-status: MISS
last-modified: Fri, 07 Aug 2020 20:32:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5f2dba5e-51db"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=85zteGMWspxBuYi2TMUGfThAFjERPTtAlAHkuJ92nB8Qs1DZc8bs1Bs9qCyhGUdAWYPq%2FHS5sHqWZM%2F6%2FJczG6gKVk6D9qAkUhh0DcSJ%2Fxlb7YsPRHaFLkUAHJX1c8zdivqQ35HeXpgitpm%2BUt5mnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 8427f1bd2b18b89d-AMS
alt-svc: h3=":443"; ma=86400
content-length: 20955

GET
H3 200 2020_45Year_MiltonT-1-200x200.jpg
www.winonaorc.org/wp-content/uploads/ 10 KB
11 KB 435ms
433ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winonaorc.org/wp-content/uploads/2020_45Year_MiltonT-1-200x200.jpg
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c297350062a04c410eac01ca398277a1d8106bc548d5e164d1b05b2d9028f162

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
cf-cache-status: MISS
last-modified: Wed, 23 Feb 2022 20:11:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "621694e1-2943"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2OmHA5amqRmapSGXePEGOu2O8Pkb3jj%2FH5cGtJdQ%2Ff9ZXtdDKZj4QrVXbL%2F5kTgookmR65TAYBD2IMRV7o%2FtUMOKVPUg59ZpUACwNdkGKwynnIC66Xv%2FnrjxJ%2BWOv76SscTTDGZPRlHj5DX2h3Tz3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8427f1bd2b1ab89d-AMS
alt-svc: h3=":443"; ma=86400
content-length: 10563

GET
H3 200 Support-us-1-200x87.png
www.winonaorc.org/wp-content/uploads/ 8 KB
8 KB 400ms
399ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winonaorc.org/wp-content/uploads/Support-us-1-200x87.png
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbbab26ec105a65a124aac0809b45dc1160233ccb2da08063c03ed24e6401a59

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
cf-cache-status: MISS
last-modified: Thu, 15 Aug 2019 16:47:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5d558ca9-1f7b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZtB6w%2BBThF0KuDkNWSoEK8zNHljsJLvTMP1v5opvYYZFn%2FC3dvOZTfJpN8Y05siQwWdIgPpYymbkStM7LnzQhwvd98NAC1uLBIXCLv05m%2FecgxgbBnxZRrd8vAJ14KXksZ1saWVKnsHGWojyQKi7Yg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 8427f1bd2b1bb89d-AMS
alt-svc: h3=":443"; ma=86400
content-length: 8059

GET
H3 200 Picture3-1-200x198.png
www.winonaorc.org/wp-content/uploads/ 20 KB
21 KB 430ms
428ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winonaorc.org/wp-content/uploads/Picture3-1-200x198.png
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12eefc8413913945259c16d5999947454bbfaa75d63daf202fe74f3edc7caa7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
cf-cache-status: MISS
last-modified: Fri, 07 Aug 2020 21:15:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5f2dc480-50b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e023uwM9kk%2FjFlSrLqEBmXSrxQfFsiCKIP18J8U79pivPTptHcc5GpVyZzD3Yx%2FNuJ55gGHzz1lRJt5bOeyLjVVUsO95KgHSY2Z0C6muIjCiARTEhivgmizBkJ551iSKk%2Biz5E%2FlA9S0INSYWhjv7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 8427f1bd2b1cb89d-AMS
alt-svc: h3=":443"; ma=86400
content-length: 20661

GET
H3 200 partner-carf-international.jpg
www.winonaorc.org/wp-content/uploads/2019/04/ 35 KB
35 KB 474ms
472ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winonaorc.org/wp-content/uploads/2019/04/partner-carf-international.jpg
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 384deb95ef696c4cfe15e0c486ba1f74ff5c78b4f828f19d7c76b7826e6102ec

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
cf-cache-status: MISS
last-modified: Thu, 15 Aug 2019 16:40:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5d558aec-8b4e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0hHj%2FAetDyQOwPZtRte8rgSCwpYCPv7yhgkAe4dJ9oM1gssUQf8Bj7YH6T5kA%2BKVfSA8iKaxggsTS0AhP%2B%2BpqxifURIpLj9F0Ex%2FCrPIKjDeQ7jCEsV27nvZM03qSc%2FQEIABZAuy4mR%2FSMxJ8mq86A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8427f1bd2b20b89d-AMS
alt-svc: h3=":443"; ma=86400
content-length: 35662

GET
H3 200 partner-good-search.jpg
www.winonaorc.org/wp-content/uploads/2019/04/ 14 KB
14 KB 436ms
434ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winonaorc.org/wp-content/uploads/2019/04/partner-good-search.jpg
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b99115a5a835174818d047a59f5a3faf7f8288cf7da97ac3f613d1803e648cfb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
cf-cache-status: MISS
last-modified: Thu, 15 Aug 2019 16:40:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5d558aed-3775"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TkDbFzbDVGnggaVNC70HWSLQ2v%2BsFxlK%2BtP81bRZjkiOFeVyDaTjdPVd4NdyFnL42LyimjFnSMJtUSsyPKYDhL%2BMrCkCdX6fU0zIc1JEqtQjyYV2H4ZpfgIjsBlRx43L9BSLnO8Lalj4CQ0EpKbSbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8427f1bd2b21b89d-AMS
alt-svc: h3=":443"; ma=86400
content-length: 14197

GET
H3 200 partner-home-and-community-options.jpg
www.winonaorc.org/wp-content/uploads/2019/04/ 14 KB
14 KB 435ms
434ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winonaorc.org/wp-content/uploads/2019/04/partner-home-and-community-options.jpg
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fc83f02f14dc0479b76ed87f194714589b19f0caec1c584e8b62dc2788d162e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
cf-cache-status: MISS
last-modified: Thu, 15 Aug 2019 16:40:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5d558aea-379f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=azch7whFwqYZfJF5wtCXQYHXILIw9lD0w9P8Qp09C0JfRM1DOHNrq2%2BBeYUATDtqyPypk%2Flp3We5ARAkphWHhKUXUBOG%2Fgziq9lqBSaf4oLXyfiiPSu%2FF2EzeYRB5t2Xf%2BUqbkcgtkSUpj%2BcK8JRMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8427f1bd2b23b89d-AMS
alt-svc: h3=":443"; ma=86400
content-length: 14239

GET
H3 200 partner-leave-a-legacy.jpg
www.winonaorc.org/wp-content/uploads/2019/04/ 10 KB
11 KB 437ms
435ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winonaorc.org/wp-content/uploads/2019/04/partner-leave-a-legacy.jpg
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00650b5549227f117e06861ccb970252994b45ca48b71987b176946b9ce7ebe4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
cf-cache-status: MISS
last-modified: Thu, 15 Aug 2019 16:40:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5d558aea-2865"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ocNDN%2Fcl3bnb%2F%2BqY6we%2BCTAh4iXhYSnzCCLR%2Fo3UaK1gfGYF3ZmOfjAUTMRd4dC76ipTBziaFn1gw4LeXiEXOwG6GhzHJhg1fvPq7J2lAODH3RGEy3nt6AF80mykYkFUosTFKpHu93r1on3poWs%2FQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8427f1bd2b25b89d-AMS
alt-svc: h3=":443"; ma=86400
content-length: 10341

GET
H3 200 partner-winona-community-foundation.jpg
www.winonaorc.org/wp-content/uploads/2019/04/ 16 KB
17 KB 130ms
129ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winonaorc.org/wp-content/uploads/2019/04/partner-winona-community-foundation.jpg
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 245908466e825afeb2ec2c333a4c68d48bf2296bb582baf2bfd199f6fcc645f4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
cf-cache-status: MISS
last-modified: Thu, 15 Aug 2019 16:40:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5d558aec-40d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3GVaHBJm5Vc0evAmbEchytHhEfDceq0wNMcizKjRyTFDwQfEtM9uzOFQfykToD9Sqz6OeBCUqdlVfVj8JkaYVz%2BWoe5F9xod0Q6Jr5zIPb1FSpcSkR8bz33mYhkKonz3DGyOXWvcy8zXMZhdILcmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8427f1bd2b27b89d-AMS
alt-svc: h3=":443"; ma=86400
content-length: 16599

GET
H3 200 style.min.css
www.winonaorc.org/wp-includes/css/dist/block-library/ 107 KB
15 KB 519ms
519ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winonaorc.org/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 13 Dec 2023 14:27:56 GMT
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
upstream: Apache
content-type: text/css; charset=utf-8
nginx-cache: MISS
upstream-expires: Tue, 07 Jan 2025 22:40:48 GMT
cache-control: max-age=31536000, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mBgSURsjbUr%2BlD0TW3r2do2Nrefn%2Bvs7THADg8mDQhKD960BhnEXXW%2B71GppGmnBu%2FTv%2B1PvjwlA3kN%2FQo0jZTVm18GuZ4qqOdzcxHrfW1xAiIqG%2FWznoDWmXn3zwthko9Fqxl0ROVhm5jS3RBUOmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8427f1bd2b02b89d-AMS
upstream-cache-control: max-age=31536000, public
expires: Tue, 07 Jan 2025 22:40:48 GMT

