citizens.fatguymedia.com Open in urlscan Pro
35.231.13.148 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://citizens.fatguymedia.com/
Submission: On May 13 via api (May 13th 2023, 5:32:08 pm UTC) from US — Scanned from DE

Summary HTTP 77 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 14 domains to perform 77 HTTP transactions. The main IP is 35.231.13.148, located in North Charleston, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is citizens.fatguymedia.com.
TLS certificate: Issued by R3 on May 10th 2023. Valid for: 3 months.

This is the only time citizens.fatguymedia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	35.231.13.148 35.231.13.148	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	40.79.69.53 40.79.69.53	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2600:9000:244... 2600:9000:2440:800:3:c04e:c780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1 3	104.211.26.212 104.211.26.212	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
20	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
2	52.28.99.188 52.28.99.188	16509 (AMAZON-02) (AMAZON-02)
77	17

27 35.231.13.148 (North Charleston, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 148.13.231.35.bc.googleusercontent.com

citizens.fatguymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.79.69.53 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.citizens-inc.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2440:800:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)

ws.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.211.26.212 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

api.blackbaud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.99.188 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-99-188.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	fatguymedia.com citizens.fatguymedia.com	268 KB
18	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 744 scontent.xx.fbcdn.net — Cisco Umbrella Rank: 371	264 KB
8	sharethis.com ws.sharethis.com — Cisco Umbrella Rank: 10604 l.sharethis.com — Cisco Umbrella Rank: 4920	113 KB
4	google-analytics.com 1 redirects www.google-analytics.com — Cisco Umbrella Rank: 39 ssl.google-analytics.com — Cisco Umbrella Rank: 439	38 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	17 KB
3	blackbaud.com 1 redirects api.blackbaud.com — Cisco Umbrella Rank: 275777	13 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 379	35 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 91	465 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	89 KB
2	gstatic.com fonts.gstatic.com	78 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 960	62 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 385 fonts.googleapis.com — Cisco Umbrella Rank: 50	35 KB
1	citizens-inc.org www.citizens-inc.org	72 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	46 KB
77	14

	Domain	Requested by
27	citizens.fatguymedia.com	citizens.fatguymedia.com api.blackbaud.com
16	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
6	ws.sharethis.com	citizens.fatguymedia.com ws.sharethis.com
3	www.facebook.com	citizens.fatguymedia.com static.xx.fbcdn.net
3	api.blackbaud.com	1 redirects citizens.fatguymedia.com ajax.googleapis.com
3	cdn.jsdelivr.net	citizens.fatguymedia.com
2	scontent.xx.fbcdn.net	www.facebook.com
2	l.sharethis.com	ws.sharethis.com citizens.fatguymedia.com
2	stats.g.doubleclick.net	citizens.fatguymedia.com www.google-analytics.com
2	connect.facebook.net	citizens.fatguymedia.com connect.facebook.net
2	ssl.google-analytics.com	1 redirects citizens.fatguymedia.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	maxcdn.bootstrapcdn.com	citizens.fatguymedia.com maxcdn.bootstrapcdn.com
1	fonts.googleapis.com	citizens.fatguymedia.com
1	ajax.googleapis.com	citizens.fatguymedia.com
1	www.citizens-inc.org	citizens.fatguymedia.com
1	www.googletagmanager.com	citizens.fatguymedia.com
77	18

This site contains links to these domains. Also see Links.

Domain
www.citizens-inc.org
www.facebook.com
twitter.com
www.youtube.com
www.advantagecaredtc.org
www.ahrc.org
www.ahrcfoundation.org
www.brookvillecenter.org
www.camployaltown.org
www.fayjlindnercenter.org

Subject Issuer	Validity	Valid
citizens.fatguymedia.com R3	`2023-05-10` - `2023-08-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
citizens-inc.org GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
sharethis.com Amazon RSA 2048 M01	`2023-02-28` - `2023-07-18`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-20` - `2023-05-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
api.blackbaud.com Go Daddy Secure Certificate Authority - G2	`2023-03-26` - `2024-04-26`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://citizens.fatguymedia.com/
Frame ID: A40B36091A90CD2AD79C0E7ADD8AF372
Requests: 52 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252Fcitizensoptionsunlimited%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId%3D2425603877698506
Frame ID: 58F64985FC81DDD7879F29F31C7E1384
Requests: 22 HTTP requests in this frame

Frame: https://ws.sharethis.com/secure5x/index.html
Frame ID: 7AF6ED83AD6A5D5872C69725034F60E5
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

A life without limits

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

77
Requests

96 %
HTTPS

75 %
IPv6

14
Domains

18
Subdomains

17
IPs

3
Countries

1130 kB
Transfer

3569 kB
Size

8
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.citizens-inc.org/advocate/
Title: Get Involved

Search URL Search Domain Scan URL

URL: https://www.citizens-inc.org/welcome-to-our-site/latestnews/
Title: Recent News

Search URL Search Domain Scan URL

URL: https://www.citizens-inc.org/volunteer/
Title: Get Involved

Search URL Search Domain Scan URL

URL: https://www.citizens-inc.org/about-us/share-your-story/
Title: Tell Us

Search URL Search Domain Scan URL

URL: https://www.facebook.com/citizensoptionsunlimited/

Search URL Search Domain Scan URL

URL: https://twitter.com/Citizens_Inc

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/AHRCNassau

Search URL Search Domain Scan URL

URL: http://www.advantagecaredtc.org/

Search URL Search Domain Scan URL

URL: http://www.ahrc.org/

Search URL Search Domain Scan URL

URL: http://www.ahrcfoundation.org/

Search URL Search Domain Scan URL

URL: http://www.brookvillecenter.org/

Search URL Search Domain Scan URL

URL: http://www.camployaltown.org/

Search URL Search Domain Scan URL

URL: http://www.citizens-inc.org/

Search URL Search Domain Scan URL

URL: http://www.fayjlindnercenter.org/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://api.blackbaud.com/bbi HTTP 301
https://api.blackbaud.com/bbi/

Request Chain 42

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2021461668&utmhn=citizens.fatguymedia.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=A%20life%20without%20limits&utmhid=474221566&utmr=-&utmp=%2F&utmht=1683999123733&utmac=UA-58303306-1&utmcc=__utma%3D176321079.1214534747.1683999124.1683999124.1683999124.1%3B%2B__utmz%3D176321079.1683999124.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=914898368&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-58303306-1&cid=1214534747.1683999124&jid=914898368&_v=5.7.2&z=2021461668

77 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
citizens.fatguymedia.com/ 58 KB
14 KB 696ms
274ms Document
text/html 35.231.13.148
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citizens.fatguymedia.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.231.13.148 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 148.13.231.35.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: 26712da1f56b8cdd32a5d0c2bd8fd35a71451d41ec3c4984ff157b8f669c8f8e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=600, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 13 May 2023 17:32:01 GMT
link: <https://citizens.fatguymedia.com/wp-json/>; rel="https://api.w.org/" <https://citizens.fatguymedia.com/wp-json/wp/v2/pages/293>; rel="alternate"; type="application/json" <https://citizens.fatguymedia.com/>; rel=shortlink
server: nginx
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 1
x-cache-group: normal
x-cacheable: SHORT
x-pingback: /xmlrpc.php
x-powered-by: WP Engine

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 116 KB
46 KB 411ms
53ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-58303306-1

Requested by

Host: citizens.fatguymedia.com
URL: https://citizens.fatguymedia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

55e4415c728f0d397ff3e35e6e7b7b0521a12efec1c12930d7f74f98f3b143e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46272
x-xss-protection: 0
last-modified: Sat, 13 May 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 May 2023 17:32:02 GMT

GET
H2 200 ai1ec_parsed_css.css
www.citizens-inc.org/wp-content/plugins/all-in-one-event-calendar/public/themes-ai1ec/vortex/css/ 261 KB
72 KB 1149ms
124ms Stylesheet
text/css 40.79.69.53
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.citizens-inc.org/wp-content/plugins/all-in-one-event-calendar/public/themes-ai1ec/vortex/css/ai1ec_parsed_css.css?ver=3.0.0

Requested by

Host: citizens.fatguymedia.com
URL: https://citizens.fatguymedia.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