GET
H3 200 c5b80c8e7b9046eab56f65f070acd364.min.js Show response
www.winonaorc.org/wp-content/uploads/fusion-scripts/ 565 KB
151 KB 684ms
682ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winonaorc.org/wp-content/uploads/fusion-scripts/c5b80c8e7b9046eab56f65f070acd364.min.js?ver=3.11.3
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10c9bdea24629394a62eea7cbb27da2766628a9e4868987a958aa63478eeeab7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 06 Dec 2023 16:34:42 GMT
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
upstream: Apache
content-type: application/javascript; charset=utf-8
nginx-cache: MISS
upstream-expires: Tue, 07 Jan 2025 22:40:48 GMT
cache-control: max-age=31536000, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z4%2Fn58j8rERL8AQHaNkDnu%2BJdcrmYeje8aI%2FxziMhzRA23k8A%2BN%2Fp3iVr0TqjBbvp7JYKxnsrkuKMqauH0f3WYvO8Ik6SDPHNaAAxN0jmneVRFwfku7BVPnojM4gquN5nyMsjxPVJOjWwtpeAtRqeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8427f1bd2b28b89d-AMS
upstream-cache-control: max-age=31536000, public
expires: Tue, 07 Jan 2025 22:40:48 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 77ms
24ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.winonaorc.org
URL: https://www.winonaorc.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6b3c0f90bbc7aa144d83e4ed8025f79044dd57adf9a0bbc071bc6f2be5a03a02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.winonaorc.org/
Origin: https://www.winonaorc.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 08 Jan 2024 22:40:48 GMT
content-md5: N/fKStrINi3niCUdmgNKNg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
reporting-endpoints
x-fb-debug: ce0Tcntoc8Ssgx9KK7gTQ+mKIDZleDGPLD1U81YdaXQ7hMtRi0Q3cf69H2mgDabUX4B0uUTD1mfqYfBD0+bn2w==
x-fb-content-md5: 2ef3171d82d3cb7e5135adf49d98381d
cross-origin-opener-policy: same-origin-allow-popups
etag: "9c314ac9f19e60336f60ef21e8e89818"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Mon, 08 Jan 2024 22:50:38 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 146 KB
55 KB 171ms
65ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TZ2TQ9

Requested by

Host: www.winonaorc.org
URL: https://www.winonaorc.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c59d42902c43d39dacfef123ff907288061d67aae7e4e333f7e01f253bdb8708

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55609
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 08 Jan 2024 22:40:48 GMT

GET
H2 200 TNPEkIYFY_U Show response
www.youtube.com/embed/ Frame FE11 92 KB
40 KB 160ms
102ms Document
text/html 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/TNPEkIYFY_U?wmode=transparent&autoplay=0&rel=0

Requested by

Host: www.winonaorc.org
URL: https://www.winonaorc.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c90208987aabd1d4e7f8477834c552b8ffb61f0d00723180b5a15f58582e18c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winonaorc.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 22:40:48 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 widget.js Show response
cdn.userway.org/ 2 KB
2 KB 92ms
25ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2c0dd7282a7fec0217e9fa29ff98f2d94079904572a19083ad27f89ec75f8b91

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 08 Jan 2024 22:40:48 GMT
via: 1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 1957
x-amz-cf-pop: FRA60-P3
age: 598
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1704751691
x-77-nzt: EgwBw7WvJwH3pQcAAAwB1GY4AQH3BgAAAA
x-accel-expires: @1704755291
x-77-age: 1963
x-cache-lb: HIT
last-modified: Sun, 07 Jan 2024 08:56:19 GMT
server: CDN77-Turbo
etag: W/"6ecdd2f930d3b8f8cf2b5b10013f8b7d"
x-77-nzt-ray: 25b02131e0733b78f0799c6502216d0f
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=3600, public
content-type: application/javascript
x-amz-cf-id: uuZ-gN5jseOqxGC6mQVh37Jq9f1hqBaXnpvMafScDONtvmabQa2VNQ==

GET
H3 200 cropped-CD0C7582-B4F9-4878-91A9-27B096A44BF8-1.png
www.winonaorc.org/wp-content/uploads/ 42 KB
42 KB 524ms
524ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winonaorc.org/wp-content/uploads/cropped-CD0C7582-B4F9-4878-91A9-27B096A44BF8-1.png
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90c1ed86aab1da578f179753cb573ab4ae70d31208b35d917e232f99493f7e5a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
cf-cache-status: MISS
last-modified: Sun, 30 Apr 2023 16:24:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "644e9648-a7af"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4urDuomIpfqwgsUOq0pJsDKr6AOy3SKu%2FAG7P02JW9LfqvOkJZRXVZpo7EfZdDLwOHqcI1XJ17BTmteGgyQSLZ6GsKgRSmVxUv755zi%2BGMHUzA4FqLSXZp1LEtzyx2IpM3zKLKbOJfA9CB4hcKk0%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 8427f1bd3b31b89d-AMS
alt-svc: h3=":443"; ma=86400
content-length: 42927

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 84ms
31ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.winonaorc.org
URL: https://www.winonaorc.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winonaorc.org/
Origin: https://www.winonaorc.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 00:57:14 GMT
x-content-type-options: nosniff
age: 337414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 00:57:14 GMT

GET
H3 200 ltbluehorizontal.png
www.winonaorc.org/wp-content/uploads/ 534 KB
535 KB 620ms
619ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winonaorc.org/wp-content/uploads/ltbluehorizontal.png
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1baf5184d6ebd0bb5b17f643b689282311a4268956591a2181073de1410e66f1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
cf-cache-status: MISS
last-modified: Thu, 15 Aug 2019 16:53:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5d558dfa-85950"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7Aj3FbeELRSz00WiBs0goaUsUrqELuR8igLsYjcqsDkKWl05mQR615bjOY8W7n3f9%2BAbG8Hn1rExqlbD3MArq6HwU4QzCfuPx80cgcWm5glFWdTmK6oj9zCORqkAnuiaJtvZZbxEilDJQqGPx67hQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 8427f1bd4b35b89d-AMS
alt-svc: h3=":443"; ma=86400
content-length: 547152

GET
H3 200 ltbluehorizontal-200x155.png
www.winonaorc.org/wp-content/uploads/ 12 KB
13 KB 143ms
142ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winonaorc.org/wp-content/uploads/ltbluehorizontal-200x155.png
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46a29b205164f04c29d536567c7fee7d6669c6a211ab3da724bdc64a87fe4f5d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
cf-cache-status: MISS
last-modified: Thu, 15 Aug 2019 16:45:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5d558c38-31d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z4eYplMc8qwz0irToWlFkT5Iu%2Fbu1UZ2O7EhRDFtmUzykNFfO8MuSiTmX%2FaYVllqVcACNs6Q3t2KOHQkW%2Fv6A2Ht3pp0%2F2JFjjjgwrmgUSUF495Z2pdWwC5pmo9DP2amDS8bOxm4FfXTAFZEPSdDzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 8427f1bd4b37b89d-AMS
alt-svc: h3=":443"; ma=86400
content-length: 12759

GET
H3 200 custom-sep-top.png
www.winonaorc.org/wp-content/uploads/ 17 KB
18 KB 423ms
423ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winonaorc.org/wp-content/uploads/custom-sep-top.png
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1652a9cab00daa02a1d90f51b1585d124131374755974527680fc5dfc29196ee

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
cf-cache-status: MISS
last-modified: Thu, 15 Aug 2019 17:09:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5d5591d5-4588"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jcMypbfl4zioqCsaeYfEYLRmu7kzjstgAtxjnnTmNh5QhTgndPEvbZfDBuZN9YagH17IPcdMXKZyMb7kDJhJy6yPXbK597OCO7xjiZIwdsG0girXPpVNbbL%2FQ8DgcySYucL4n3SdmElKcj%2B1w8fCpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 8427f1bd4b38b89d-AMS
alt-svc: h3=":443"; ma=86400
content-length: 17800

GET
H3 200 Picture12-1.png
www.winonaorc.org/wp-content/uploads/ 119 KB
120 KB 617ms
617ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winonaorc.org/wp-content/uploads/Picture12-1.png
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e97233bb31f796ca019f3dcf244411ca2c3f72aecdd2b56abf6f1a5bf57a403d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
cf-cache-status: MISS
last-modified: Fri, 07 Aug 2020 21:30:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5f2dc7e9-1dcaf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cwhcdd6zRkJcWzzlAosLkUNMl2C8yxCrSLGmplJ41hI90YhR6okDJrYSfQ4rvELq6YJb2FUKHiziplMFoEbhiqw5U92MK7Ne8ELeBbXPSQF1VyEWT%2FczFiiNKFHBaxUcBg3Cv0w5B%2F2m79se17bdLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 8427f1bd4b3ab89d-AMS
alt-svc: h3=":443"; ma=86400
content-length: 122031

GET
H3 200 Picture13.png
www.winonaorc.org/wp-content/uploads/ 45 KB
46 KB 537ms
536ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winonaorc.org/wp-content/uploads/Picture13.png
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6bc4ba9d89bb5c97949f3559aa4f612bb2f7af9fbe4df6e4551d3d0e0f7393d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
cf-cache-status: MISS
last-modified: Fri, 07 Aug 2020 21:29:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5f2dc7c4-b5be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pq90gwouGEq478Tbu59a5eGW%2Fr2UtwkzlH3vCQEvhWaJsPOGet4lTCly4VaIqIKMM%2Bv%2B1ZmMwZGnarUt97yUThQx2CKNXZ7KepvxV5kJAeiIdGNjXLRwaGp0fhjmGoVjP3EidPgu5LiGGKWiYqXMyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 8427f1bd4b3db89d-AMS
alt-svc: h3=":443"; ma=86400
content-length: 46526

GET
H3 200 Picture8-1.png
www.winonaorc.org/wp-content/uploads/ 70 KB
70 KB 525ms
525ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winonaorc.org/wp-content/uploads/Picture8-1.png
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 124ebc0687d2155d3aa486470f532b54c50cab12f635be1a5fae55035d3c1087

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
cf-cache-status: MISS
last-modified: Fri, 07 Aug 2020 21:25:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5f2dc6c5-11769"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kmd1tuapCpumTLXvn%2B7xLokE04h2rVypPdUN3HiQK9sxG7EUl3ONtsXmMmKMAEYLPgcZqLm9%2F3K5k3lImX%2BAFmSQXEt2jptIWZbrYRgNxsMWXNJduD4EDCbQetRnl9jzkTHmctHkDRWdXcwnN%2BYqdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 8427f1bd4b3eb89d-AMS
alt-svc: h3=":443"; ma=86400
content-length: 71529

GET
H3 200 Picture5-1.png
www.winonaorc.org/wp-content/uploads/ 56 KB
56 KB 593ms
593ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winonaorc.org/wp-content/uploads/Picture5-1.png
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e729115d654f718132288135bdea639fb78c729d6ad0f9e498a3e6f5e23db1f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
cf-cache-status: MISS
last-modified: Fri, 07 Aug 2020 21:25:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5f2dc6df-df0d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3s%2Bve3pcHzZxoeNNMdq9l7kQyidDGFD5VO6pSC8hKNbr%2BrdGjE6PgsdL9Pf3bTzTUmebBcsLcfCEBlAkVFu9Qt6QzUzSu9VajIyQ3NJVzRAhM7w6qGamdKSxDngRkLA8nw9IX3mrydnHr4vBRDJZ%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 8427f1bd4b40b89d-AMS
alt-svc: h3=":443"; ma=86400
content-length: 57101

GET
H3 200 footer-background.jpg
www.winonaorc.org/wp-content/uploads/ 39 KB
39 KB 524ms
524ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winonaorc.org/wp-content/uploads/footer-background.jpg
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 849757b6550f447823bd32cfb13e056339f321012b0db6b63b2d0f8a98899d6f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
cf-cache-status: MISS
last-modified: Thu, 15 Aug 2019 16:45:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5d558c2f-9b81"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJNGVRHvadW8bi%2BbWB%2FdxdtUTFScn9gvzaxNl7OqrpMLWCYkZAVBQVZraj8Oj8npLhBCWqA%2B30%2FsANNJOxD0YduxhQbGjI6ZIqP5mwmSepUtpZW%2BypJFe%2Blc1As3xQ%2FnK2gS8XhNuQMj%2FZtvLFOmeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8427f1bd5b71b89d-AMS
alt-svc: h3=":443"; ma=86400
content-length: 39809

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 50 KB
50 KB 114ms
69ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: www.winonaorc.org
URL: https://www.winonaorc.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winonaorc.org/
Origin: https://www.winonaorc.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 07:29:10 GMT
x-content-type-options: nosniff
age: 227498
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51404
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Jan 2025 07:29:10 GMT

GET
H3 200 awb-icons.woff
www.winonaorc.org/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/ 20 KB
21 KB 429ms
428ms Font
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winonaorc.org/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/awb-icons.woff
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb47dc68f6a457c14c33d2ed6eb1e8a635d007f8868ed7e90e39a6feae9141a6

Request headers

Referer: https://www.winonaorc.org/
Origin: https://www.winonaorc.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Dec 2023 14:46:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6570892f-5194"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KooeflpzORc0INFdhDmT%2BvcHcRPjIb8sEBo8MzxnhZvgq4tnxtc4whnZUN5jd%2B%2FPE2iRirRnitfayEkWeQSHj1B3zUTw8e9qHcFBz0YlRQdJNYXKCtkSTBoMbpP%2FeXAaWJlVppQ5nhAnKxbnoBK9vg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 8427f1bd5b72b89d-AMS
alt-svc: h3=":443"; ma=86400
content-length: 20884

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 69ms
25ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: www.winonaorc.org
URL: https://www.winonaorc.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winonaorc.org/
Origin: https://www.winonaorc.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 16:39:21 GMT
x-content-type-options: nosniff
age: 280887
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 16:39:21 GMT

GET
H3 200 fa-solid-900.woff2
www.winonaorc.org/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 76 KB
77 KB 532ms
532ms Font
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winonaorc.org/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef2369c82b6ec19bcf4fe76799d94edc43604e164c0f73978059536159845441

Request headers

Referer: https://www.winonaorc.org/
Origin: https://www.winonaorc.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Dec 2023 14:46:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6570892f-13184"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SjpA2%2FZSgkcdDj2g3YHg1ka1NbPSZBt6pa%2FvqWhk1snuzk50Lnh4Sk%2FzblK9yc%2FHpbg1zolM4c4AT6sJLrMYP3kHyKrz3tiopdn0XnpMg203GGIr2AhEST5tE7Fw3ZW7ruXebZ1gwXCXLQg0jasYlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 8427f1bd5b73b89d-AMS
alt-svc: h3=":443"; ma=86400
content-length: 78212

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 102ms
58ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.winonaorc.org
URL: https://www.winonaorc.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winonaorc.org/
Origin: https://www.winonaorc.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:38:05 GMT
x-content-type-options: nosniff
age: 18163
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Jan 2025 17:38:05 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 93ms
50ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: www.winonaorc.org
URL: https://www.winonaorc.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winonaorc.org/
Origin: https://www.winonaorc.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 21:48:31 GMT
x-content-type-options: nosniff
age: 348737
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 21:48:31 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 302 KB
87 KB 24ms
23ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=57d76e1d0a2ae5bd4b7077e9bb73b895

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b8f6c03b17cdec0403cdebb72508e91e9e4be0d5f563c8a889a66ea8f80ea288

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.winonaorc.org/
Origin: https://www.winonaorc.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 08 Jan 2024 22:40:48 GMT
content-md5: /7El6coY5FcraJJ1/qL37Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88316
reporting-endpoints
x-fb-debug: DO/kxDePgsrZIgHD84ZIbtE8Cz+979yW/BIsjpBPcerS/LQZBjFENwfOtBrOnZOx0Oz1sT6XfVuXEMIW9bLC+g==
x-fb-content-md5: 28e5a11ac6ba82be47195ca179edbcaa
cross-origin-opener-policy: same-origin-allow-popups
etag: "bb287efd65f38e12ba10772250a16fbd"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Tue, 07 Jan 2025 21:00:40 GMT

GET
H2 200 widget_app_base_1704617626703.js Show response
cdn.userway.org/widgetapp/2024-01-07-08-53-46/ 138 KB
41 KB 77ms
25ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-01-07-08-53-46/widget_app_base_1704617626703.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 843232c6c8d98c7034683609b8aad1a1288b24c796055c3973d37b7be5959f36

Request headers

Referer: https://www.winonaorc.org/
Origin: https://www.winonaorc.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 08 Jan 2024 22:40:48 GMT
via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 135188
x-amz-cf-pop: FRA60-P3
age: 597
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1704618460
x-77-nzt: EgwBw7WvJwH3FBACAAwBJRPCMQH3BgAAAA
x-accel-expires: @1730538454
x-77-age: 135194
x-cache-lb: HIT
last-modified: Sun, 07 Jan 2024 08:56:14 GMT
server: CDN77-Turbo
etag: W/"4a802e64d1198d71244a265cb01a44a2"
x-77-nzt-ray: 25b02131a86e7579f0799c65e7dd1f14
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: nIapegBPiZo4gZYHAd5bMcBRWhmwCZS6BEq2ST2ABMz8K2iEoOIXrw==

GET
H2 200 www-player.css
www.youtube.com/s/player/4fd50162/ Frame FE11 358 KB
47 KB 24ms
23ms Stylesheet
text/css 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TNPEkIYFY_U?wmode=transparent&autoplay=0&rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

297e0f30f226251ffb228a10a6b60b773fae836463e2d686b1df6b20f602b0cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/TNPEkIYFY_U?wmode=transparent&autoplay=0&rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:10:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1825
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47439
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Jan 2025 22:10:23 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FE11 15 KB
15 KB 24ms
23ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TNPEkIYFY_U?wmode=transparent&autoplay=0&rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 342832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FE11 15 KB
15 KB 26ms
25ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TNPEkIYFY_U?wmode=transparent&autoplay=0&rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 20:17:31 GMT
x-content-type-options: nosniff
age: 8597
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Jan 2025 20:17:31 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/nl_NL/ Frame FE11 52 KB
16 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/nl_NL/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TNPEkIYFY_U?wmode=transparent&autoplay=0&rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04aed0bda69e679679fa41a389a7d8246a11dadb49575e2bad4dab16a5e7d913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/TNPEkIYFY_U?wmode=transparent&autoplay=0&rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 18:03:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16660
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16374
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Jan 2025 18:03:08 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/4fd50162/www-embed-player.vflset/ Frame FE11 322 KB
96 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TNPEkIYFY_U?wmode=transparent&autoplay=0&rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1691b9fe6668e680bc136a8a6bdaf2cceb06382166d6be799c295cf621ba365e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/TNPEkIYFY_U?wmode=transparent&autoplay=0&rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 21:50:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3023
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98534
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Jan 2025 21:50:25 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/nl_NL/ Frame FE11 2 MB
770 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/nl_NL/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TNPEkIYFY_U?wmode=transparent&autoplay=0&rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e002d44ed1e3a357eec6aca9e09ded15aeceffc4005dd71d62ec96466f266fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/TNPEkIYFY_U?wmode=transparent&autoplay=0&rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 21:48:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3164
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 788260
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Jan 2025 21:48:04 GMT

POST
H2 200 hgtrqEuFaz Show response
api.userway.org/api/tunings/ 1 KB
2 KB 519ms
164ms XHR
application/json 2600:1f14:5db:eb00:2d80:95cc:4e53:ea1d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/hgtrqEuFaz
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-01-07-08-53-46/widget_app_base_1704617626703.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb00:2d80:95cc:4e53:ea1d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e6987cae636460b5400e66e860381672a80ab278729d99e0c81bc7974319a23c

Request headers

Referer: https://www.winonaorc.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
etag: W/"4b7-6vMps0W5k2zmxhYb18zxmUg0xa0"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usrb7a6a9cacd8f41b
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 1207
x-service-version: uw-pr

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 155ms
48ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZ2TQ9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 08 Jan 2024 21:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3151
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 08 Jan 2024 23:48:17 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame FE11
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

58ms
57ms

XHR
application/json

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TNPEkIYFY_U?wmode=transparent&autoplay=0&rel=0

Protocol

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd118e167869240934027c65b1ca31eea78246f3b3d4344d0d600a370d54f720

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 08 Jan 2024 22:40:48 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame FE11 29 B
495 B 161ms
51ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:36:11 GMT
x-content-type-options: nosniff
age: 277
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 08 Jan 2024 22:51:11 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 173ms
59ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 08 Jan 2024 22:40:48 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame FE11 86 KB
40 KB 69ms
68ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/nl_NL/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bc811e6947b672103bc30b36ae670bbd34aa4a11831ba807ab1e7e1146d16d29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40778
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/nl_NL/ Frame FE11 116 KB
33 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/nl_NL/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee91fe3dc50971943ac1fe1ea33ee2add91999d00ff0e4dd7349a36a726f254e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/TNPEkIYFY_U?wmode=transparent&autoplay=0&rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 05:31:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61766
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33617
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Jan 2025 05:31:22 GMT