40.79.69.53 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

1f8e22239135a453a36a74b154a42d357ba2bca8f77c0ae80f94998e6fca800d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: public
date: Sat, 13 May 2023 17:31:41 GMT
strict-transport-security: max-age=31536000;preload
x-content-type-options: nosniff
last-modified: Fri, 09 Jul 2021 13:50:22 GMT
server: nginx
content-encoding: br
etag: W/"60e8541e-413b6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000, public
x-xss-protection: 1; mode=block

GET
H2 200 admin-ajax.php
citizens.fatguymedia.com/wp-admin/ 118 KB
21 KB 1561ms
1558ms Stylesheet
text/css 35.231.13.148
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://citizens.fatguymedia.com/wp-admin/admin-ajax.php?action=frmpro_css&ver=418659

Requested by

Host: citizens.fatguymedia.com
URL: https://citizens.fatguymedia.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.231.13.148 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

148.13.231.35.bc.googleusercontent.com

Software

nginx / WP Engine

Resource Hash

969c2e3a4e66e082a553a9703454c46da2e5c1465710896e70aae9af12882050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

expires: Wed, 11 Jan 1984 05:00:00 GMT
date: Sat, 13 May 2023 17:32:02 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-cacheable: NO:Passed
server: nginx
x-powered-by: WP Engine
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=UTF-8
x-cache: MISS
cache-control: max-age=0, must-revalidate, private
x-robots-tag: noindex
x-pass-why: wp-admin

GET
H2 200 style.min.css
citizens.fatguymedia.com/wp-includes/css/dist/block-library/ 95 KB
13 KB 145ms
142ms Stylesheet
text/css 35.231.13.148
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citizens.fatguymedia.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2
Requested by: Host: citizens.fatguymedia.com
URL: https://citizens.fatguymedia.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.231.13.148 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 148.13.231.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:02 GMT
content-encoding: br
last-modified: Thu, 27 Apr 2023 16:39:41 GMT
server: nginx
etag: W/"644aa54d-17ced"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 classic-themes.min.css
citizens.fatguymedia.com/wp-includes/css/ 291 B
422 B 146ms
144ms Stylesheet
text/css 35.231.13.148
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citizens.fatguymedia.com/wp-includes/css/classic-themes.min.css?ver=6.2
Requested by: Host: citizens.fatguymedia.com
URL: https://citizens.fatguymedia.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.231.13.148 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 148.13.231.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:02 GMT
content-encoding: br
last-modified: Thu, 27 Apr 2023 16:39:41 GMT
server: nginx
etag: W/"644aa54d-123"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 foobox.min.css
citizens.fatguymedia.com/wp-content/plugins/fooboxV2/css/ 113 KB
13 KB 147ms
145ms Stylesheet
text/css 35.231.13.148
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citizens.fatguymedia.com/wp-content/plugins/fooboxV2/css/foobox.min.css?ver=2.4.0.0
Requested by: Host: citizens.fatguymedia.com
URL: https://citizens.fatguymedia.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.231.13.148 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 148.13.231.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2d9dd3f8394f55332bfe92ba7588c11d11cafc633014f6b5f73b6e53909c1e4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:02 GMT
content-encoding: br
last-modified: Thu, 27 Apr 2023 19:00:03 GMT
server: nginx
etag: W/"644ac633-1c2af"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 ytprefs.min.css
citizens.fatguymedia.com/wp-content/plugins/youtube-embed-plus/styles/ 8 KB
2 KB 277ms
275ms Stylesheet
text/css 35.231.13.148
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citizens.fatguymedia.com/wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css?ver=14.1.6.2
Requested by: Host: citizens.fatguymedia.com
URL: https://citizens.fatguymedia.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.231.13.148 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 148.13.231.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6c9e9bd4e992b05389236894daba31e34cc03e95c1dcb18fdb229087df1606c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:02 GMT
content-encoding: br
last-modified: Tue, 09 May 2023 20:10:09 GMT
server: nginx
etag: W/"645aa8a1-2080"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/bootstrap/3.2.0/css/ 107 KB
20 KB 739ms
235ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/bootstrap/3.2.0/css/bootstrap.min.css

Requested by

Host: citizens.fatguymedia.com
URL: https://citizens.fatguymedia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 13 May 2023 17:32:02 GMT
age: 1593296
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 19723
x-served-by: cache-fra-eddf8230090-FRA, cache-gig2250024-GIG
etag: W/"1abce-WKNg1+8k2NBXN9sXEt1cCGWX6GI"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 style.css
citizens.fatguymedia.com/wp-content/themes/citizens-inc-4/ 996 B
700 B 277ms
276ms Stylesheet
text/css 35.231.13.148
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citizens.fatguymedia.com/wp-content/themes/citizens-inc-4/style.css
Requested by: Host: citizens.fatguymedia.com
URL: https://citizens.fatguymedia.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.231.13.148 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 148.13.231.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cc98fc35a417265e63d33c86a0afef462dc49c98f97ca56fc73dcb233b9ea979

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:02 GMT
content-encoding: br
last-modified: Thu, 27 Apr 2023 19:08:14 GMT
server: nginx
etag: W/"644ac81e-3e4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 frontend-gtag.min.js Show response
citizens.fatguymedia.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/ 12 KB
3 KB 278ms
276ms Script
application/javascript 35.231.13.148
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citizens.fatguymedia.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.15.2
Requested by: Host: citizens.fatguymedia.com
URL: https://citizens.fatguymedia.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.231.13.148 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 148.13.231.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 23eb134e746f1e5c265c5d33d045af48c444617adaa281fb993d6070bdc04c9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:02 GMT
content-encoding: br
last-modified: Wed, 03 May 2023 19:33:19 GMT
server: nginx
etag: W/"6452b6ff-2e3b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
33 KB 397ms
41ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: citizens.fatguymedia.com
URL: https://citizens.fatguymedia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 14:40:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33576
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 14:40:50 GMT

GET
H2 200 foobox.min.js Show response
citizens.fatguymedia.com/wp-content/plugins/fooboxV2/js/ 92 KB
23 KB 410ms
408ms Script
application/javascript 35.231.13.148
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citizens.fatguymedia.com/wp-content/plugins/fooboxV2/js/foobox.min.js?ver=2.4.0.0
Requested by: Host: citizens.fatguymedia.com
URL: https://citizens.fatguymedia.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.231.13.148 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 148.13.231.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 350843ff24cda75d24e00f64ac054a4dbbdf38add6951f06d2b69f3d751a1cbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:02 GMT
content-encoding: br
last-modified: Thu, 27 Apr 2023 19:00:06 GMT
server: nginx
etag: W/"644ac636-16fd8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 ytprefs.min.js Show response
citizens.fatguymedia.com/wp-content/plugins/youtube-embed-plus/scripts/ 14 KB
5 KB 410ms
409ms Script
application/javascript 35.231.13.148
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citizens.fatguymedia.com/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=14.1.6.2
Requested by: Host: citizens.fatguymedia.com
URL: https://citizens.fatguymedia.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.231.13.148 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 148.13.231.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1d4276a261d6721772d9470ccaef987f04054a0c9330e4a54d747deaf3b7a6d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:02 GMT
content-encoding: br
last-modified: Tue, 09 May 2023 20:10:09 GMT
server: nginx
etag: W/"645aa8a1-3936"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 modernizr.min.js Show response
cdn.jsdelivr.net/modernizr/2.7.1/ 15 KB
7 KB 793ms
290ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/modernizr/2.7.1/modernizr.min.js

Requested by

Host: citizens.fatguymedia.com
URL: https://citizens.fatguymedia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

76d71e3d521b290dcb2d335f4fddf74b71cfcaab7770b855f5e381e271819958

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 13 May 2023 17:32:02 GMT
age: 5113933
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6633
x-served-by: cache-fra-eddf8230073-FRA, cache-gig2250024-GIG
etag: W/"3cd2-B+ocnKj/7ca3dvjg9VBP9VvNf2Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 23 KB
6 KB 406ms
50ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: citizens.fatguymedia.com
URL: https://citizens.fatguymedia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 617, 617
age: 4365287
cdn-cachedat: 2021-04-13 02:55:53
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: a4c754a17577d74a872d3c9c794d1a4f
timing-allow-origin: *
cdn-requestcountrycode: US
cf-ray: 7c6ca372b9f4918f-FRA
cdn-requestpullsuccess: True