GET
H2 200 1xEiQfu-UCiwbMaFnr-G2Uzcd5udG06umsh6raawdbQ.js Show response
www.google.com/js/th/ Frame FE11 50 KB
20 KB 80ms
24ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/1xEiQfu-UCiwbMaFnr-G2Uzcd5udG06umsh6raawdbQ.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/nl_NL/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7112241fbbe5028b06cc6859ebf86d94cdc779b9d1b4eae9ac87aada6b075b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 17:53:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103621
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19870
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Jan 2025 17:53:47 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/TNPEkIYFY_U/ Frame FE11 129 KB
130 KB 141ms
87ms Image
image/webp 2a00:1450:4001:812::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/TNPEkIYFY_U/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TNPEkIYFY_U?wmode=transparent&autoplay=0&rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93633652b87f170184c0d4ae8e25db225eae325ced21858503c2cfa0f042dcd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
x-content-type-options: nosniff
server: sffe
etag: "1503424836"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132464
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 Jan 2024 00:40:48 GMT

GET
DATA 200
OK truncated
/ Frame FE11 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AIf8zZQ-QTSu-bQbpTELgjG8oym87OyMr2APw1HEDe6V=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame FE11 5 KB
5 KB 461ms
348ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AIf8zZQ-QTSu-bQbpTELgjG8oym87OyMr2APw1HEDe6V=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TNPEkIYFY_U?wmode=transparent&autoplay=0&rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cdda6aacdbbe69a1749c86a3c394e14bbce445b3b32c93a1ea651350d119a75a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
x-content-type-options: nosniff
server: fife
etag: "v479"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4725
x-xss-protection: 0
expires: Tue, 09 Jan 2024 22:40:48 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame FE11 4 KB
2 KB 112ms
57ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/nl_NL/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 08 Jan 2024 22:40:48 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
223 B 30ms
30ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=706203049&t=pageview&_s=1&dl=https%3A%2F%2Fwww.winonaorc.org%2F&ul=en-us&de=UTF-8&dt=Winona%20ORC%20-%20Disability%20Employment%20Services&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAABAAAAAC~&jid=1768069538&gjid=178289666&cid=468616293.1704753649&tid=UA-6538757-1&_gid=1698329435.1704753649&_slc=1&gtm=45He4130n71TZ2TQ9&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1263665011

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e24267edfe7c57bf466f6dc325151b4e7d0cab24fdbdd30f5d2f88e72c4a6306

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winonaorc.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:40:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.winonaorc.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
348 B 73ms
25ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-6538757-1&cid=468616293.1704753649&jid=1768069538&gjid=178289666&_gid=1698329435.1704753649&_u=YGBAgAABAAAAAG~&z=467908848

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winonaorc.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 08 Jan 2024 22:40:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.winonaorc.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 251 KB
85 KB 69ms
69ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GHM9TXB8BR&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

001724ba25d778533967f2623bb1dc23fc63f0c0b9641a3cad5e5e171cd087ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86911
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 Jan 2024 22:40:48 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame FE11 0
10 B 23ms
22ms Image
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?bXoNIw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/TNPEkIYFY_U?wmode=transparent&autoplay=0&rel=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/TNPEkIYFY_U?wmode=transparent&autoplay=0&rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame FE11 50 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:09:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27096
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 09 Jan 2024 15:09:12 GMT

GET
H2 200 Bloomerang-v2.js Show response
crm.bloomerang.co/Content/Scripts/Api/ 108 KB
18 KB 689ms
326ms Script
application/javascript 54.187.207.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://crm.bloomerang.co/Content/Scripts/Api/Bloomerang-v2.js?nocache=1702307772

Requested by

Host: s3-us-west-2.amazonaws.com
URL: https://s3-us-west-2.amazonaws.com/bloomerang-public-cdn/winonaorc/.widget-js/3640320.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.187.207.172 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-187-207-172.us-west-2.compute.amazonaws.com

Software

Resource Hash

6593f5b4c04bc5cf9f7795f07d64932668e1266a22ff58cef7d33d9275d6407c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 04 Dec 2023 17:58:52 GMT
etag: "016408adb26da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/javascript
accept-ranges: bytes
content-length: 18331

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 57ms
20ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GHM9TXB8BR&gtm=45je4130v9135868585&_p=1704753648178&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=468616293.1704753649&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.winonaorc.org%2F&dt=Winona%20ORC%20-%20Disability%20Employment%20Services&sid=1704753648&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2917
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GHM9TXB8BR&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:40:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.winonaorc.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 60ms
60ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 08 Jan 2024 22:40:48 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame FE11 90 B
134 B 63ms
62ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3fa521a9dac336b8603508affaf90a203e3a0026a9e91ba3b39419447d5ef47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H3

200

main.js Show response
www.winonaorc.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/ Frame 7BA8
Redirect Chain

https://www.winonaorc.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.winonaorc.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

7 KB
4 KB

22ms
22ms

Script
application/javascript

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winonaorc.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

Requested by

Host: www.winonaorc.org
URL: https://www.winonaorc.org/

Protocol

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34de63c4a2a67e8c43716bf0c251f8804eda7a424e3a9d27137ecc7e353452ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KbEh5ZMoMvB%2Fz9f7UauFhbKmhbUPhzFagafbGenzKwTV%2BZHnwL7B%2By236AlIZlxlNKNb0CLfr8qzjl4CX7BcLSwPGMymNkeOlInXXuNQP%2F3IHKYk0A4724jo45oQsRx45MYfp487MEmb4Ls3tQzNkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8427f1c21993b89d-AMS
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 08 Jan 2024 22:40:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gegs88H7uOsZDoThAU155SqAC0eDcsu2TZLzbkqnZwKNpUOS7z0VKW9JA4t2AJS3B76ZACE9o1Ljcwcbo5gwfzU91h%2FU9TWw47jwMokep0gCNAXPCcfirYMLa23CtSUhCkHTQIvbnCHMTSJzcW2qNA%3D%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 8427f1c1b921b89d-AMS
alt-svc: h3=":443"; ma=86400

GET
H2

200

/
www.facebook.com/login/ Frame D37F
Redirect Chain

https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfbfd70bf2474%26doma...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconn...

0
0

99ms
99ms

Document
text/html

2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Dfbfd70bf2474%2526domain%253Dwww.winonaorc.org%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.winonaorc.org%25252Ff131f8a7a676e5c%2526relation%253Dparent.parent%26container_width%3D340%26height%3D330%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FWinonaORC%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dtrue%26tabs%3Dtimeline%26width%3D500

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=57d76e1d0a2ae5bd4b7077e9bb73b895

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.winonaorc.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 08 Jan 2024 22:40:49 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: dDaXFUuPXQwlg0jn6vYI1SwnUZ28hqwK3ppZlW0B0ws8efTA6hxjUU62wqzAkwXFVp1Xe3E8Qq9jj35w4q2mgQ==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 22:40:49 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v12.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Dfbfd70bf2474%2526domain%253Dwww.winonaorc.org%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.winonaorc.org%25252Ff131f8a7a676e5c%2526relation%253Dparent.parent%26container_width%3D340%26height%3D330%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FWinonaORC%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dtrue%26tabs%3Dtimeline%26width%3D500
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), keyboard-map=()
pragma: no-cache
reporting-endpoints
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: IercjL7z6FNmxcyM+6KY+EIlgoiuh4H/H/TOWYlEom5984lv4RQ86qnWwQfuBREuY5BzOxEeICgcCQ83Gqo61w==
x-xss-protection: 0

GET
H3 200 DSC_1252.jpg
www.winonaorc.org/wp-content/uploads/ 252 KB
253 KB 622ms
621ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winonaorc.org/wp-content/uploads/DSC_1252.jpg
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8ee7dbfabdd7037528e5e89c19ce520bf806d0227689942492f5500c429de7b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:49 GMT
cf-cache-status: MISS
last-modified: Mon, 28 Oct 2019 19:13:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5db73de8-3f0a6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4NVJ4vsKz3B7hI8AlZIZnVZI1ijQtsuGGdThZ61Pohc1s5lp1js4tUYvvCJGPTLrKGVkH0KbFvEz03DoO2wLw5M1G8A%2BNc4INfHJr3%2BaMe3Mntc1NXkQi8P439NmMYY1KJkPifJsnNsIXXvB9223g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8427f1c1d93fb89d-AMS
alt-svc: h3=":443"; ma=86400
content-length: 258214

GET
H3 200 Slide-4.jpg
www.winonaorc.org/wp-content/uploads/2019/06/ 104 KB
104 KB 689ms
689ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winonaorc.org/wp-content/uploads/2019/06/Slide-4.jpg
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb7b8945d9647b7a73448d3eccfcbaf47e883249bab11cbaecea9696b0f6c5f3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:49 GMT
cf-cache-status: MISS
last-modified: Thu, 15 Aug 2019 16:40:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5d558aef-19ec2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s6M0ql5UnYs5%2BYmyvX10NTPeoBvyKMlzuW5KGzo2CgF3Tln%2BBOHL83nonCmxUoChgV190W9pQzSzwrx94rPdWI1aySRb6543%2FTTqBjGOXhN9Vb%2BehsHvN49SpQzScIDSEb%2BWViVvU1bQ7J3MXRLbtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8427f1c1d946b89d-AMS
alt-svc: h3=":443"; ma=86400
content-length: 106178

GET
H3 200 DSC00751-2-1-scaled.jpg
www.winonaorc.org/wp-content/uploads/ 216 KB
216 KB 335ms
334ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winonaorc.org/wp-content/uploads/DSC00751-2-1-scaled.jpg
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2f42ae187669aa9dc1631514b92d6233f6dd0c30b52ac5e12147e17f2fb0c3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:49 GMT
cf-cache-status: MISS
last-modified: Fri, 13 Mar 2020 19:25:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5e6bde24-35f23"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jWO%2F4qheka%2Bo2C9w5t9LJPBXjUhb1H7mBz2yXWs9zKd0uPTw%2FrggKWfi9%2BNg6Tm%2FQ7ARhdS0%2B4ZLx3VN3WNAbGtL129pO3Geckav8BLg41lIujyvUkXXUXM0nsOkvXBpl0tvinPsb1rc6f002eWM6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8427f1c1d947b89d-AMS
alt-svc: h3=":443"; ma=86400
content-length: 220963