GET
H2 200 logo-.png
citizens.fatguymedia.com/wp-content/themes/citizens-inc-4/assets/images/ 13 KB
14 KB 145ms
141ms Image
image/png 35.231.13.148
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citizens.fatguymedia.com/wp-content/themes/citizens-inc-4/assets/images/logo-.png
Requested by: Host: citizens.fatguymedia.com
URL: https://citizens.fatguymedia.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.231.13.148 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 148.13.231.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: fcf91e02479e4311ff920d2ce83acd948399c1544980a1dca280594332b5d7b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:03 GMT
last-modified: Thu, 27 Apr 2023 19:08:52 GMT
server: nginx
etag: "644ac844-35d9"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 13785

GET
H2 200 fallback-thumb.png
citizens.fatguymedia.com/wp-content/themes/citizens-inc-4/assets/images/ 29 KB
29 KB 275ms
271ms Image
image/png 35.231.13.148
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citizens.fatguymedia.com/wp-content/themes/citizens-inc-4/assets/images/fallback-thumb.png
Requested by: Host: citizens.fatguymedia.com
URL: https://citizens.fatguymedia.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.231.13.148 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 148.13.231.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d955ca519d32f7b037f23905ab270a1560af8be3856e6070b86cfa8c4ec6001b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:03 GMT
last-modified: Thu, 27 Apr 2023 19:08:52 GMT
server: nginx
etag: "644ac844-72da"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 29402

GET
H2 200 logo-partners-advantagecaredtc.png
citizens.fatguymedia.com/wp-content/themes/citizens-inc-4/assets/images/ 4 KB
4 KB 144ms
140ms Image
image/png 35.231.13.148
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citizens.fatguymedia.com/wp-content/themes/citizens-inc-4/assets/images/logo-partners-advantagecaredtc.png
Requested by: Host: citizens.fatguymedia.com
URL: https://citizens.fatguymedia.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.231.13.148 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 148.13.231.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6f2746582450822170abd7a56d3132445f1e68087f64885d6be948e75a6ff99c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:03 GMT
last-modified: Thu, 27 Apr 2023 19:08:52 GMT
server: nginx
etag: "644ac844-f98"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3992

GET
H2 200 logo-partners-ahrc.png
citizens.fatguymedia.com/wp-content/themes/citizens-inc-4/assets/images/ 3 KB
3 KB 278ms
275ms Image
image/png 35.231.13.148
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citizens.fatguymedia.com/wp-content/themes/citizens-inc-4/assets/images/logo-partners-ahrc.png
Requested by: Host: citizens.fatguymedia.com
URL: https://citizens.fatguymedia.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.231.13.148 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 148.13.231.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 429543fbeb10a0c6e807e0f40fda54a038e9e1c9bffad16e360753f87667d380

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:03 GMT
last-modified: Thu, 27 Apr 2023 19:08:52 GMT
server: nginx
etag: "644ac844-a84"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2692

GET
H2 200 logo-partners-ahrcfoundation.png
citizens.fatguymedia.com/wp-content/themes/citizens-inc-4/assets/images/ 4 KB
4 KB 143ms
139ms Image
image/png 35.231.13.148
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citizens.fatguymedia.com/wp-content/themes/citizens-inc-4/assets/images/logo-partners-ahrcfoundation.png
Requested by: Host: citizens.fatguymedia.com
URL: https://citizens.fatguymedia.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.231.13.148 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 148.13.231.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2a144734d359d5924c7557f6c61c4094a88434d09041ec6426b1d32f9348f3e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:03 GMT
last-modified: Thu, 27 Apr 2023 19:08:52 GMT
server: nginx
etag: "644ac844-eee"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3822

GET
H2 200 logo-partners-brookvillecenter.png
citizens.fatguymedia.com/wp-content/themes/citizens-inc-4/assets/images/ 5 KB
5 KB 276ms
273ms Image
image/png 35.231.13.148
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citizens.fatguymedia.com/wp-content/themes/citizens-inc-4/assets/images/logo-partners-brookvillecenter.png
Requested by: Host: citizens.fatguymedia.com
URL: https://citizens.fatguymedia.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.231.13.148 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 148.13.231.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 16062c01c882842415052af180877e76054a9baed06841e3e936ea0c7beef07b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:03 GMT
last-modified: Thu, 27 Apr 2023 19:08:53 GMT
server: nginx
etag: "644ac845-134a"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 4938

GET
H2 200 logo-partners-camployaltown.png
citizens.fatguymedia.com/wp-content/themes/citizens-inc-4/assets/images/ 4 KB
4 KB 143ms
140ms Image
image/png 35.231.13.148
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citizens.fatguymedia.com/wp-content/themes/citizens-inc-4/assets/images/logo-partners-camployaltown.png
Requested by: Host: citizens.fatguymedia.com
URL: https://citizens.fatguymedia.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.231.13.148 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 148.13.231.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b65a699fc7a6acee08176d7b52bb659c0192b0960f4b9d0175a2f2aef7c01c20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:03 GMT
last-modified: Thu, 27 Apr 2023 19:08:53 GMT
server: nginx
etag: "644ac845-f0b"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3851

GET
H2 200 logo-partners-citizens-inc.png
citizens.fatguymedia.com/wp-content/themes/citizens-inc-4/assets/images/ 4 KB
4 KB 144ms
141ms Image
image/png 35.231.13.148
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citizens.fatguymedia.com/wp-content/themes/citizens-inc-4/assets/images/logo-partners-citizens-inc.png
Requested by: Host: citizens.fatguymedia.com
URL: https://citizens.fatguymedia.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.231.13.148 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 148.13.231.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: edc393071c278d3950f6154fb6f022d01a4676d4b5f849ebbf3d88f5d7b6af35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:03 GMT
last-modified: Thu, 27 Apr 2023 19:08:53 GMT
server: nginx
etag: "644ac845-f6c"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3948

GET
H2 200 logo-partners-fayjlindnercenter.png
citizens.fatguymedia.com/wp-content/themes/citizens-inc-4/assets/images/ 5 KB
5 KB 278ms
275ms Image
image/png 35.231.13.148
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citizens.fatguymedia.com/wp-content/themes/citizens-inc-4/assets/images/logo-partners-fayjlindnercenter.png
Requested by: Host: citizens.fatguymedia.com
URL: https://citizens.fatguymedia.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.231.13.148 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 148.13.231.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e5bb363b29bd9b52686241ba7157cfb7389dcf2c10a2e8c33eb901240bc43cdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:03 GMT
last-modified: Thu, 27 Apr 2023 19:08:53 GMT
server: nginx
etag: "644ac845-129f"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 4767

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/bootstrap/3.2.0/js/ 31 KB
9 KB 236ms
235ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/bootstrap/3.2.0/js/bootstrap.min.js

Requested by

Host: citizens.fatguymedia.com
URL: https://citizens.fatguymedia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 13 May 2023 17:32:03 GMT
age: 1004757
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9170
x-served-by: cache-fra-eddf8230032-FRA, cache-gig2250024-GIG
etag: W/"7c4b-JpCDleeppOq2B9gKpQqB1l8wF8s"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 fitvids.min.js Show response
citizens.fatguymedia.com/wp-content/plugins/youtube-embed-plus/scripts/ 3 KB
1 KB 139ms
138ms Script
application/javascript 35.231.13.148
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citizens.fatguymedia.com/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js?ver=14.1.6.2
Requested by: Host: citizens.fatguymedia.com
URL: https://citizens.fatguymedia.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.231.13.148 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 148.13.231.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d8be3a402a3b2ad808402cea111ba3d286239d88e06c8e2969c84f46050dc88a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:03 GMT
content-encoding: br
last-modified: Tue, 09 May 2023 20:10:09 GMT
server: nginx
etag: W/"645aa8a1-c1f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 retina.min.js Show response
citizens.fatguymedia.com/wp-content/themes/citizens-inc-4/assets/js/ 3 KB
1 KB 143ms
139ms Script
application/javascript 35.231.13.148
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citizens.fatguymedia.com/wp-content/themes/citizens-inc-4/assets/js/retina.min.js
Requested by: Host: citizens.fatguymedia.com
URL: https://citizens.fatguymedia.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.231.13.148 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 148.13.231.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 772aed2cf700b617330eaacbdbd55ae8e1ef89a8747d2880f095c65d843ee02e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:03 GMT
content-encoding: br
last-modified: Thu, 27 Apr 2023 19:08:53 GMT
server: nginx
etag: W/"644ac845-a0f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 buttons.js Show response
ws.sharethis.com/button/ 106 KB
27 KB 152ms
49ms Script
application/javascript 2600:9000:2440:800:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/button/buttons.js