GET
H3 200 Slide-6.jpg
www.winonaorc.org/wp-content/uploads/2019/06/ 90 KB
91 KB 582ms
582ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winonaorc.org/wp-content/uploads/2019/06/Slide-6.jpg
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca2df4ac5e81c8c5d31fc5631b5b94c689c1ccb2ea3ebb918e557f979e78e8fb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:49 GMT
cf-cache-status: MISS
last-modified: Thu, 15 Aug 2019 16:40:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5d558af0-16913"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WxR8z%2BXSzqNLsqug9eAUhjI60YYbm2dz2gQJ2TtKatSfUY%2FRFka1C2KvSRO0S4Hob3fP8mfI%2BQ4CxcpY%2Bxw5mo29L7cYCXAC0gs8Oq9bx%2Bd3nocBC6o7HjN0SszZeO5F9YvsANcQhoL0Q8%2F8l9tEvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8427f1c1d948b89d-AMS
alt-svc: h3=":443"; ma=86400
content-length: 92435

GET
H3 200 custom-sep-bottom.png
www.winonaorc.org/wp-content/uploads/ 17 KB
18 KB 473ms
473ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winonaorc.org/wp-content/uploads/custom-sep-bottom.png
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52e707d56968e0e1e4d6ec3c803fb7bd55e66a5db344bbaa8648b8570a8db375

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:49 GMT
cf-cache-status: MISS
last-modified: Thu, 15 Aug 2019 17:10:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5d55920e-459d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sO6wzYWzroeqk2bC7dLv39SDBLiJwmU1CKOxDsyoDj0YnLPjmq%2FAbarGKj%2B54xzqo5hZveNwloDOSyTowYKTuMMvne%2FNE7b%2BEYNP%2FfVmxfofe8mmzu6QMTBOVTgm9fMZedRojpJZob%2Bs5978F9waDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 8427f1c1e94eb89d-AMS
alt-svc: h3=":443"; ma=86400
content-length: 17821

GET
H3 200 TNPEkIYFY_U Show response
www.youtube.com/embed/ Frame FE11 92 KB
39 KB 85ms
85ms Document
text/html 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/TNPEkIYFY_U?autoplay=0&rel=0&enablejsapi=1&wmode=opaque

Requested by

Host: www.winonaorc.org
URL: https://www.winonaorc.org/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

50174df8e6ccc1b14a3492a63698056e19c902ee399fb0ef7c9ad5a774a8f7b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winonaorc.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 22:40:49 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame FE11 28 B
54 B 38ms
37ms XHR
application/json 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
X-Goog-Request-Time: 1704753648938
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/TNPEkIYFY_U?wmode=transparent&autoplay=0&rel=0
X-YouTube-Client-Version: 1.20240102.01.00
X-YouTube-Time-Zone: Europe/Amsterdam
X-Goog-Visitor-Id: Cgt1dUtPbXJlZTAtTSjw8_GsBjIKCgJOTBIEEgAgDw%3D%3D
X-YouTube-Ad-Signals: dt=1704753648434&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C576%2C324&vis=1&wgl=true&ca_type=image

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Mon, 08 Jan 2024 22:40:48 GMT

GET
H3 200 iframe_api Show response
www.youtube.com/ 993 B
519 B 53ms
53ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.winonaorc.org
URL: https://www.winonaorc.org/wp-content/uploads/fusion-scripts/c5b80c8e7b9046eab56f65f070acd364.min.js?ver=3.11.3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0271e782d0e49674121fe3f5e703dfbff44ed8de8b8625a006eeb4a9702724d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 08 Jan 2024 22:40:48 GMT

GET
H2 200 en-US.json Show response
cdn.userway.org/widgetapp/2024-01-07-08-53-46/locales/ 501 B
962 B 25ms
25ms XHR
application/json 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-01-07-08-53-46/locales/en-US.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-01-07-08-53-46/widget_app_base_1704617626703.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b87d34c5425a5b6bc0d37a08c2cd36cf21c2dac2645262a375f7460829859138

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 08 Jan 2024 22:40:48 GMT
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 135181
x-amz-cf-pop: FRA60-P3
age: 596
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1704618467
x-77-nzt: EgwBw7WvJwH3DRACAAwB1GY4CQH3CQAAAA
x-accel-expires: @1730538458
x-77-age: 135190
x-cache-lb: HIT
last-modified: Sun, 07 Jan 2024 08:56:14 GMT
server: CDN77-Turbo
etag: W/"27831556b168f3c27f0819652aac1fb5"
x-77-nzt-ray: 25b02131a86e7579f0799c656f8ee639
access-control-max-age: 3000
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/json
x-amz-cf-id: pAJW47tNkAsEx1K9FYQiVPSLfU2NMKadnfgtHVP_Jyb-Ea0q3Z0Vlg==

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/TNPEkIYFY_U/ Frame FE11 55 KB
55 KB 43ms
43ms Image
image/webp 2a00:1450:4001:812::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/TNPEkIYFY_U/sddefault.webp

Requested by

Host: www.winonaorc.org
URL: https://www.winonaorc.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9613bc904da8e9cfd21e2bd24868f20311f66373fdda8cfde1876e07f59b7188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:49 GMT
x-content-type-options: nosniff
server: sffe
etag: "1503424836"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56010
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 Jan 2024 00:40:49 GMT

POST
H3 200 8427f1b5efec6699 Show response
www.winonaorc.org/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 7BA8 0
561 B 36ms
36ms XHR
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winonaorc.org/cdn-cgi/challenge-platform/h/b/jsd/r/8427f1b5efec6699
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 08 Jan 2024 22:40:49 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KnXcZzVqMCc4hRFSxXiJD9tb6UtQPwJjbRL28PgCzSh8Gz%2FRWcg4Xb10qTk9cpMlKzn0xp3GWycdDlqmiDdR6G22jfPROf7QLasK3PQBtXI1LDl1Qb%2FR8DotjMuwoDRIcZeoMjzFdjJ8Phx3%2BC8itA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 8427f1c29a5cb89d-AMS
alt-svc: h3=":443"; ma=86400

OPTIONS log
play.google.com/ Frame 0
0

POST atr
www.youtube.com/api/stats/ Frame FE11 0
0

POST log
play.google.com/ Frame FE11 0
0

POST log_event
www.youtube.com/youtubei/v1/ Frame FE11 0
0

GET
H3 200 www-player.css
www.youtube.com/s/player/4fd50162/ Frame FE11 358 KB
46 KB 24ms
24ms Stylesheet
text/css 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TNPEkIYFY_U?autoplay=0&rel=0&enablejsapi=1&wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

297e0f30f226251ffb228a10a6b60b773fae836463e2d686b1df6b20f602b0cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/TNPEkIYFY_U?autoplay=0&rel=0&enablejsapi=1&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:10:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1826
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47439
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Jan 2025 22:10:23 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/nl_NL/ Frame FE11 52 KB
16 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/nl_NL/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TNPEkIYFY_U?autoplay=0&rel=0&enablejsapi=1&wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04aed0bda69e679679fa41a389a7d8246a11dadb49575e2bad4dab16a5e7d913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/TNPEkIYFY_U?autoplay=0&rel=0&enablejsapi=1&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 18:03:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16661
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16374
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Jan 2025 18:03:08 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/4fd50162/www-embed-player.vflset/ Frame FE11 322 KB
96 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TNPEkIYFY_U?autoplay=0&rel=0&enablejsapi=1&wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1691b9fe6668e680bc136a8a6bdaf2cceb06382166d6be799c295cf621ba365e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/TNPEkIYFY_U?autoplay=0&rel=0&enablejsapi=1&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 21:50:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3024
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98534
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Jan 2025 21:50:25 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/nl_NL/ Frame FE11 2 MB
770 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/nl_NL/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TNPEkIYFY_U?autoplay=0&rel=0&enablejsapi=1&wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e002d44ed1e3a357eec6aca9e09ded15aeceffc4005dd71d62ec96466f266fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/TNPEkIYFY_U?autoplay=0&rel=0&enablejsapi=1&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 21:48:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3165
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 788260
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Jan 2025 21:48:04 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FE11 15 KB
15 KB 53ms
52ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TNPEkIYFY_U?autoplay=0&rel=0&enablejsapi=1&wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 342833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 23:26:56 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FE11 15 KB
15 KB 55ms
54ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TNPEkIYFY_U?autoplay=0&rel=0&enablejsapi=1&wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 20:17:31 GMT
x-content-type-options: nosniff
age: 8598
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Jan 2025 20:17:31 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/4fd50162/www-widgetapi.vflset/ 216 KB
67 KB 107ms
106ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d772756f7f30b155def5b4c539d7883b69134c27e64be72d6e2fd98b37718843

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 21:50:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3024
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68492
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Jan 2025 21:50:25 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame FE11
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

57ms
57ms

XHR
application/json

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TNPEkIYFY_U?autoplay=0&rel=0&enablejsapi=1&wmode=opaque

Protocol

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

872d4cd9dd7d0e33b2d9ab96d87c8c57bd4a65daa776a0ed893dc9ce4bff9e21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 08 Jan 2024 22:40:49 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame FE11 29 B
93 B 51ms
51ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:36:11 GMT
x-content-type-options: nosniff
age: 278
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 08 Jan 2024 22:51:11 GMT

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 59ms
59ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 08 Jan 2024 22:40:49 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame FE11 87 KB
40 KB 69ms
69ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1f733fc357b099eb753e8671fad63950edf1f488adc0372ef63d66c47a188d39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 08 Jan 2024 22:40:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41024
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/nl_NL/ Frame FE11 116 KB
33 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/nl_NL/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee91fe3dc50971943ac1fe1ea33ee2add91999d00ff0e4dd7349a36a726f254e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/TNPEkIYFY_U?autoplay=0&rel=0&enablejsapi=1&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 05:31:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61767
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33617
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Jan 2025 05:31:22 GMT

GET
H2 200 1xEiQfu-UCiwbMaFnr-G2Uzcd5udG06umsh6raawdbQ.js Show response
www.google.com/js/th/ Frame FE11 50 KB
19 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/1xEiQfu-UCiwbMaFnr-G2Uzcd5udG06umsh6raawdbQ.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/nl_NL/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7112241fbbe5028b06cc6859ebf86d94cdc779b9d1b4eae9ac87aada6b075b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 17:53:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19870
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Jan 2025 17:53:47 GMT

GET
H3 200 sddefault.webp
i.ytimg.com/vi_webp/TNPEkIYFY_U/ Frame FE11 55 KB
55 KB 50ms
50ms Image
image/webp 2a00:1450:4001:812::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/TNPEkIYFY_U/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9613bc904da8e9cfd21e2bd24868f20311f66373fdda8cfde1876e07f59b7188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:49 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56010
x-xss-protection: 0
server: sffe
etag: "1503424836"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 Jan 2024 00:40:49 GMT

GET
DATA 200
OK truncated
/ Frame FE11 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AIf8zZQ-QTSu-bQbpTELgjG8oym87OyMr2APw1HEDe6V=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame FE11 5 KB
5 KB 52ms
52ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AIf8zZQ-QTSu-bQbpTELgjG8oym87OyMr2APw1HEDe6V=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TNPEkIYFY_U?autoplay=0&rel=0&enablejsapi=1&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cdda6aacdbbe69a1749c86a3c394e14bbce445b3b32c93a1ea651350d119a75a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:48 GMT
x-content-type-options: nosniff
age: 1
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4725
x-xss-protection: 0
server: fife
etag: "v479"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 09 Jan 2024 22:40:48 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame FE11 4 KB
2 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 08 Jan 2024 22:40:49 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame FE11 0
10 B 22ms
22ms Image
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?x5NoDQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/TNPEkIYFY_U?autoplay=0&rel=0&enablejsapi=1&wmode=opaque
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/TNPEkIYFY_U?autoplay=0&rel=0&enablejsapi=1&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame FE11 50 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:09:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27097
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 09 Jan 2024 15:09:12 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 60ms
59ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 08 Jan 2024 22:40:49 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame FE11 90 B
134 B 63ms
63ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d2672c67b65dc6a09d1678b24b1c6049369045e60054a9eb3fa8555f46acc8e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 08 Jan 2024 22:40:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 remediation-tool-free.js Show response
cdn.userway.org/remediation/free/ 27 KB
11 KB 32ms
32ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediation/free/remediation-tool-free.js?ts=1704617626703
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-01-07-08-53-46/widget_app_base_1704617626703.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 183cc45dba738c437188902f73b52d1da7f33ebeef5d96d786c601901d6d7d9e

Request headers

Referer: https://www.winonaorc.org/
Origin: https://www.winonaorc.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 08 Jan 2024 22:40:49 GMT
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 135187
x-amz-cf-pop: FRA60-P3
age: 592
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1704618462
x-77-nzt: EgwBw7WvJwH3ExACAAwBJRPCNAH3CgAAAA
x-accel-expires: @1730538452
x-77-age: 135197
x-cache-lb: HIT
last-modified: Sun, 07 Jan 2024 08:56:19 GMT
server: CDN77-Turbo
etag: W/"35bb37fed26c368b55578369432199af"
x-77-nzt-ray: 25b02131a86e7579f1799c65dcb99c1d
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: 6wOPAkevvWHJy-CeLOKD_o9qcYVPO3h-i2pRVJ56pgYkC0hN8gwlvg==

GET
H2 200 body_wh.svg
cdn.userway.org/widgetapp/images/ 4 KB
3 KB 26ms
26ms Image
image/svg+xml 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_wh.svg
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 08 Jan 2024 22:40:49 GMT
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 135187
x-amz-cf-pop: FRA60-P3
age: 5
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1704618462
x-77-nzt: EgwBw7WvJwH3ExACAAwB1GY4EQH3CAAAAA
x-accel-expires: @1730538454
x-77-age: 135195
x-cache-lb: HIT
last-modified: Wed, 27 Dec 2023 13:17:34 GMT
server: CDN77-Turbo
etag: W/"1d8b1582fe82bd329041cc1982ad42e4"
x-77-nzt-ray: 25b02131e0733b78f1799c65fa57371e
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: eDJgr1OhcpKM90aHcgg29tLh5HPYkEDvCy-VuxzdXBZLcK-kvRbSFA==

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 27ms
27ms Image
image/svg+xml 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Requested by: Host: www.winonaorc.org
URL: https://www.winonaorc.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 08 Jan 2024 22:40:49 GMT
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 135188
x-amz-cf-pop: FRA60-P3
age: 1
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1704618461
x-77-nzt: EgwBw7WvJwH3FBACAAwBJRPCNAH3CwAAAA
x-accel-expires: @1730538450
x-77-age: 135199
x-cache-lb: HIT
last-modified: Fri, 13 Jan 2023 11:00:14 GMT
server: CDN77-Turbo
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray: 25b02131e0733b78f1799c65b63d3d1e
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: p_WM6HLo4Ha4YbaDnzDvlFi_cbfsOVbQYI_nWm-jaFm6CSDPO4bjAg==

GET
H2 200 accounting.min.js Show response
crm.bloomerang.co/Content/Scripts/Lib/ 4 KB
2 KB 166ms
166ms Script
application/javascript 54.187.207.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://crm.bloomerang.co/Content/Scripts/Lib/accounting.min.js

Requested by

Host: crm.bloomerang.co
URL: https://crm.bloomerang.co/Content/Scripts/Api/Bloomerang-v2.js?nocache=1702307772

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.187.207.172 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-187-207-172.us-west-2.compute.amazonaws.com

Software

Resource Hash

ec8e2929277658d918b53d1d03853d33efa78dbd89f3e4f2e08d7dfe0d330555

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 27 Apr 2023 18:09:24 GMT
etag: "0e2a8653379d91:0"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/javascript
accept-ranges: bytes
content-length: 1625

GET
H3 200 carf-logo.png
www.winonaorc.org/wp-content/uploads/2019/06/ 107 KB
107 KB 28ms
28ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winonaorc.org/wp-content/uploads/2019/06/carf-logo.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 580faa05f77e8a818dc7da9fb684419cff023e0090a7d101d0b8da108b239257

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:49 GMT
cf-cache-status: HIT
last-modified: Thu, 15 Aug 2019 16:40:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1
etag: "5d558af0-1aaec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UYTjvIazYyiuO7aUUjyKXCgTuLMB%2BvvzC41LVrduCLMqar4p0U9j8gNAJmZS1EZplGkbFLDgz8BpX%2FARjP7rQysZbYfA1OxFG9ZBft2CgFhXi7DR0OpVeXG74hjyjjmVAjgXN%2Fi9%2F0h3nFnZCRKeWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 8427f1c6af72b89d-AMS
alt-svc: h3=":443"; ma=86400
content-length: 109292

GET
H2 200 jquery.validate.min.js Show response
ajax.aspnetcdn.com/ajax/jquery.validate/1.9/ 21 KB
8 KB 77ms
17ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jquery.validate/1.9/jquery.validate.min.js

Requested by

Host: crm.bloomerang.co
URL: https://crm.bloomerang.co/Content/Scripts/Api/Bloomerang-v2.js?nocache=1702307772

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/4883) /

Resource Hash

a931d758e10b5f646f42e4b1100ee31b7ce4cdf5a86d59133424b65c8802788b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2668759
x-cache: HIT
content-length: 8117
x-xss-protection: 1; mode=block
last-modified: Mon, 31 Oct 2016 23:42:34 GMT
server: ECAcc (ama/4883)
etag: "e2805e74d033d21:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 additional-methods.min.js Show response
ajax.aspnetcdn.com/ajax/jquery.validate/1.9/ 8 KB
3 KB 18ms
17ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jquery.validate/1.9/additional-methods.min.js

Requested by

Host: crm.bloomerang.co
URL: https://crm.bloomerang.co/Content/Scripts/Api/Bloomerang-v2.js?nocache=1702307772

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48C9) /

Resource Hash

5dc21db9060b38405f2f273d05a0c2041b1ac23e7abcf171a36e0038f49f2f5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.winonaorc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:40:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2668366
x-cache: HIT
content-length: 2982
x-xss-protection: 1; mode=block
last-modified: Mon, 31 Oct 2016 23:42:34 GMT
server: ECAcc (ama/48C9)
etag: "9ae64874d033d21:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 3640320 Show response
api.bloomerang.co/v1/Widget/ 465 B
737 B 766ms
765ms XHR
application/json 35.167.14.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bloomerang.co/v1/Widget/3640320?ApiKey=pub_dd97b512-0459-11e9-9f3d-0aa640fb8062

Requested by

Host: www.winonaorc.org
URL: https://www.winonaorc.org/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.167.14.230 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-167-14-230.us-west-2.compute.amazonaws.com

Software

Resource Hash

93edc4a91de6d71b407bc7e2265adc34fa780f2e3f27f3e9f4b0c1a52d64886e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Referer: https://www.winonaorc.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 22:40:51 GMT
strict-transport-security: max-age=31536000
access-control-allow-methods: POST,GET,PUT,DELETE,HEAD,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: Content-Type,Authorization
content-length: 465
expires: -1

OPTIONS
H2 200 3640320
api.bloomerang.co/v1/Widget/ Frame 0
0 537ms
167ms Preflight 35.167.14.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bloomerang.co/v1/Widget/3640320?ApiKey=pub_dd97b512-0459-11e9-9f3d-0aa640fb8062

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.167.14.230 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-167-14-230.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.winonaorc.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization
access-control-allow-methods: POST,GET,PUT,DELETE,HEAD,OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Mon, 08 Jan 2024 22:40:50 GMT
expires: -1
pragma: no-cache
strict-transport-security: max-age=31536000