Requested by

Host: citizens.fatguymedia.com
URL: https://citizens.fatguymedia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2440:800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

b3ad2deeb0ecfc78350839b666a3ab1a00107ba099f0304de0ba395e4250ec96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 18:13:33 GMT
content-encoding: gzip
via: 1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: DUS51-P3
age: 256710
x-cache: Hit from cloudfront
content-length: 27572
server: nginx/1.20.1
etag: W/"64484e01-1a935"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=259200
x-robots-tag: noindex, nofollow
x-amz-cf-id: 8EZjy4uBrd4Hlw88KYR9NA5WJ1AHc2OQ7EQ_1V_g4fpMp8cHvCsdew==
expires: Sat, 13 May 2023 18:13:33 GMT

GET
H2 200 wp-emoji-release.min.js Show response
citizens.fatguymedia.com/wp-includes/js/ 18 KB
5 KB 407ms
404ms Script
application/javascript 35.231.13.148
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citizens.fatguymedia.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2
Requested by: Host: citizens.fatguymedia.com
URL: https://citizens.fatguymedia.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.231.13.148 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 148.13.231.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:03 GMT
content-encoding: br
last-modified: Thu, 27 Apr 2023 16:39:41 GMT
server: nginx
etag: W/"644aa54d-4904"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 143ms
52ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Bitter:400,700|Open+Sans:400italic,700italic,400,700

Requested by

Host: citizens.fatguymedia.com
URL: https://citizens.fatguymedia.com/wp-content/themes/citizens-inc-4/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

28a0006d2838bc86a36588aaa80c162ba5a119a8b96862f8fab569f7c7d0e62a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 May 2023 17:32:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 May 2023 17:32:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 May 2023 17:32:02 GMT

GET
H2 200 layout.css
citizens.fatguymedia.com/wp-content/themes/citizens-inc-4/assets/css/ 299 KB
36 KB 263ms
263ms Stylesheet
text/css 35.231.13.148
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citizens.fatguymedia.com/wp-content/themes/citizens-inc-4/assets/css/layout.css
Requested by: Host: citizens.fatguymedia.com
URL: https://citizens.fatguymedia.com/wp-content/themes/citizens-inc-4/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.231.13.148 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 148.13.231.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 07d4e6b5e4d275101e80f49c56004b651bb1eae7c4121d55edaf222562c30c56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/wp-content/themes/citizens-inc-4/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:02 GMT
content-encoding: br
last-modified: Thu, 27 Apr 2023 19:08:51 GMT
server: nginx
etag: W/"644ac843-4ad76"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 131ms
39ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-58303306-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 May 2023 16:35:39 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 3384
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Sat, 13 May 2023 18:35:39 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
47 KB 173ms
85ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bitter:400,700|Open+Sans:400italic,700italic,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://citizens.fatguymedia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 05:45:28 GMT
x-content-type-options: nosniff
age: 42395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 05:45:28 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 131ms
40ms Script
text/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: citizens.fatguymedia.com
URL: https://citizens.fatguymedia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 May 2023 16:10:26 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 4897
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Sat, 13 May 2023 18:10:26 GMT

GET
H2

200

/ Show response
api.blackbaud.com/bbi/
Redirect Chain

https://api.blackbaud.com/bbi
https://api.blackbaud.com/bbi/

29 KB
12 KB

129ms
129ms

Script
text/javascript

104.211.26.212
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.blackbaud.com/bbi/
Requested by: Host: citizens.fatguymedia.com
URL: https://citizens.fatguymedia.com/
Protocol: H2
Server: 104.211.26.212 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / PHP/5.6.40, ASP.NET
Resource Hash: a7f08de46e313d4536662b5ca9df9fb5b87c7ebf826cea4dab69a402aea4ea35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:04 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: PHP/5.6.40, ASP.NET
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: x-requested-with
content-length: 11908

Redirect headers

location: https://api.blackbaud.com/bbi/
date: Sat, 13 May 2023 17:32:04 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 153
content-type: text/html; charset=utf-8

GET
H2 200 sdk.js Show response
connect.facebook.net/en_GB/ 3 KB
2 KB 124ms
41ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js

Requested by

Host: citizens.fatguymedia.com
URL: https://citizens.fatguymedia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0f7ec03c2ebef8624cef367f7cef3451b18dd1c4349d0ec37c8239941321daa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 May 2023 17:32:03 GMT
content-md5: x57jDBXIp5gzPZw1yEs5NQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: 0AksWm8DRgEHr96h7GFyPPComjvNfoSTU8F8U9xxzokIhZ7qkbAOV9Zu4sgzBO6quMj/Xf5F6BXiQy7Pu7qBDQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: 76d526901ed060801bdeae97b0f7b899
cross-origin-opener-policy: same-origin-allow-popups
etag: "8e65474440dd5bb5c3df1433031d9a87"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=()
x-frame-options: DENY
timing-allow-origin: *
expires: Sat, 13 May 2023 17:50:40 GMT

GET
H2 200 page.php Show response
www.facebook.com/plugins/ Frame 58F6 45 KB
16 KB 213ms
131ms Document
text/html 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fcitizensoptionsunlimited&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=2425603877698506

Requested by

Host: citizens.fatguymedia.com
URL: https://citizens.fatguymedia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d8bebbe9f66d5a2f425a5bdc0be58b700e9046e28425818b4bcf4b3cc0bbbfcb

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://citizens.fatguymedia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 17:32:03 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), midi=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 15rnJ2AwudyrBPZhWb5+GVu2Tq4zKFIbvTniKEEkR3tkr6+FlZvgIJwg8A7Me4JZdWtxHl22A4XiZK6vNh9Z4A==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 rax8HiqOu8IVPmn7f4xp.woff2
fonts.gstatic.com/s/bitter/v32/ 30 KB
31 KB 97ms
41ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bitter/v32/rax8HiqOu8IVPmn7f4xp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bitter:400,700|Open+Sans:400italic,700italic,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee034a6cfa166960dac8b3faed99d2f0393468053f3e32d1c80c677d549f38a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://citizens.fatguymedia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 08 May 2023 22:18:32 GMT
x-content-type-options: nosniff
age: 414811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30892
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 17:46:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 May 2024 22:18:32 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/ 55 KB
56 KB 98ms
49ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Origin: https://citizens.fatguymedia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 722
cdn-cachedat: 08/18/2022 19:50:49
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56780
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: "97493d3f11c0a3bd5cbd959f5d19b699"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 17d713b0af9c83ae2204d6573faf5403
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7c6ca37ada241e55-FRA
cdn-requestpullsuccess: True

GET
H2 200 bonnie-lerhinan-390x260.jpg
citizens.fatguymedia.com/wp-content/uploads/sites/5/2023/04/ 16 KB
17 KB 369ms
368ms Image
image/jpeg 35.231.13.148
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citizens.fatguymedia.com/wp-content/uploads/sites/5/2023/04/bonnie-lerhinan-390x260.jpg
Requested by: Host: citizens.fatguymedia.com
URL: https://citizens.fatguymedia.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.231.13.148 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 148.13.231.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8d956e0e956aa5ffc054fe4edd1767a862a1653943f59000539f63b792d65d15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:03 GMT
last-modified: Thu, 27 Apr 2023 19:45:16 GMT
server: nginx
etag: "644ad0cc-4138"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 16696

GET
H2 200 matt-hofele-336x260.jpg
citizens.fatguymedia.com/wp-content/uploads/sites/5/2023/04/ 22 KB
23 KB 367ms
367ms Image
image/jpeg 35.231.13.148
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citizens.fatguymedia.com/wp-content/uploads/sites/5/2023/04/matt-hofele-336x260.jpg
Requested by: Host: citizens.fatguymedia.com
URL: https://citizens.fatguymedia.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.231.13.148 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 148.13.231.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1e8b9fdb265782d5a8a6232890366b91d5348a1cff70a5eb8342fcda95de6397

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:03 GMT
last-modified: Thu, 27 Apr 2023 19:45:22 GMT
server: nginx
etag: "644ad0d2-59bc"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 22972

GET
H3 200 sdk.js Show response
connect.facebook.net/en_GB/ 306 KB
87 KB 83ms
41ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js?hash=98b1030f38f725c1473eceff6e67a1f7