GET
H2 200 alts.json Show response
cdn77.api.userway.org/api/img-dscr/v2/hgtrqEuFaz/167814/mdYfsJk4z6LInTvz/ 3 KB
1 KB 223ms
223ms Fetch
application/json 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/hgtrqEuFaz/167814/mdYfsJk4z6LInTvz/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fwww.winonaorc.org%2Fwp-content%2Fuploads%2F2019%2F04%2Ficon-communty-services.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.winonaorc.org%2Fwp-content%2Fuploads%2F2019%2F04%2Ficon-laundry.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.winonaorc.org%2Fwp-content%2Fuploads%2F2019%2F04%2Ficon-shredding.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.winonaorc.org%2Fwp-content%2Fuploads%2F2019%2F04%2Fpartner-carf-international.jpg%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.winonaorc.org%2Fwp-content%2Fuploads%2F2019%2F04%2Fpartner-good-search.jpg%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.winonaorc.org%2Fwp-content%2Fuploads%2F2019%2F04%2Fpartner-home-and-community-options.jpg%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.winonaorc.org%2Fwp-content%2Fuploads%2F2019%2F04%2Fpartner-leave-a-legacy.jpg%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.winonaorc.org%2Fwp-content%2Fuploads%2F2019%2F04%2Fpartner-winona-community-foundation.jpg%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.winonaorc.org%2Fwp-content%2Fuploads%2F2019%2F06%2Fcarf-logo.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.winonaorc.org%2Fwp-content%2Fuploads%2F2020_45Year_MiltonT-1-200x200.jpg%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.winonaorc.org%2Fwp-content%2Fuploads%2FCD0C7582-B4F9-4878-91A9-27B096A44BF8.png%22%2C%22alt%22%3A%22Winona%20ORC%20Industries%20INC%20Logo%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.winonaorc.org%2Fwp-content%2Fuploads%2Fcropped-CD0C7582-B4F9-4878-91A9-27B096A44BF8-1-400x264.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.winonaorc.org%2Fwp-content%2Fuploads%2FDSC_0260-400x265.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.winonaorc.org%2Fwp-content%2Fuploads%2FDSC00945-400x300.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.winonaorc.org%2Fwp-content%2Fuploads%2FPicture3-1-200x198.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.winonaorc.org%2Fwp-content%2Fuploads%2FPicture4-1-200x202.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.winonaorc.org%2Fwp-content%2Fuploads%2FSupport-us-1-200x87.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22FREE_QUOTA_TIER%22%7D
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/free/remediation-tool-free.js?ts=1704617626703
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9bc8cb18168765b79dd7f43545613e2b2f36d7ac2d86c9b8fb6c17c59b1b02c0

Request headers

Referer: https://www.winonaorc.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

x-77-pop: frankfurtDE
date: Mon, 08 Jan 2024 22:40:50 GMT
content-encoding: gzip
x-77-cache: MISS
x-service-version: img-dscr-srv-bad7d880
x-77-nzt: EggBw7WvDgFBCAHUZjgJAUE
x-cache-lb: MISS
server: CDN77-Turbo
etag: W/"d85-dQhrFB5AOaMYvIVDHCMPryT6/Sk"
x-77-nzt-ray: 9083393048b6f5a2f2799c657fc01f27
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
cache-control: max-age=604800
access-control-allow-headers: *

OPTIONS
H2 200 alts.json
cdn77.api.userway.org/api/img-dscr/v2/hgtrqEuFaz/167814/mdYfsJk4z6LInTvz/ Frame 0
0 616ms
534ms Preflight 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/hgtrqEuFaz/167814/mdYfsJk4z6LInTvz/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fwww.winonaorc.org%2Fwp-content%2Fuploads%2F2019%2F04%2Ficon-communty-services.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.winonaorc.org%2Fwp-content%2Fuploads%2F2019%2F04%2Ficon-laundry.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.winonaorc.org%2Fwp-content%2Fuploads%2F2019%2F04%2Ficon-shredding.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.winonaorc.org%2Fwp-content%2Fuploads%2F2019%2F04%2Fpartner-carf-international.jpg%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.winonaorc.org%2Fwp-content%2Fuploads%2F2019%2F04%2Fpartner-good-search.jpg%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.winonaorc.org%2Fwp-content%2Fuploads%2F2019%2F04%2Fpartner-home-and-community-options.jpg%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.winonaorc.org%2Fwp-content%2Fuploads%2F2019%2F04%2Fpartner-leave-a-legacy.jpg%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.winonaorc.org%2Fwp-content%2Fuploads%2F2019%2F04%2Fpartner-winona-community-foundation.jpg%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.winonaorc.org%2Fwp-content%2Fuploads%2F2019%2F06%2Fcarf-logo.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.winonaorc.org%2Fwp-content%2Fuploads%2F2020_45Year_MiltonT-1-200x200.jpg%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.winonaorc.org%2Fwp-content%2Fuploads%2FCD0C7582-B4F9-4878-91A9-27B096A44BF8.png%22%2C%22alt%22%3A%22Winona%20ORC%20Industries%20INC%20Logo%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.winonaorc.org%2Fwp-content%2Fuploads%2Fcropped-CD0C7582-B4F9-4878-91A9-27B096A44BF8-1-400x264.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.winonaorc.org%2Fwp-content%2Fuploads%2FDSC_0260-400x265.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.winonaorc.org%2Fwp-content%2Fuploads%2FDSC00945-400x300.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.winonaorc.org%2Fwp-content%2Fuploads%2FPicture3-1-200x198.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.winonaorc.org%2Fwp-content%2Fuploads%2FPicture4-1-200x202.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.winonaorc.org%2Fwp-content%2Fuploads%2FSupport-us-1-200x87.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22FREE_QUOTA_TIER%22%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.winonaorc.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
cache-control: max-age=604800
date: Mon, 08 Jan 2024 22:40:50 GMT
server: CDN77-Turbo
x-77-cache: MISS
x-77-nzt: EggBw7WvDgAACAHUZjgJAAA
x-77-nzt-ray: 9083393048b6f5a2f2799c65e9e32a07
x-77-pop: frankfurtDE
x-service-version: img-dscr-srv-bad7d880

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame FE11 28 B
54 B 37ms
37ms XHR
application/json 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
X-Goog-Request-Time: 1704753651318
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/TNPEkIYFY_U?autoplay=0&rel=0&enablejsapi=1&wmode=opaque
X-YouTube-Client-Version: 1.20240102.01.00
X-YouTube-Time-Zone: Europe/Amsterdam
X-Goog-Visitor-Id: Cgt1dUtPbXJlZTAtTSjw8_GsBjIKCgJOTBIEEgAgDw%3D%3D
X-YouTube-Ad-Signals: dt=1704753649175&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C576%2C324&vis=1&wgl=true&ca_type=image

Response headers

date: Mon, 08 Jan 2024 22:40:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Mon, 08 Jan 2024 22:40:51 GMT

GET status
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.winonaorc.org%2F/DESKTOP/WIDGET_OFF/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=aNpFnaeYgvkYPYsl&ver=2&cmt=0&fs=0&rt=0&euri=https%3A%2F%2Fwww.winonaorc.org%2F&lact=531&cl=595207588&mos=0&volume=100&cbr=Chrome&cbrver=120.0.6099.129&c=WEB_EMBEDDED_PLAYER&cver=1.20240102.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&hl=nl_NL&cr=NL&len=522&fexp=v1%2C23983296%2C21348%2C2602%2C73492%2C54572%2C73455%2C176963%2C53633%2C84737%2C25688%2C9541%2C1089%2C6271%2C26439494%2C4054%2C1930%2C5181%2C9369%2C1556%2C1141%2C5877%2C2251%2C859%2C1094%2C9513%2C125%2C4558%2C1360%2C8594%2C2008%2C4552%2C2885%2C974%2C3088%2C2800%2C232%2C5801%2C874%2C4473&muted=0&docid=TNPEkIYFY_U

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Domain: www.youtube.com
URL: https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Domain: api.userway.org
URL: https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.winonaorc.org%2F/DESKTOP/WIDGET_OFF/status