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ac61074a9466be1c1b7bd895a7cf52a996905d8898ebdb3b63c225b5d5503fa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://citizens.fatguymedia.com/
Origin: https://citizens.fatguymedia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 May 2023 17:32:03 GMT
content-md5: kR9qstUyWfT6G6UHKuV8ow==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88631
x-fb-rlafr: 0
x-fb-debug: 6MZlH7IFwN51AHntXW177PbywAUsytVsHln37/4dR2s605zpPiTY2cvXXI/sY3Z8vOFwxDmzkQQe4ipDgDPSbA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: a7999120ed34fb970fef3b85186bec0a
cross-origin-opener-policy: same-origin-allow-popups
etag: "79c45764828f2fb949adab6e2d932357"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), serial=()
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sun, 12 May 2024 17:20:57 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2021461668&utmhn=citizens.fatguymedia.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&u...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-58303306-1&cid=1214534747.1683999124&jid=914898368&_v=5.7.2&z=2021461668

35 B
113 B

167ms
63ms

Image
image/gif

2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-58303306-1&cid=1214534747.1683999124&jid=914898368&_v=5.7.2&z=2021461668

Requested by

Host: citizens.fatguymedia.com
URL: https://citizens.fatguymedia.com/

Protocol

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 13 May 2023 17:32:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 May 2023 17:32:03 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-58303306-1&cid=1214534747.1683999124&jid=914898368&_v=5.7.2&z=2021461668
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 370
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
213 B 50ms
49ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=474221566&t=pageview&_s=1&dl=https%3A%2F%2Fcitizens.fatguymedia.com%2F&ul=en-us&de=UTF-8&dt=A%20life%20without%20limits&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=176321079.1214534747.1683999124.1683999124.1683999124.1&_utmz=176321079.1683999124.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1683999123753&_u=YQBCAUABAAAAACAAI~&jid=1815177811&gjid=747003130&cid=1214534747.1683999124&tid=UA-58303306-1&_gid=838820297.1683999124&_r=1&gtm=457e35a0&did=dNDMyYj&gdid=dNDMyYj&jsscut=1&z=1277684110

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://citizens.fatguymedia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 May 2023 17:32:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://citizens.fatguymedia.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 async-buttons.js Show response
ws.sharethis.com/button/ 89 KB
19 KB 55ms
54ms Script
application/javascript 2600:9000:2440:800:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/button/async-buttons.js

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2440:800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

38bdaa6ffa7c071fd9af7eb4fc6e34125cbac8965ad71fb0e93a0d2140dd2842

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:13:23 GMT
content-encoding: gzip
via: 1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: DUS51-P3
age: 76720
x-cache: Hit from cloudfront
content-length: 18813
server: nginx/1.20.1
etag: W/"64484eb7-16245"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=259200
x-robots-tag: noindex, nofollow
x-amz-cf-id: voTToscsOoD6rbWg4TG1Bm4secIbTXud9GpVFz2cZhAmLBKKeoz8DQ==
expires: Mon, 15 May 2023 20:13:23 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
411 B 197ms
43ms XHR
text/plain 52.28.99.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1683999123762.30385&hostname=citizens.fatguymedia.com&location=%2F&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=https%3A%2F%2Fcitizens.fatguymedia.com%2F&title=A%20life%20without%20limits&sop=false&description=Citizens%20Options%20Unlimited%20(Citizens)%20empowers%20people%20with%20I%2FDD%20to%20achieve%20their%20goals%20through%20self-directed%20services.&ua=&ua_mobile=false&ua_full_version_list=

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.99.188 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-99-188.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sat, 13 May 2023 17:32:03 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://citizens.fatguymedia.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 foobox.woff
citizens.fatguymedia.com/wp-content/plugins/fooboxV2/css/font/ 16 KB
16 KB 207ms
207ms Font
font/woff 35.231.13.148
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citizens.fatguymedia.com/wp-content/plugins/fooboxV2/css/font/foobox.woff
Requested by: Host: citizens.fatguymedia.com
URL: https://citizens.fatguymedia.com/wp-content/plugins/fooboxV2/css/foobox.min.css?ver=2.4.0.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.231.13.148 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 148.13.231.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4cebc1c21b653a97591bbd5e9ac931c7e09b532e6482ae9f7460b92e76fc60ae

Request headers

Referer: https://citizens.fatguymedia.com/wp-content/plugins/fooboxV2/css/foobox.min.css?ver=2.4.0.0
Origin: https://citizens.fatguymedia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:03 GMT
last-modified: Thu, 27 Apr 2023 19:01:35 GMT
server: nginx
etag: "644ac68f-40fc"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 16636

GET
H2 200 4TPqOkyrvtD.css
static.xx.fbcdn.net/rsrc.php/v3/y_/l/0,cross/ Frame 58F6 20 KB
6 KB 129ms
43ms Stylesheet
text/css 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y_/l/0,cross/4TPqOkyrvtD.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fcitizensoptionsunlimited&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=2425603877698506

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4ed284b48a93f07dd4867b1cd655ea3ef206702a9b61a73e4752b695e7634f34

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 0gbVMWSAYEWTnl95CgpB5A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5190
x-fb-rlafr: 0
x-fb-debug: cLWUBzffI5tZYfQqESv+n/W28za+ZSgd2Px4j84FebE5YAUknPwIHh07Gkar/4Yk0BdHCqaqXQtHf21vknX6gg==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), hid=()
timing-allow-origin: *
expires: Sat, 11 May 2024 15:14:53 GMT

GET
H2 200 k9frVvgZWTr.css
static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/ Frame 58F6 2 KB
1 KB 134ms
48ms Stylesheet
text/css 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/k9frVvgZWTr.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: q6bCky1+00PrRbx3auADnQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 833
x-fb-rlafr: 0
x-fb-debug: XB37KsUKBjap11Cl2+xcGF+rg7xT7lKZlHBgbMK6OS0lx9WinhQfTv6ExH43wc3OBXWHGWvYZCHvzAZckD7qyQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
expires: Thu, 09 May 2024 23:08:04 GMT

GET
H2 200 sL2I6O8prnM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yN/r/ Frame 58F6 304 KB
80 KB 133ms
48ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/sL2I6O8prnM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4793a27348526aa6ae635c6eaac52c87c51275e4687f45e394ce9266a2bd85d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: PLFxzKNw+vKEoW17VICsjw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 81541
x-fb-rlafr: 0
x-fb-debug: dqpHfPoZNsZA4cB+i6plZeg8mwuiKjuH96VQHXkwq5xgXH+Yaazz6nZsewZ5+xy/Y4/cWp5NAV156obCT1nBTQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), gyroscope=()
timing-allow-origin: *
expires: Fri, 10 May 2024 19:07:20 GMT

GET
H2 200 CaW_8yVdYjn.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame 58F6 6 KB
2 KB 134ms
48ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/CaW_8yVdYjn.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

59d9969357bde7b6296b4b8fee526848c347ad8e0fc5e650046d282d5ef26e70

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Ur194eZ137hJ6THAU795hw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1986
x-fb-rlafr: 0
x-fb-debug: PEqY8aoKPaamgkwd/xWiyCVbEMbMklR4MJgVrUWLyn0+ObAuVIQLPyzGE2hPSTWCl9lr+OJwEs54jjDevzg1mw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
expires: Sat, 11 May 2024 15:14:53 GMT

GET
H2 200 95DyhaE30GQ.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yJ/r/ Frame 58F6 45 KB
14 KB 135ms
49ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yJ/r/95DyhaE30GQ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d0ad39da4b97698ffebd5d583a5f8af1198104fc4570fc254d3f5f1c1355376

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qf1+6j4NqW73bo5gCEb3jg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 14592
x-fb-rlafr: 0
x-fb-debug: fPiHMyZcSTPcJWs6ZS5Y2ZvquyCPRafB2c9A58RKbKQZRUc+j9ow26FLLBaKiIicwhNqWB9Lt1g5eQVYITteuw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
expires: Fri, 10 May 2024 16:11:27 GMT

GET
H2 200 V6tXz1psgtp.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ Frame 58F6 52 KB
16 KB 134ms
49ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/V6tXz1psgtp.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a5dd117eeb441594968e0e44a98ea21e03e9c5778233b43df994909442d18833

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: LgItkwi+WKSrIFIqJkEkmw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16478
x-fb-rlafr: 0
x-fb-debug: PU3XdTAQ/xS0xW6h5PorOpCmlUDW+JI7Gf8/x4dCzoZnQVY8HssQ3GdU8qNNVXR78ibjUf9nGRAMhsBztXI1Ag==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
expires: Fri, 10 May 2024 16:11:27 GMT

GET
H2 200 BIyo8a40O9A.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame 58F6 20 KB
6 KB 134ms
49ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/BIyo8a40O9A.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c776eeb886a53d0037dc5e54f5c25c0a467b8b4a5bfaa8d3493280de33f2494a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: WZAYiPX0JJ5bmclIYaEF+Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6199
x-fb-rlafr: 0
x-fb-debug: TaoxXon4QL1zy0QYVlF7x/bFpuAn/uUOFqMTH+SAN0KRikbCRuTSFpyilRJWw1AQz/PHgQAiYL92xaJ1v6iM5Q==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
expires: Fri, 10 May 2024 16:11:29 GMT

GET
H2 200 h5ltHUltdQA.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yB/r/ Frame 58F6 63 KB
17 KB 134ms
49ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yB/r/h5ltHUltdQA.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3564808aa607797c605a90d541828984eb027b3036956492d96f3c7482e1b413

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: uygwKNWTc6znC1BIV0ajiQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 17387
x-fb-rlafr: 0
x-fb-debug: 6gTwC0F6/0Av6IIhJPZRcHIdb3k2bfg5767v0WqKCdteRE+OxT3ETIpeY3sfkSWvtyXLkPG6mU/6FXbr8t4q0w==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
expires: Sat, 11 May 2024 15:14:53 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 58F6 507 B
488 B 239ms
154ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
x-fb-rlafr: 0
x-fb-debug: lgXvam8xCccpksCGlBe0rCEcH1lE82Gp+0BBEbq5BYUEylQ4vA6bQO5hf5oYXOfWNA27qn+84x1i4sCr+RRkUw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
expires: Thu, 09 May 2024 23:10:34 GMT

GET
H2 200 Xbuf9IKbHDA.js Show response
static.xx.fbcdn.net/rsrc.php/v3iLNf4/yG/l/de_DE/ Frame 58F6 212 KB
60 KB 239ms
154ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iLNf4/yG/l/de_DE/Xbuf9IKbHDA.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e2fdacf5eada98e8906b52480ec3cc69bf540421217e455eaea98c72eeaafd00

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: flG78h97uajrn0u0tPoveg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 61597
x-fb-rlafr: 0
x-fb-debug: uqyNINT9GWGZ2hVdzP83RUsdpakqWX6rICVU94vOGj0L1xUXmXKF0sbcy9hr5luHBpdngkWlCSyE64fpQII81g==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), magnetometer=()
timing-allow-origin: *
expires: Sat, 11 May 2024 19:53:25 GMT

GET
H2 200 pwiQD2NVju_.js Show response
static.xx.fbcdn.net/rsrc.php/v3iAxA4/y3/l/de_DE/ Frame 58F6 71 KB
21 KB 238ms
153ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/y3/l/de_DE/pwiQD2NVju_.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

43b4ccfacc395dfee2a59b34bb8ed27510994c4702378ca69366be3c74212580

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Kv30Rv81l18caYNmuWtkHA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21306
x-fb-rlafr: 0
x-fb-debug: coOKLJeQBuhQtpFx69F0bhXhHPQPc/uavVDD4D0qjt9DcJU3Bh+nTSvl0J+IpUWghbU9exzNGzJCck1j6wtxmQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
expires: Fri, 10 May 2024 17:05:55 GMT

GET
H2 200 ZJ4f0NI4dCd.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame 58F6 22 KB
7 KB 239ms
154ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/ZJ4f0NI4dCd.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

00cf90a75740d2abf95909398ddcae9e15b37f34ab5d3557164bcfc2be9ee600

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: sZr/U2NfvWiariY1YbDY5g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7320
x-fb-rlafr: 0
x-fb-debug: 6S9SjO70y2k4LNx0PdCOm+IwQROPK2dBVrRStl6okgLw2kFg3WmP4wpy3tepavX+O+PRAHOQ8AgIvrSNKCUs8Q==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
expires: Fri, 10 May 2024 16:11:27 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
352 B 128ms
59ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-58303306-1&cid=1214534747.1683999124&jid=1815177811&gjid=747003130&_gid=838820297.1683999124&_u=YQBCAUAAAAAAACAAI~&z=1857862491

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://citizens.fatguymedia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 13 May 2023 17:32:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://citizens.fatguymedia.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 279744364_306660998317392_7155905702980127056_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame 58F6 21 KB
21 KB 93ms
91ms Image
image/jpeg 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-6/279744364_306660998317392_7155905702980127056_n.jpg?stp=dst-jpg_p130x130&_nc_cat=106&ccb=1-7&_nc_sid=dd9801&_nc_ohc=YC9fvIFJVSUAX80EMW0&_nc_ht=scontent.xx&edm=ADwHzz8EAAAA&oh=00_AfDbszarL9z-4HLV4gTlOy_qrVz0Vyq7W52tnvCftHVD3g&oe=6464AD48
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fcitizensoptionsunlimited&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=2425603877698506
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: f22ec4bdaf27f97dd613773a29d4c180c9f5f57c2ecbc9ceae1fcfd14864bd80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-haystack-needlechecksum: 1264973163
date: Sat, 13 May 2023 17:32:04 GMT
x-fbtype: 30808
content-digest: adler32=1058926430
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21392
x-fb-trip-id: 1679558926
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 03 May 2022 18:33:04 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: mBhoObjtsIwsusNKVD2zI779HOyEnrKtV_dTPSukm6P07ayPJzd-fAiGpuyzp1oqVsmfqZCFqhTrjkJ2-KNQrV5z1HGyFo22SmdpqlB6HUU
x-needle-checksum: 2298031158
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 279891236_306661001650725_3882851931544275640_n.png
scontent.xx.fbcdn.net/v/t39.30808-1/ Frame 58F6 4 KB
5 KB 56ms
55ms Image
image/png 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-1/279891236_306661001650725_3882851931544275640_n.png?stp=cp0_dst-png_p50x50&_nc_cat=101&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=BF0rSwydb_wAX_H01fl&_nc_ht=scontent.xx&edm=ADwHzz8EAAAA&oh=00_AfDvvaCgn3Y0cyKvVV7OPJOO4eYEZeOK8TEJ8-cirlSnkg&oe=6464C5EA
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fcitizensoptionsunlimited&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=2425603877698506
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 86c23ba8fbbbaa3f36f2768dcf7c381f91aa9b11903c147befa0e582c1e15b24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-haystack-needlechecksum: 4269107137
date: Sat, 13 May 2023 17:32:04 GMT
content-digest: adler32=3476522091
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4401
x-fb-trip-id: 1679558926
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 03 May 2022 18:33:04 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: MLjOAwen3jjllCen-oxEsq2kiR593UlRTtPFKZ8cm5tbTqB7hoZiXhMAp45AFQd-_UXb54-ACDlxt6_wSwo40qko8Uw1m2Zz9OdPJS_2Yls
x-needle-checksum: 2812754526
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 buttons-secure.css
ws.sharethis.com/button/css/ 23 KB
4 KB 43ms
42ms Stylesheet
text/css 2600:9000:2440:800:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/button/css/buttons-secure.css

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2440:800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 01:57:08 GMT
content-encoding: gzip
via: 1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 25 Apr 2023 22:05:43 GMT
server: nginx/1.20.1
x-amz-cf-pop: DUS51-P3
age: 56113
etag: W/"64484eb7-5a76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-robots-tag: noindex, nofollow
content-length: 3851
x-amz-cf-id: kK8PXVVEl5woFx0RhKU-fRkSyR4sIuUb6l7VHO0yyVgxOVLXTn5xnQ==

GET
H/1.1 204
No Content pview
l.sharethis.com/ 0
380 B 48ms
47ms Image
text/plain 52.28.99.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: citizens.fatguymedia.com
URL: https://citizens.fatguymedia.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.99.188 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-99-188.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sat, 13 May 2023 17:32:03 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H3 200 hLvypmn2APN.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 58F6 852 B
909 B 166ms
123ms Image
image/png 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/hLvypmn2APN.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y_/l/0,cross/4TPqOkyrvtD.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0caf169e93e0e6987ad792cc2a026fa069b3fa6c9d1e1c1e333432141fa3f2a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/y_/l/0,cross/4TPqOkyrvtD.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:04 GMT
x-content-type-options: nosniff
content-md5: 1KxKoxm3n4ThY8RGVSrDGw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 852
x-fb-rlafr: 0
x-fb-debug: Zjrq+/2uNAUSgQVtmn+a3gESpbt0wRtIDIDR3wvPw4w6dXSPZGAJwnRUhsn0GgI403R2V09L9p8HbpS7vcrEuw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
priority: u=1,i
expires: Sat, 11 May 2024 15:14:55 GMT