Verdicts & Comments Add Verdict or Comment

347 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
winonaorc.org/	1969-12-31 23:59:59	Name: apbct_timestamp Value: 1704753646
winonaorc.org/	1969-12-31 23:59:59	Name: apbct_site_landing_ts Value: 1704753646
winonaorc.org/	1969-12-31 23:59:59	Name: apbct_page_hits Value: 1
winonaorc.org/	1969-12-31 23:59:59	Name: apbct_cookies_test Value: %257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522adcc125dfa09d9674146ea0cddc7aa59%2522%257D
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: rldAp_9MYsc
.youtube.com/	1970-01-20 21:51:45	Name: VISITOR_INFO1_LIVE Value: uuKOmree0-M
.winonaorc.org/	1970-01-21 03:08:33	Name: _ga Value: GA1.2.468616293.1704753649
.winonaorc.org/	1970-01-20 17:34:00	Name: _gid Value: GA1.2.1698329435.1704753649
.winonaorc.org/	1970-01-20 17:32:33	Name: _dc_gtm_UA-6538757-1 Value: 1
www.winonaorc.org/	1969-12-31 23:59:59	Name: ct_ps_timestamp Value: 1704753648
www.winonaorc.org/	1969-12-31 23:59:59	Name: ct_fkp_timestamp Value: 0
www.winonaorc.org/	1969-12-31 23:59:59	Name: ct_timezone Value: 1
www.winonaorc.org/	1969-12-31 23:59:59	Name: ct_screen_info Value: %7B%22fullWidth%22%3A1600%2C%22fullHeight%22%3A4767%2C%22visibleWidth%22%3A1600%2C%22visibleHeight%22%3A1200%7D
www.winonaorc.org/	1969-12-31 23:59:59	Name: apbct_headless Value: false
www.winonaorc.org/	1969-12-31 23:59:59	Name: ct_checked_emails Value: 0
www.winonaorc.org/	1969-12-31 23:59:59	Name: ct_checkjs Value: 0
.winonaorc.org/	1970-01-21 03:08:33	Name: _ga_GHM9TXB8BR Value: GS1.2.1704753648.1.0.1704753648.0.0.0
.winonaorc.org/	1970-01-21 02:18:09	Name: cf_clearance Value: fcO3nZpLNlWjfPao.SUnTy_v1lWEfxxArmFa7agfzNM-1704753649-0-2-8da542d6.74331da8.ebe70e91-0.2.1704753649
www.winonaorc.org/	1969-12-31 23:59:59	Name: ct_pointer_data Value: %5B%5D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.winonaorc.org/(Line 1266) Message: Allow attribute will take precedence over 'allowfullscreen'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
api.bloomerang.co
api.userway.org
cdn.userway.org
cdn77.api.userway.org
connect.facebook.net
crm.bloomerang.co
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
play.google.com
region1.google-analytics.com
s3-us-west-2.amazonaws.com
static.doubleclick.net
stats.g.doubleclick.net
winonaorc.org
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.winonaorc.org
www.youtube.com
yt3.ggpht.com
api.userway.org
play.google.com
www.youtube.com
152.199.19.160
2001:4860:4802:34::36
2600:1f14:5db:eb00:2d80:95cc:4e53:ea1d
2a00:1450:4001:801::2002
2a00:1450:4001:803::2006
2a00:1450:4001:806::200e
2a00:1450:4001:80e::2008
2a00:1450:4001:812::2016
2a00:1450:4001:813::2003
2a00:1450:4001:813::200a
2a00:1450:4001:828::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9b
2a02:6ea0:c700::10
2a02:6ea0:c700::11
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a06:98c1:3120::3
2a06:98c1:3121::3
35.167.14.230
52.92.193.128
54.187.207.172
001724ba25d778533967f2623bb1dc23fc63f0c0b9641a3cad5e5e171cd087ca
00650b5549227f117e06861ccb970252994b45ca48b71987b176946b9ce7ebe4
0271e782d0e49674121fe3f5e703dfbff44ed8de8b8625a006eeb4a9702724d7
04aed0bda69e679679fa41a389a7d8246a11dadb49575e2bad4dab16a5e7d913
10c9bdea24629394a62eea7cbb27da2766628a9e4868987a958aa63478eeeab7
124ebc0687d2155d3aa486470f532b54c50cab12f635be1a5fae55035d3c1087
1652a9cab00daa02a1d90f51b1585d124131374755974527680fc5dfc29196ee
1691b9fe6668e680bc136a8a6bdaf2cceb06382166d6be799c295cf621ba365e
183cc45dba738c437188902f73b52d1da7f33ebeef5d96d786c601901d6d7d9e
1baf5184d6ebd0bb5b17f643b689282311a4268956591a2181073de1410e66f1
1f4ad22c0555a3cdace905f9db3c19684531234f535d8c68f47de0559aee8153
1f733fc357b099eb753e8671fad63950edf1f488adc0372ef63d66c47a188d39
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710
245908466e825afeb2ec2c333a4c68d48bf2296bb582baf2bfd199f6fcc645f4
297e0f30f226251ffb228a10a6b60b773fae836463e2d686b1df6b20f602b0cf
2c0dd7282a7fec0217e9fa29ff98f2d94079904572a19083ad27f89ec75f8b91
2d1e8ba43288eb8319b19f3dc2f0b6574c9ca75bd86446ea3e03d33c8e11d97e
2dc50d424a96415697f26f2c39b67c70b10e8a95fd108b4d981aafe222392cf2
2f9893a01b354baf9e0f72815180c6b5cd979567078c4ebe7f4e8720f56c62ad
34de63c4a2a67e8c43716bf0c251f8804eda7a424e3a9d27137ecc7e353452ab
384deb95ef696c4cfe15e0c486ba1f74ff5c78b4f828f19d7c76b7826e6102ec
384fa64d32900e7432daca62423b70db95397356960e534150de25374e792236
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fc83f02f14dc0479b76ed87f194714589b19f0caec1c584e8b62dc2788d162e
43e39ac0d3f2fbc8369750381952b19e7024cdc19b9fd87b3af6383561133949
46a29b205164f04c29d536567c7fee7d6669c6a211ab3da724bdc64a87fe4f5d
4ff84c5fa38aac57cf155116315b572cffaf2fd82ca2cfe5277648de2a808020
50174df8e6ccc1b14a3492a63698056e19c902ee399fb0ef7c9ad5a774a8f7b7
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
52e707d56968e0e1e4d6ec3c803fb7bd55e66a5db344bbaa8648b8570a8db375
580faa05f77e8a818dc7da9fb684419cff023e0090a7d101d0b8da108b239257
5a57817fa0fb9250c04898b68e4fcce6d5040be3742c40280a7ab22df9a8a591
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5dc21db9060b38405f2f273d05a0c2041b1ac23e7abcf171a36e0038f49f2f5a
6422e4e63bb63a863317d5f0149c5d7bcf3f386bb1aa538c67a65add726dddfe
64928c9160e3e4303fd9f1181ebead34b9070e21c7370d4704a15758b837bccb
6593f5b4c04bc5cf9f7795f07d64932668e1266a22ff58cef7d33d9275d6407c
65ac8a94ea1135a6a727126ac61d558c2288acbcc4b30b5a3043c2a3967e9507
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6b3c0f90bbc7aa144d83e4ed8025f79044dd57adf9a0bbc071bc6f2be5a03a02
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
76a398d5161af915d8d99b6f283d02ce65819e9b46faf78262ceb70d8df444f1
76dc7837c8ab5206c96741447dd101a493c0a019f05d9c1f4e3b4e6c7faf7153
843232c6c8d98c7034683609b8aad1a1288b24c796055c3973d37b7be5959f36
849757b6550f447823bd32cfb13e056339f321012b0db6b63b2d0f8a98899d6f
872d4cd9dd7d0e33b2d9ab96d87c8c57bd4a65daa776a0ed893dc9ce4bff9e21
8b53df7f50858f5ac5978f624e27c136ae0dfdc5ebd9288ad7af7e9d2a2d88d8
8cc250776990501d210a3923741bc1911d46ad20febf501962b8d29fc36363de
8e729115d654f718132288135bdea639fb78c729d6ad0f9e498a3e6f5e23db1f
90c1ed86aab1da578f179753cb573ab4ae70d31208b35d917e232f99493f7e5a
93633652b87f170184c0d4ae8e25db225eae325ced21858503c2cfa0f042dcd3
93edc4a91de6d71b407bc7e2265adc34fa780f2e3f27f3e9f4b0c1a52d64886e
9613bc904da8e9cfd21e2bd24868f20311f66373fdda8cfde1876e07f59b7188
9bc8cb18168765b79dd7f43545613e2b2f36d7ac2d86c9b8fb6c17c59b1b02c0
9e03e07d3a58bf6e815b58ad87cb6c69b9a958e743f55d37d02f900051a24518
a931d758e10b5f646f42e4b1100ee31b7ce4cdf5a86d59133424b65c8802788b
ace4890e3be1dfa552f2137045e75834c335c5111845063eec2e5b45d421a264
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b87d34c5425a5b6bc0d37a08c2cd36cf21c2dac2645262a375f7460829859138
b8f6c03b17cdec0403cdebb72508e91e9e4be0d5f563c8a889a66ea8f80ea288
b99115a5a835174818d047a59f5a3faf7f8288cf7da97ac3f613d1803e648cfb
bc811e6947b672103bc30b36ae670bbd34aa4a11831ba807ab1e7e1146d16d29
c16f1dd35ecb4ed981b2b5b6cd9daf8d43175c971b4896da626dcfdc344fe412
c297350062a04c410eac01ca398277a1d8106bc548d5e164d1b05b2d9028f162
c3fa521a9dac336b8603508affaf90a203e3a0026a9e91ba3b39419447d5ef47
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c59d42902c43d39dacfef123ff907288061d67aae7e4e333f7e01f253bdb8708
c90208987aabd1d4e7f8477834c552b8ffb61f0d00723180b5a15f58582e18c8
ca2df4ac5e81c8c5d31fc5631b5b94c689c1ccb2ea3ebb918e557f979e78e8fb
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cb7b8945d9647b7a73448d3eccfcbaf47e883249bab11cbaecea9696b0f6c5f3
cdda6aacdbbe69a1749c86a3c394e14bbce445b3b32c93a1ea651350d119a75a
d12eefc8413913945259c16d5999947454bbfaa75d63daf202fe74f3edc7caa7
d2672c67b65dc6a09d1678b24b1c6049369045e60054a9eb3fa8555f46acc8e3
d2d01a28284207ea1bc9976244daa182379ac4c1cc50c22e0d3302bbf9b922f8
d6bc4ba9d89bb5c97949f3559aa4f612bb2f7af9fbe4df6e4551d3d0e0f7393d
d7112241fbbe5028b06cc6859ebf86d94cdc779b9d1b4eae9ac87aada6b075b4
d772756f7f30b155def5b4c539d7883b69134c27e64be72d6e2fd98b37718843
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
decddadd9d299db1b6532cc40a6962ab172b7828744e195ff17022ea2dddd014
df1effd60a530a600aa7f9c5929d7ead47d22d8f8f83ef9c862c754a073febd4
e002d44ed1e3a357eec6aca9e09ded15aeceffc4005dd71d62ec96466f266fee
e24267edfe7c57bf466f6dc325151b4e7d0cab24fdbdd30f5d2f88e72c4a6306
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6987cae636460b5400e66e860381672a80ab278729d99e0c81bc7974319a23c
e97233bb31f796ca019f3dcf244411ca2c3f72aecdd2b56abf6f1a5bf57a403d
ea51716bfe8c6b4e39afb3c220d20fae9fef606b567c6db5d4a0261db29e5285
eb2f42ae187669aa9dc1631514b92d6233f6dd0c30b52ac5e12147e17f2fb0c3
ec8e2929277658d918b53d1d03853d33efa78dbd89f3e4f2e08d7dfe0d330555
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee91fe3dc50971943ac1fe1ea33ee2add91999d00ff0e4dd7349a36a726f254e
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef2369c82b6ec19bcf4fe76799d94edc43604e164c0f73978059536159845441
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8ee7dbfabdd7037528e5e89c19ce520bf806d0227689942492f5500c429de7b
fb47dc68f6a457c14c33d2ed6eb1e8a635d007f8868ed7e90e39a6feae9141a6
fbbab26ec105a65a124aac0809b45dc1160233ccb2da08063c03ed24e6401a59
fbfe6a3f843b860791246f5fecc87feeeed4dd67c22e4da268d1f15a19c3f9ae
fd118e167869240934027c65b1ca31eea78246f3b3d4344d0d600a370d54f720

www.winonaorc.org Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

134 Requests

94 %HTTPS

83 %IPv6

16 Domains

25 Subdomains

25 IPs

3 Countries

5659 kBTransfer

13442 kBSize

19 Cookies

9 Outgoing links

Page URL History

Redirected requests

134 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.winonaorc.org Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

134
Requests

94 %
HTTPS

83 %
IPv6

16
Domains

25
Subdomains

25
IPs

3
Countries

5659 kB
Transfer

13442 kB
Size

19
Cookies

134 HTTP transactions
2 data transactions