GET
H3 200 zEkQ-Lr4eYp.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame 58F6 10 KB
3 KB 41ms
40ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/zEkQ-Lr4eYp.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/sL2I6O8prnM.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e1badd34aa9dc95375d7b705fdb0549bf91bcaf5c788acc6f75d4e56e3b392ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:04 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: bRN/8K98407hrt/Vn86PAA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3516
x-fb-rlafr: 0
x-fb-debug: hQ4WFY3kqtanRs2sPSLxOUgqUcZcOw1orawtVyxBelQwku5pugXk3bQXtmrobjw11D4GxxJNEagHd+/zYK4O/g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
priority: u=1
expires: Thu, 09 May 2024 22:13:35 GMT

GET /
www.facebook.com/platform/plugin/tab/renderer/ Frame 58F6 0
0

POST
H2 200 / Show response
www.facebook.com/platform/plugin/page/logging/ Frame 58F6 927 B
1 KB 66ms
66ms XHR
application/x-javascript 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/page/logging/

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/y3/l/de_DE/pwiQD2NVju_.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3f2c0ff8a063837484eceb810c1d0a3924e799aa29a3e6835585f5d54a46f305

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: feRRwUPU7W1nIEJdUxqVzf
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fcitizensoptionsunlimited&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=2425603877698506
X-ASBD-ID: 198387
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 13 May 2023 17:32:04 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: zuolmBQPu1P18t7UANZlqVorY5oRxc496u2neaK4xhzZRCgE9VenqDqbnkobQN3kReTb8po1l9ZqqBjuxH2bkg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
permissions-policy: accelerometer=(), serial=()
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 58F6 1 KB
1 KB 88ms
87ms Image
image/png 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y_/l/0,cross/4TPqOkyrvtD.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/y_/l/0,cross/4TPqOkyrvtD.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:04 GMT
x-content-type-options: nosniff
content-md5: rB4cTW8WNZcBsFntToJGtA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1315
x-fb-rlafr: 0
x-fb-debug: u9UUTFY1PzwF3SV1pgfWzDleAotCZH3dc1KboDDVIggFn6Ltkf53yaW12zPnbAvmw79SQBT9p+d0TU4a9XHV/A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 09 May 2024 23:10:35 GMT

GET
H3 200 OZcLupMIkEN.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame 58F6 198 B
253 B 41ms
40ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/sL2I6O8prnM.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:04 GMT
x-content-type-options: nosniff
content-md5: gixzAcHA/hBBjzjO9Ez8tQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 198
x-fb-rlafr: 0
x-fb-debug: WpTFNGAqaUjYVuhiadWBxucLOggtip/scALuW6Wd0fez+nLUdvdJM6PZERMXMtgg5NR9UnEsxyHvrnf/E1fNWQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
priority: u=1
expires: Thu, 09 May 2024 19:23:07 GMT

GET
H3 200 /
www.facebook.com/login/ Frame 58F6 0
0 191ms
190ms Document
text/html 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252Fcitizensoptionsunlimited%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId%3D2425603877698506

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/sL2I6O8prnM.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fcitizensoptionsunlimited&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=2425603877698506
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 13 May 2023 17:32:04 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 7KYcBEId0uwFYPkWiff0wkVBpFTL4+12MeDTimj3axXVhVzDlq3J6RZfrHTLuLjQ23EKGdM8rsZ7o2nkJxpZYA==
x-frame-options: DENY
x-xss-protection: 0

GET
H2 200 bbi.min.css
api.blackbaud.com/bbi/v/1.1.0/css/ 783 B
625 B 138ms
137ms Stylesheet
text/css 104.211.26.212
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.blackbaud.com/bbi/v/1.1.0/css/bbi.min.css
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.211.26.212 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d95daa1b799296399bd6a28888a80925b06aae5e4b831c36ca8e744884b3c11f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:04 GMT
content-encoding: gzip
last-modified: Wed, 05 Sep 2018 12:29:07 GMT
server: Microsoft-IIS/10.0
etag: "d11b13a1445d41:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 518

GET
H2 200 bbi-custom.js Show response
citizens.fatguymedia.com/wp-content/themes/citizens-inc-4/assets/js/ 8 KB
3 KB 140ms
140ms Script
application/javascript 35.231.13.148
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citizens.fatguymedia.com/wp-content/themes/citizens-inc-4/assets/js/bbi-custom.js
Requested by: Host: api.blackbaud.com
URL: https://api.blackbaud.com/bbi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.231.13.148 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 148.13.231.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5d77af73583af827ab04773c5e2bf2c910d43dc5edadd1bddc3bb3db8d08af8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizens.fatguymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:32:04 GMT
content-encoding: br
last-modified: Thu, 27 Apr 2023 19:08:53 GMT
server: nginx
etag: W/"644ac845-2098"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 index.html Show response
ws.sharethis.com/secure5x/ Frame 7AF6 14 KB
4 KB 43ms
42ms Document
text/html 2600:9000:2440:800:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/secure5x/index.html

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2440:800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

b2279061ebac73cdeaecaaefee66af641e86f471caf931f8735d516e2fe99d2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://citizens.fatguymedia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42150
content-encoding: gzip
content-length: 4082
content-type: text/html
date: Sat, 13 May 2023 05:49:35 GMT
etag: W/"64484eb7-390f"
last-modified: Tue, 25 Apr 2023 22:05:43 GMT
server: nginx/1.20.1
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
x-amz-cf-id: peqOWVx8N0uQUYZRFFC9EJ6Yf4jYgdhmDyRI-9jz9r-UJmfxnMIRgw==
x-amz-cf-pop: DUS51-P3
x-cache: Hit from cloudfront
x-robots-tag: noindex, nofollow

GET
H2 200 stcommon.1f60705adac788a51a8240cf535237b0.js Show response
ws.sharethis.com/secure5x/js/ Frame 7AF6 16 KB
6 KB 45ms
44ms Script
application/javascript 2600:9000:2440:800:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/secure5x/js/stcommon.1f60705adac788a51a8240cf535237b0.js

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure5x/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2440:800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

2d200d90966b8380a648972d71130785371751cf24bb7398f2854be23afb4a65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ws.sharethis.com/secure5x/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 23:37:49 GMT
content-encoding: gzip
via: 1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: DUS51-P3
age: 6198856
x-cache: Hit from cloudfront
content-length: 5630
server: nginx/1.20.1
etag: W/"64012824-40f6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: oTeRnEnz3xmmLSCBPMPb88imBoqCFa8vhwTqCOXpqULKIM7YPJQJzQ==
expires: Fri, 01 Mar 2024 23:37:49 GMT

GET
H2 200 st.0d03e446fc518dd64d81c8de5fc4e527.js Show response
ws.sharethis.com/secure5x/js/ Frame 7AF6 223 KB
52 KB 52ms
52ms Script
application/javascript 2600:9000:2440:800:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/secure5x/js/st.0d03e446fc518dd64d81c8de5fc4e527.js

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure5x/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2440:800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

d9194d1286b943ebc63fe525be0bda886429c2344d4b69316d060e2cad5cee53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ws.sharethis.com/secure5x/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 05:15:16 GMT
content-encoding: gzip
via: 1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx/1.20.1
x-amz-cf-pop: DUS51-P3
age: 1513009
etag: W/"64484eb7-37cde"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: _l6lVx1MOXWtL0x3uZSpalId-3nvisVB8iCnDO6UslqpVE498X48ig==
expires: Thu, 25 Apr 2024 05:15:16 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.facebook.com
URL: https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%222425603877698506%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2Fcitizensoptionsunlimited%22%2C%22width%22%3A340%2C%22height%22%3A500%2C%22has_cta%22%3Afalse%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Fcitizens.fatguymedia.com%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__req=1&__hs=19490.BP%3Aplugin_default_pkg.2.0..0.0&dpr=1&__ccg=EXCELLENT&__rev=1007492079&__s=%3A%3A1v28t1&__hsi=7232721160822041779&__dyn=7wKxa13wt8K2WmhwRwqo98nwgU6C7UW3q320-E7W0TUhwem0nCq1ewcG0KE4C1Vwooa81VohwnU1oU1O81u83mwaS0zE5W0PU1AE17U2ZwrU19E36w&__csr=&__sp=1

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.citizens.fatguymedia.com/	1970-01-20 21:22:39	Name: __utma Value: 176321079.1214534747.1683999124.1683999124.1683999124.1
.citizens.fatguymedia.com/	1969-12-31 23:59:59	Name: __utmc Value: 176321079
.citizens.fatguymedia.com/	1970-01-20 16:09:27	Name: __utmz Value: 176321079.1683999124.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.citizens.fatguymedia.com/	1970-01-20 11:46:39	Name: __utmt Value: 1
.citizens.fatguymedia.com/	1970-01-20 11:46:40	Name: __utmb Value: 176321079.1.10.1683999124
.fatguymedia.com/	1970-01-20 21:22:39	Name: _ga Value: GA1.2.1214534747.1683999124
.fatguymedia.com/	1970-01-20 11:48:05	Name: _gid Value: GA1.2.838820297.1683999124
.fatguymedia.com/	1970-01-20 11:46:39	Name: _gat_gtag_UA_58303306_1 Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://citizens.fatguymedia.com/(Line 631) Message: Unrecognized feature: 'web-share'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.blackbaud.com
cdn.jsdelivr.net
citizens.fatguymedia.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
l.sharethis.com
maxcdn.bootstrapcdn.com
scontent.xx.fbcdn.net
ssl.google-analytics.com
static.xx.fbcdn.net
stats.g.doubleclick.net
ws.sharethis.com
www.citizens-inc.org
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.facebook.com
104.211.26.212
2600:9000:2440:800:3:c04e:c780:93a1
2606:4700::6812:acf
2a00:1450:4001:801::200a
2a00:1450:4001:80b::200a
2a00:1450:4001:812::200e
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c00::9d
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:200::485
35.231.13.148
40.79.69.53
52.28.99.188
00cf90a75740d2abf95909398ddcae9e15b37f34ab5d3557164bcfc2be9ee600
07d4e6b5e4d275101e80f49c56004b651bb1eae7c4121d55edaf222562c30c56
0caf169e93e0e6987ad792cc2a026fa069b3fa6c9d1e1c1e333432141fa3f2a9
0f7ec03c2ebef8624cef367f7cef3451b18dd1c4349d0ec37c8239941321daa1
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
16062c01c882842415052af180877e76054a9baed06841e3e936ea0c7beef07b
1d4276a261d6721772d9470ccaef987f04054a0c9330e4a54d747deaf3b7a6d5
1e8b9fdb265782d5a8a6232890366b91d5348a1cff70a5eb8342fcda95de6397
1f8e22239135a453a36a74b154a42d357ba2bca8f77c0ae80f94998e6fca800d
23eb134e746f1e5c265c5d33d045af48c444617adaa281fb993d6070bdc04c9f
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
26712da1f56b8cdd32a5d0c2bd8fd35a71451d41ec3c4984ff157b8f669c8f8e
28a0006d2838bc86a36588aaa80c162ba5a119a8b96862f8fab569f7c7d0e62a
2a144734d359d5924c7557f6c61c4094a88434d09041ec6426b1d32f9348f3e4
2d200d90966b8380a648972d71130785371751cf24bb7398f2854be23afb4a65
2d9dd3f8394f55332bfe92ba7588c11d11cafc633014f6b5f73b6e53909c1e4d
31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb
350843ff24cda75d24e00f64ac054a4dbbdf38add6951f06d2b69f3d751a1cbf
3564808aa607797c605a90d541828984eb027b3036956492d96f3c7482e1b413
38bdaa6ffa7c071fd9af7eb4fc6e34125cbac8965ad71fb0e93a0d2140dd2842
3d0ad39da4b97698ffebd5d583a5f8af1198104fc4570fc254d3f5f1c1355376
3f2c0ff8a063837484eceb810c1d0a3924e799aa29a3e6835585f5d54a46f305
429543fbeb10a0c6e807e0f40fda54a038e9e1c9bffad16e360753f87667d380
43b4ccfacc395dfee2a59b34bb8ed27510994c4702378ca69366be3c74212580
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
4793a27348526aa6ae635c6eaac52c87c51275e4687f45e394ce9266a2bd85d7
4cebc1c21b653a97591bbd5e9ac931c7e09b532e6482ae9f7460b92e76fc60ae
4ed284b48a93f07dd4867b1cd655ea3ef206702a9b61a73e4752b695e7634f34
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
55e4415c728f0d397ff3e35e6e7b7b0521a12efec1c12930d7f74f98f3b143e3
59d9969357bde7b6296b4b8fee526848c347ad8e0fc5e650046d282d5ef26e70
5d77af73583af827ab04773c5e2bf2c910d43dc5edadd1bddc3bb3db8d08af8c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c9e9bd4e992b05389236894daba31e34cc03e95c1dcb18fdb229087df1606c6
6f2746582450822170abd7a56d3132445f1e68087f64885d6be948e75a6ff99c
76d71e3d521b290dcb2d335f4fddf74b71cfcaab7770b855f5e381e271819958
772aed2cf700b617330eaacbdbd55ae8e1ef89a8747d2880f095c65d843ee02e
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86c23ba8fbbbaa3f36f2768dcf7c381f91aa9b11903c147befa0e582c1e15b24
8d956e0e956aa5ffc054fe4edd1767a862a1653943f59000539f63b792d65d15
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
969c2e3a4e66e082a553a9703454c46da2e5c1465710896e70aae9af12882050
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
a5dd117eeb441594968e0e44a98ea21e03e9c5778233b43df994909442d18833
a7f08de46e313d4536662b5ca9df9fb5b87c7ebf826cea4dab69a402aea4ea35
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ac61074a9466be1c1b7bd895a7cf52a996905d8898ebdb3b63c225b5d5503fa1
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
b2279061ebac73cdeaecaaefee66af641e86f471caf931f8735d516e2fe99d2e
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b3ad2deeb0ecfc78350839b666a3ab1a00107ba099f0304de0ba395e4250ec96
b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732
b65a699fc7a6acee08176d7b52bb659c0192b0960f4b9d0175a2f2aef7c01c20
c776eeb886a53d0037dc5e54f5c25c0a467b8b4a5bfaa8d3493280de33f2494a
cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b
cc98fc35a417265e63d33c86a0afef462dc49c98f97ca56fc73dcb233b9ea979
d8be3a402a3b2ad808402cea111ba3d286239d88e06c8e2969c84f46050dc88a
d8bebbe9f66d5a2f425a5bdc0be58b700e9046e28425818b4bcf4b3cc0bbbfcb
d9194d1286b943ebc63fe525be0bda886429c2344d4b69316d060e2cad5cee53
d955ca519d32f7b037f23905ab270a1560af8be3856e6070b86cfa8c4ec6001b
d95daa1b799296399bd6a28888a80925b06aae5e4b831c36ca8e744884b3c11f
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1badd34aa9dc95375d7b705fdb0549bf91bcaf5c788acc6f75d4e56e3b392ed
e2fdacf5eada98e8906b52480ec3cc69bf540421217e455eaea98c72eeaafd00
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5bb363b29bd9b52686241ba7157cfb7389dcf2c10a2e8c33eb901240bc43cdc
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
edc393071c278d3950f6154fb6f022d01a4676d4b5f849ebbf3d88f5d7b6af35
ee034a6cfa166960dac8b3faed99d2f0393468053f3e32d1c80c677d549f38a5
f22ec4bdaf27f97dd613773a29d4c180c9f5f57c2ecbc9ceae1fcfd14864bd80
fcf91e02479e4311ff920d2ce83acd948399c1544980a1dca280594332b5d7b0

citizens.fatguymedia.com Open in urlscan Pro 35.231.13.148 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

77 Requests

96 %HTTPS

75 %IPv6

14 Domains

18 Subdomains

17 IPs

3 Countries

1130 kBTransfer

3569 kBSize

8 Cookies

14 Outgoing links

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

citizens.fatguymedia.com Open in urlscan Pro
35.231.13.148 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

96 %
HTTPS

75 %
IPv6

14
Domains

18
Subdomains

17
IPs

3
Countries

1130 kB
Transfer

3569 kB
Size

8
Cookies

77 HTTP transactions
0 data transactions